Skip to main content

Expiring Aggressively Those HTTP Cookies

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Martin Thomson , Chris Peterson
Last updated 2016-11-27 (Latest revision 2016-05-26)
Replaced by draft-ietf-httpbis-rfc6265bis
RFC stream (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


HTTP Cookies that are sent over connections without confidentiality and integrity protection are vulnerable to theft. Such cookies should be expired aggressively.


Martin Thomson
Chris Peterson

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)