HTTP State Management Mechanism
RFC 6265, “HTTP State Management Mechanism”, is a Proposed Standard document published in April 2011 by A. Barth. It obsoletes RFC 2965. The canonical text is published by the RFC Editor.
Abstract
This document defines the HTTP Cookie and Set-Cookie header fields. These header fields can be used by HTTP servers to store state (called cookies) at HTTP user agents, letting the servers maintain a stateful session over the mostly stateless HTTP protocol. Although cookies have many historical infelicities that degrade their security and privacy, the Cookie and Set-Cookie header fields are widely used on the Internet. This document obsoletes RFC 2965. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 6265 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 6264 An Incremental Carrier-Grade NAT for IPv6 Transition
- RFC 6266 Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol
- RFC 6263 Application Mechanism for Keeping Alive the NAT Mappings Associated with RTP / RTP Control Protocol Flows
- RFC 6267 MIKEY-IBAKE: Identity-Based Authenticated Key Exchange Mode of Key Distribution in Multimedia Internet KEYing
- RFC 6262 RTP Payload Format for IP-MR Speech Codec
- RFC 6268 Additional New ASN.1 Modules for the Cryptographic Message Syntax and the Public Key Infrastructure Using X.509
- RFC 6261 Encrypted Signaling Transport Modes for the Host Identity Protocol
- RFC 6269 Issues with IP Address Sharing