Cookies and IETF draft

• To: www-security@ns2.rutgers.edu
• Subject: Cookies and IETF draft
• From: Tom Cooper <tomcooper@acm.org>
• Date: Tue, 23 Jul 1996 15:16:53 -0700

I would highly recommend reading the IETF draft on cookies. See
especially, section 7 on privacy and section 8 on security. Section 8
also includes discussion on denial of service attacks and cookie
spoofing.

The URL is:
ftp://ds.internic.net/internet-drafts/draft-ietf-http-state-mgmt-03.txt

After reading the draft, I am more convinced than ever that there are
significant privacy/security concerns here. Of course it is certainly
more in the privacy domain than the security domain, if there really is
such a distinction.

Tom Cooper

------------------------------------------
Tom Cooper          alchemist@launchpad.com
"surf free or die"  http://www.launchpad.com

• Previous: (no subject)
• Next: unsubcribe
• Index(es):
  • Index
  • Thread