[2518] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

cookies and IETF draft

daemon@ATHENA.MIT.EDU (Tom Cooper )
Wed Jul 24 00:27:45 1996

Date: Tue, 23 Jul 1996 17:08:22 -0700
From: tcooper@ix.netcom.com (Tom Cooper )
To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu

---- Begin Forwarded Message
I would highly recommend reading the IETF draft on cookies. See
especially, section 7 on privacy and section 8 on security. Section 8
also includes discussion on denial of service attacks and cookie
spoofing.

The URL is:
ftp://ds.internic.net/internet-drafts/draft-ietf-http-state-mgmt-03.txt

After reading the draft, I am more convinced than ever that there are
significant privacy/security concerns here. Of course it is certainly
more in the privacy domain than the security domain, if there really is
such a distinction.

Tom Cooper

------------------------------------------
Tom Cooper          alchemist@launchpad.com
"surf free or die"  http://www.launchpad.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2518] in WWW Security List Archive

cookies and IETF draft

daemon@ATHENA.MIT.EDU (Tom Cooper )Wed Jul 24 00:27:45 1996

daemon@ATHENA.MIT.EDU (Tom Cooper )
Wed Jul 24 00:27:45 1996