[2516] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Cookies and IETF draft

daemon@ATHENA.MIT.EDU (Tom Cooper)
Tue Jul 23 19:21:26 1996

Date: Tue, 23 Jul 1996 15:16:53 -0700
From: Tom Cooper <tomcooper@acm.org>
To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu

I would highly recommend reading the IETF draft on cookies. See
especially, section 7 on privacy and section 8 on security. Section 8
also includes discussion on denial of service attacks and cookie
spoofing.

The URL is:
ftp://ds.internic.net/internet-drafts/draft-ietf-http-state-mgmt-03.txt

After reading the draft, I am more convinced than ever that there are
significant privacy/security concerns here. Of course it is certainly
more in the privacy domain than the security domain, if there really is
such a distinction.

Tom Cooper

------------------------------------------
Tom Cooper          alchemist@launchpad.com
"surf free or die"  http://www.launchpad.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2516] in WWW Security List Archive

Cookies and IETF draft

daemon@ATHENA.MIT.EDU (Tom Cooper)Tue Jul 23 19:21:26 1996

daemon@ATHENA.MIT.EDU (Tom Cooper)
Tue Jul 23 19:21:26 1996