fyi: 'HTTP State Management Mechanism' to Proposed Standard

Of possible interest (2 forwarded messages below)...

=JeffH
IETF HTTP State WG Chair
PayPal Information Risk Management

------- Forwarded Messages

Date:    Thu, 03 Mar 2011 07:16:00 -0800
From:    The IESG <iesg-secretary@ietf.org>
To:      IETF-Announce <ietf-announce@ietf.org>
cc:      httpstate mailing list <http-state@ietf.org>,
	 Internet Architecture Board <iab@iab.org>,
	 httpstate chair <httpstate-chairs@tools.ietf.org>,
	 RFC Editor <rfc-editor@rfc-editor.org>
Subject: [http-state] Protocol Action: 'HTTP State Management Mechanism' to Pro
	  posed Standard (draft-ietf-httpstate-cookie-23.txt)

The IESG has approved the following document:

   'HTTP State Management Mechanism'
   (draft-ietf-httpstate-cookie-23.txt) as a Proposed Standard


This document is the product of the HTTP State Management Mechanism
Working Group.

The IESG contact persons are Peter Saint-Andre and Alexey Melnikov.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-httpstate-cookie/


Technical Summary

    This document defines the HTTP Cookie and Set-Cookie
    header fields. These header fields can be used by HTTP
    servers to store state (called cookies) at HTTP user agents,
    letting the servers maintain a stateful session over the mostly
    stateless HTTP protocol.  Although cookies have many historical
    infelicities that degrade their security and privacy, the Cookie and
    Set-Cookie header fields are widely used on the Internet.

    This document obsoletes RFC 2965.
    [ And requests RFC 2109 to be moved to Historic status ]

Working Group Summary

    There is strong consensus in the working group to publish this
    document. Among those currently active in the working group there
    is a wide consensus behind the document. No objections have been
    raised regarding this version of the document.

Document Quality

    This document defines the HTTP Cookie and Set-Cookie HTTP
    header fields as they are presently utilized on the Internet. As a
    result, there are already many implementations of this specification.
    The author has coordinated with significant browser developers to
    help ensure that their implementations are consistent with the
    specification. The document has undergone extensive review, and
    the Document Shepherd and the Responsible Area Director have
    no concerns with this document.

Personnel

    The Document Shepherd is Jeff Hodges.  The Responsible Area
    Director is Peter Saint-Andre.
_______________________________________________
http-state mailing list
http-state@ietf.org
https://www.ietf.org/mailman/listinfo/http-state

------- Message 2

Date:    Thu, 03 Mar 2011 10:20:07 -0800
From:    =JeffH <Jeff.Hodges@KingsMountain.com>
To:      IETF HTTP State WG <http-state@ietf.org>,
	 Internet Architecture Board <iab@iab.org>
cc:      httpstate chair <httpstate-chairs@tools.ietf.org>
Subject: Re: [http-state] 'HTTP State Management Mechanism' to Proposed Standar
	  d

This is great news!

  > Personnel
  >
  >    The Document Shepherd is Jeff Hodges.  The Responsible Area
  >    Director is Peter Saint-Andre.

But the person who did the vast majority of the work, and who's idea it was to
tackle this in the first place, is _Adam Barth_, who deserves an outsized chunk

of the credit. Thanks for hanging in there and making this happen Adam.
Additionally, Peter Saint-Andre's expert navigation of the IETF document and
IESG processes was an instrumental contribution. Thanks Peter.

I also thank the broad array of participants in the working group, both online
and in person at our sessions at IETF meetings -- your contributions were
critical to crafting a high-quality spec and navigating the approval process.
THANKS.

This spec is a milestone in that HTTP "cookie" syntax and behavior has been
effectively a matter of undocumented folklore all these years. Getting this
finally explicitly documented will be a key underlying piece of moving "the
Web", and the wider Internet its built upon, on towards its next stage(s).

thanks again,

=JeffH
IETF HTTP State WG Chair
PayPal Information Risk Management


_______________________________________________
http-state mailing list
http-state@ietf.org
https://www.ietf.org/mailman/listinfo/http-state

------- End of Forwarded Messages

Received on Thursday, 3 March 2011 18:31:26 UTC