[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

lynx-dev address@hidden: [RRE]IETF issues RFC on cookies]

From: Fiber McGee
Subject: lynx-dev address@hidden: [RRE]IETF issues RFC on cookies]
Date: Sat, 28 Oct 2000 13:59:04 -0500

The message below from David Combs
<address@hidden> was forwarded
by the list moderator.

(1) Interesting history on (politics of) cookies.

(2) This "RRE" ("red rock eater") (phil agre (ucla cs))
   is one neat list to join -- he forwards and
   also writes some very interesting stuff.

Here, from my bookmarks file, are links to him and his archives;
browse the archives to see what he's got:

<LI><a href="";>/pub/R/doc/mail-archives directory: for "R"</a> <LI><a href="";>Phil Agre's Home Page ([RRE])</a> <LI><a href="";> eGroups : rre ARCHIVE FOR [RRE} red rock ... phil agre</a> <LI><a href="";>Red Rock Eater Digest @ The Commons (ANOTHER [rre] archive of red rock eater, phil agre)</a>

Note especially the diamonds located within his
 many "NOTES AND RECOMMENDATIONS" files -- obviously, you have
 to whip through them to see what's inside.

 (at the bottom he usually has a page or two of interesting

Thus guy, phil agre, is a cs prof at ucla.


----- Forwarded message from Phil Agre <address@hidden> -----

Subject: [RRE]IETF issues RFC on cookies
Date: Sat, 21 Oct 2000 19:21:58 -0700
From: Phil Agre <address@hidden>
To: "Red Rock Eater News Service" <address@hidden>
X-Authentication-Warning: pagre set sender to
 address@hidden using -f
Precedence: Bulk
List-Software: LetterRip Pro 3.0.7 by Fog City Software, Inc.
List-Subscribe: <mailto:address@hidden>
List-Unsubscribe: <mailto:address@hidden>

[Heavily reformatted.]

This message was forwarded through the Red Rock Eater News Service (RRE).
You are welcome to send the message along to others but please do not use
the "redirect" option.  For information about RRE, including instructions
for (un)subscribing, see

Date: Sun, 22 Oct 2000 12:35:27 +1100
From: Roger Clarke <address@hidden>
Subject: IETF issues RFC on cookies

I've revised the last part of my Cookies page (which has by now
accumulated 50-60,000 hits), in order to reflect the vital new RFCs
that have just been released.  See:

Cookies were an innovation of Netscape's sometime in 1995.  They were
apparently supported by Netscape Navigator 1.0 (but nobody realised),
but began to be used when Netscape 2.0 was released, even though they
weren't formally documented.  In short, an intrusive enhancement to
the web was slipped in surreptitiously.

Most of us who were active in Internet and web policy matters
only became aware of the existence of cookies in mid-February 1996.
Public concerns rose rapidly, for the very good reasons outlined in
this document.  Shortly afterwards, in February 1997, a more general
mechanism to support state-maintenance was proposed as
  RFC 2109 'HTTP State Management Mechanism'
  (by Dave Kristol of Bell Labs and Lou Montulli, then of Netscape).

Dave had to fight a long, slow battle to get the need for a
responsible cookie-architecture onto IETF's agenda.  Despite my
raising it directly with Tim Berners-Lee, W3C avoided the matter
entirely, reflecting the increasing constraints on its freedom
of action arising from it desire to avoid upsetting its corporate

At last, Dave's efforts paid dividends.  The revised document was
published in early October 2000, as
  RFC2965 'HTTP State Management Mechanism'
  (25 pp., by Dave Kristol, Bell Labs and Lou Montulli, now

********                                                       *******
* It's now up to all of us to put pressure on IETF and W3C to adopt  *
* the formal proposal;  and on all web-server and web-browser        *
* providers to implement cookies in the responsible manner proposed. *
********                                                       *******

In addition, the concerns about the existing cookie mechanism were
addressed in
  RFC2964 'Use of HTTP State Management'
  (7 pp., by K. Moore, University of Tennessee and N. Freed, Innosoft).

I've not yet assessed those RFCs against the consumer requirements
laid out in this document; but it was developed with many of the
problems in mind.  I hope to get an assessment up in this location
some time soon.

Roger Clarke    

Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                Tel: +61 2 6288 1472, and 6288 6916

Visiting Fellow                       Department of Computer Science
The Australian National University     Canberra  ACT  0200 AUSTRALIA
Information Sciences Building Room 211       Tel:  +61  2  6249 3666

----- End forwarded message -----

; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]