draft-ietf-httpbis-cookie-alone-01.txt   draft-ietf-httpbis-cookie-alone-latest.txt 
HTTP Working Group M. West HTTP Working Group M. West
Internet-Draft Google, Inc Internet-Draft Google, Inc
Updates: 6265 (if approved) beste partnersuche kostenlos deutschland September 5, 2016 Updates: 6265 (if approved) beste partnersuche kostenlos dresden October 1, 2017
Intended status: Standards Track Intended status: Standards Track
Expires: which dating site is best for me March 9, 2017 Expires: which online dating site is right for me April 4, 2018
Deprecate modification of 'secure' cookies from non-secure origins Deprecate modification of 'secure' cookies from non-secure origins
which online dating site is right for me uk draft-ietf-httpbis-cookie-alone-01 which dating site is best for me quiz draft-ietf-httpbis-cookie-alone-latest
Abstract Abstract
This document updates RFC6265 by removing the ability for a non- This document updates RFC6265 by removing the ability for a non-
secure origin to set cookies with a 'secure' flag, and to overwrite secure origin to set cookies with a 'secure' flag, and to overwrite
cookies whose 'secure' flag is set. This deprecation improves the cookies whose 'secure' flag is set. This deprecation improves the
isolation between HTTP and HTTPS origins, and reduces the risk of isolation between HTTP and HTTPS origins, and reduces the risk of
malicious interference. malicious interference.
Note to Readers Note to Readers
Discussion of this draft takes place on the HTTP working group Discussion of this draft takes place on the HTTP working group
mailing list ([email protected]), which is archived at mailing list ([email protected]), which is archived at
https://lists.w3.org/Archives/Public/ietf-http-wg/. https://lists.w3.org/Archives/Public/ietf-http-wg/which dating site is right for me [1].
Working Group information can be found at www partnersuche 50plus de http://httpwg.github.io/; Working Group information can be found at best online dating about me http://httpwg.github.io/
source code and issues list for this draft can be found at online dating about me profile [2]; source code and issues list for this draft can be found at
online dating about me template https://github.com/httpwg/http-extensions/labels/cookie-alone. online dating mehrere kontakte https://github.com/httpwg/http-extensions/labels/cookie-alone [3].
Status of online dating about me generator this Memo Status of online dating about me tips This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at httprussische kontaktbörse kostenlos s://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on avacs live chat 2.2.1 for android March 9, 2017. This Internet-Draft will expire on avacs live chat android 2.2.0 April 4, 2018.
Copyright Notice Copyright Notice
Copyright (c) 201online dating chatting sites 6 IETF Trust and the persons identified as the Copyright (c) 201internet dating chat sites 7 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (httpkontaktbörse kostenlos youtube s://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . partnersuche für junge leute rabatt . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . which online dating site uk 2
2. Terminology and notation . . . . . . . . . . . . . . . . . . which dating site is best uk . 3 2. Terminology and notation . . . . . . . . . . . . . . . . . . 3
3. Recommendations . . . . . . . . . . . . . . . . . . . . . . . speed dating berlin neukölln . 3 3. Recommendations . . . . . . . . . . . . . . . . . . . . . . . 3
4. Security Considerations . . . . . . . . . . . . . . . . . . . partnersuche 50plus zeitschrift . 4 4. Security Considerations . . . . . . . . . . . . . . . . . . . 4
5. References . . . . . . . . . . . . . . . . . . . . . . . . . partnervermittlung niederlande argentinien . 5 5. References . . . . . . . . . . . . . . . . . . . . . . . . . kontaktbörse für männer kostenlos 4
5.1. Normative References . . . . . . . . . . . . . . . . . . online dating site that work . 5 5.1. Normative References . . . . . . . . . . . . . . . . . . speed dating berlin erfahrungen 4
5.2. Informative References . . . . . . . . . . . . . . . . . . 5 5.2. Informative References . . . . . . . . . . . . . . . . . chat für foren kostenlos 5
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . schweizer single frauen zürich . 6 schweizer single frauen zwickau 5.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . beste partnersuche kostenlos münchen . 6 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 6
B.1. Since -00 . . . . . . . . . . . . . . . . . . . . . . . . partnersuche oesterreich ungarn . 6 Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . 6
Author's Address partnersuche für junge leute xl . . . . . . . . . . . . . . . . . . . . . . . . . 6 B.1. Since -00 . . . . . . . . . . . . . . . . . . . . . . . . 6
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction 1. Introduction
Section 8.5 and Section 8.6 of [RFC6265] spell out some of the Section 8.5 and Section 8.6 of [RFC6265] spell out some of the
drawbacks of cookies' implementation: due to historical accident, drawbacks of cookies' implementation: due to historical accident,
non-secure origins can set cookies which will be delivered to secure non-secure origins can set cookies which will be delivered to secure
origins in a manner indistinguishable from cookies set by that origin origins in a manner indistinguishable from cookies set by that origin
itself. This enables a number of attacks, which have been recently itself. This enables a number of attacks, which have been recently
spelled out in some detail in [COOKIE-INTEGRITY]. spelled out in some detail in [COOKIE-INTEGRITY].
skipping to change at page 5, line 14beste partnersuche kostenlos xp ¶ skipping to change at page 5, line 6beste partnersuche kostenlos test ¶
The proposal in [COOKIE-PREFIXES] could mitigate this risk, as could The proposal in [COOKIE-PREFIXES] could mitigate this risk, as could
"preloading" HSTS for "example.com" into the user agent "preloading" HSTS for "example.com" into the user agent
[HSTS-PRELOADING]. [HSTS-PRELOADING].
