[Previous] [Next] [Index]
[Thread]
Cookies and IETF draft
I would highly recommend reading the IETF draft on cookies. See
especially, section 7 on privacy and section 8 on security. Section 8
also includes discussion on denial of service attacks and cookie
spoofing.
The URL is:
ftp://ds.internic.net/internet-drafts/draft-ietf-http-state-mgmt-03.txt
After reading the draft, I am more convinced than ever that there are
significant privacy/security concerns here. Of course it is certainly
more in the privacy domain than the security domain, if there really is
such a distinction.
Tom Cooper
------------------------------------------
Tom Cooper alchemist@launchpad.com
"surf free or die" http://www.launchpad.com