%% You should probably cite rfc6265 instead of this I-D. @techreport{ietf-httpstate-cookie-23, number = {draft-ietf-httpstate-cookie-23}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-httpstate-cookie/23/}, author = {Adam Barth}, title = {{HTTP State Management Mechanism}}, pagetotal = 37, year = 2011, month = mar, day = 1, abstract = {This document defines the HTTP Cookie and Set-Cookie header fields. These header fields can be used by HTTP servers to store state (called cookies) at HTTP user agents, letting the servers maintain a stateful session over the mostly stateless HTTP protocol. Although cookies have many historical infelicities that degrade their security and privacy, the Cookie and Set-Cookie header fields are widely used on the Internet. This document obsoletes RFC 2965. {[}STANDARDS-TRACK{]}}, }