%% You should probably cite draft-ietf-httpbis-rfc6265bis-13 instead of this revision. @techreport{ietf-httpbis-rfc6265bis-01, number = {draft-ietf-httpbis-rfc6265bis-01}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-httpbis-rfc6265bis/01/}, author = {Adam Barth and Mike West}, title = {{HTTP State Management Mechanism}}, pagetotal = 40, year = 2017, month = apr, day = 25, abstract = {This document defines the HTTP Cookie and Set-Cookie header fields. These header fields can be used by HTTP servers to store state (called cookies) at HTTP user agents, letting the servers maintain a stateful session over the mostly stateless HTTP protocol. Although cookies have many historical infelicities that degrade their security and privacy, the Cookie and Set-Cookie header fields are widely used on the Internet. This document obsoletes RFC 2965.}, }