[WEB SECURITY] 'HTTP State Management Mechanism' to Proposed Standard

Bil Corry bil at corry.biz
Mon Mar 7 23:46:41 EST 2011


It's been a long haul, but cookies will soon have an official specification that matches the real world:

	http://www.thesecuritypractice.com/the_security_practice/2011/03/http-state-management-mechanism-to-proposed-standard.html

The second phase for the httpstate Working Group is to engineer a new HTTP state mechanism that improves security -- Adam Barth has already put forward his proposal for "cake":

	http://www.ietf.org/id/draft-abarth-cake-01.txt

Discussion takes place here:

	https://www.ietf.org/mailman/listinfo/http-state


- Bil




More information about the websecurity mailing list