A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : SCS: Secure Cookie Sessions for HTTP
Author(s) : S. Barbato, et al.
Filename : draft-secure-cookie-session-protocol-00.txt
Pages : 17
Date : 2011-02-21
This document provides an overview of SCS, a cryptographic protocol
layered on top of the HTTP cookie facility, that allows an origin
server to handle session state without storing it locally.
Its typical use cases include devices with little or no storage
offering some functionality via an HTTP interface, and web
applications with High Availability or load balancing requirements
which may want to handle application state without the need to
synchronize the pool through shared storage or peering.
Nevertheless, its security properties allow it to be used whenever
privacy and integrity of cookies is a concern, at the cost of
increased server CPU and bandwidth usage, and of some "credential-
ownership" implications which will be thoroughly analysed.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-secure-cookie-session-protocol-00.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-secure-cookie-session-protocol-00.txt>
-
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
