This is sorta old news at this point, the publication was announced on 27 April 2011. Bil Corry and I wrote about the spec in early March (acknowledging the many contributors) when it was approved as ‘proposed standard’ and en-queued to the RFC Editor, and others have written about it (in detail) now that the RFC is actually published, so I’ll just point to ’em here…

Daniel Stenberg – The cookie RFC 6265 (english)
http://daniel.haxx.se/blog/2011/04/28/the-cookie-rfc-6265/

St̩phane Bortzmeyer РRFC 6265: HTTP State Management Mechanism (french)
http://www.bortzmeyer.org/6265.html

Joachim Str̦mbergson РCookie-RFCn 6265 (swedish)
http://secworks.se/2011/04/cookie-rfcn-6265/

It feels good to get that out the door!

This entry was posted on Friday, May 6th, 2011 at 11:33 am and is filed under IETF, Protocols, Security, Web Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.