5. References 5. References
5.1. Normative References 5.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, DOI partnersuche für junge leute nachweis 10.17487/ Requirement Levels", BCP 14, RFC 2119,
partnersuche 50plus gescheitert RFC2119, March 1997, DOI partnersuche 50plus garbsen 10.17487/RFC2119, March 1997,
partnersuche sternzeichen jungfrau <http://www.rfc-editor.org/info/rfc2119>. partnersuche für junge leute zürich <https://www.rfc-editor.org/info/rfc2119>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, DOI 10.17487/RFC3986, January 2005, RFC 3986, DOI 10.17487/RFC3986, January 2005,
<http://www.rfc-editor.org/info/rfc3986>. <httppartnersuche 50plus liechtenstein s://www.rfc-editor.org/info/rfc3986>.
[RFC6265] Barth, A., "HTTP State Management Mechanism", RFC 6265, [RFC6265] Barth, A., "HTTP State Management Mechanism", RFC 6265,
DOI 10.17487/RFC6265, April 2011, DOI 10.17487/RFC6265, April 2011,
<http://www.rfc-editor.org/info/rfc6265>. <httppartnersuche 50plus leipzig s://www.rfc-editor.org/info/rfc6265>.
5.2. Informative References 5.2. Informative References
[COOKIE-INTEGRITY] [COOKIE-INTEGRITY]
Zheng, X., Jiang, J., Liang, J., Duan, H., Chen, S., Wan, Zheng, X., Jiang, J., Liang, J., Duan, H., Chen, S., Wan,
T., and N. Weaver, "Cookies Lack Integrity: Real-World T., and N. Weaver, "Cookies Lack Integrity: Real-World
Implications", August 2015, cp christliche partnervermittlung <https://www.usenix.org/ Implications", August 2015,
deutschland partnersuche deutschland conference/usenixsecurity15/technical-sessions/ partnersuche für junge leute dsl <https://www.usenix.org/conference/usenixsecurity15/
partnersuche für junge leute deutschland presentation/zheng>. partnersuche für junge leute tarif technical-sessions/presentation/zheng>.
[COOKIE-PREFIXES] [COOKIE-PREFIXES]
West, M., "Cookie Prefixes", 2016, partnersuche für junge leute camping <https:// West, M., "Cookie Prefixes", 2016,
partnersuche für junge leute chat tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes>. partnersuche für junge leute youtube <https://tools.ietf.org/html/
partnervermittlung helga forum draft-ietf-httpbis-cookie-prefixes>.
[HSTS-PRELOADING] [HSTS-PRELOADING]
"HSTS Preload Submission", n.d., "HSTS Preload Submission", n.d.,
<https://hstspreload.appspot.com/>. <https://hstspreload.appspot.com/>.
[RFC6797] Hodges, J., Jackson, C., and A. Barth, "HTTP Strict [RFC6797] Hodges, J., Jackson, C., and A. Barth, "HTTP Strict
Transport Security (HSTS)", RFC 6797, DOI yahoo chat online without messenger 10.17487/ Transport Security (HSTS)", RFC 6797,
deutschland partnersuche wien RFC6797, November 2012, DOI beste partnersuche kostenlos finya 10.17487/RFC6797, November 2012,
partnersuche ukraine deutsch youtube <http://www.rfc-editor.org/info/rfc6797>. partnersuche ukraine deutsch umstellen <https://www.rfc-editor.org/info/rfc6797>.
kleinanzeigen partnersuche österreich
partnersuche österreich kostenlos 5.3. URIs
online dating nigeria abuja
online dating lagos nigeria [1] https://lists.w3.org/Archives/Public/ietf-http-wg/
partnersuche für junge leute heute
partnersuche sternzeichen zwilling [2] http://httpwg.github.io/
partnersuche sternzeichen oktober
sternzeichen für partnersuche [3] https://github.com/httpwg/http-extensions/labels/cookie-alone
Appendix A. Acknowledgements Appendix A. Acknowledgements
Richard Barnes encouraged a formalization of the deprecation Richard Barnes encouraged a formalization of the deprecation
proposal. [COOKIE-INTEGRITY] was a useful exploration of the issues proposal. [COOKIE-INTEGRITY] was a useful exploration of the issues
[RFC6265] described. [RFC6265] described.
Appendix B. Changes Appendix B. Changes
B.1. Since -00 B.1. Since -00
 End of changes. 17 change blocks. 
about me section online dating 36 lines changed or deletedsample about me section online dating best about me online dating profiles 46 lines changed or added

This html diff was produced by rfcdiff 1.44jr. The latest version is available from speed dating in berlin