making progress on cookies
Dave Kristol (dmk@research.bell-labs.com)
Fri, 10 Oct 97 16:44:14 EDT
Things have been very quiet on the cookie front. I have been busy with
other projects, but I am now able to return to the fray.
At issue is how to make progress on a successor to RFC 2109. One
proposal is to split draft-ietf-http-state-man-mec-03 into two pieces:
1) a description of the wire protocol; and
2) a description of the privacy considerations of cookies.
The second document would comprise approximately these sections of
state-man-mec-03:
- 4.3.5 Sending Cookies in Unverifiable Transactions
- 7 Privacy
The groundrules would be that each of the two documents could/should be
discussed separately, but that the IESG would not allow either to
become an RFC until agreement had been reached on both.
I'm soliciting discussion of this approach before I invest the time
to split the document in two. What do you think of this approach?
Dave Kristol