A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Deprecate modification of 'secure' cookies from non-secure origins
Author : Mike West
Filename : draft-west-leave-secure-cookies-alone-00.txt
Pages : 4
Date : 2015-10-06
Abstract:
This document updates RFC6265 by removing the ability for a non-
secure origin to set cookies with a 'secure' flag, and to overwrite
cookies whose 'secure' flag is set. This deprecation improves the
isolation between HTTP and HTTPS origins, and reduces the risk of
malicious interference.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-west-leave-secure-cookies-alone/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-west-leave-secure-cookies-alone-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
