[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Diff1] [Diff2] [Nits]
Versions: 00 01
httpstate A. Barth
Internet-Draft Google, Inc.
Intended status: Standards Track March 5, 2011
Expires: September 6, 2011
Origin Cookies
draft-abarth-cake-01
Abstract
This document defines the Origin attribute for cookies, which lets
servers harmonize the security policy of their cookies with the
widely used same-origin policy. Origin cookies provide both
confidentiality and integrity, unlike the Secure attribute, which
provides only confidentiality.
Barth Expires September 6, 2011 [Page 1]
Internet-Draft Origin Cookies March 2011
Editorial Note (To be removed by RFC Editor)
If you have suggestions for improving this document, please send
email to <mailto:http-state@ietf.org>. Further Working Group
information is available from <https://tools.ietf.org/wg/httpstate/>.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on September 6, 2011.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the BSD License.
Barth Expires September 6, 2011 [Page 2]
Internet-Draft Origin Cookies March 2011
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.1. Conformance Criteria . . . . . . . . . . . . . . . . . . . 5
2.2. Syntax Notation . . . . . . . . . . . . . . . . . . . . . 5
2.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5
3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.1. Examples . . . . . . . . . . . . . . . . . . . . . . . . . 6
4. Server Requirements . . . . . . . . . . . . . . . . . . . . . 8
5. User Agent Requirements . . . . . . . . . . . . . . . . . . . 9
6. Privacy Considerations . . . . . . . . . . . . . . . . . . . . 10
7. Security Considerations . . . . . . . . . . . . . . . . . . . 11
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
8.1. Origin-Cookie . . . . . . . . . . . . . . . . . . . . . . 12
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13
9.1. Normative References . . . . . . . . . . . . . . . . . . . 13
9.2. Informative References . . . . . . . . . . . . . . . . . . 13
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 14
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 15
Barth Expires September 6, 2011 [Page 3]
Internet-Draft Origin Cookies March 2011
1. Introduction
TODO
This document defines the Origin attribute for cookies, which lets
servers harmonize the security policy of their cookies with the
widely used same-origin policy. Origin cookies provide both
confidentiality and integrity, unlike the Secure attribute, which
provides only confidentiality.
Barth Expires September 6, 2011 [Page 4]
Internet-Draft Origin Cookies March 2011
2. Conventions
2.1. Conformance Criteria
The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
interpreted as described in [RFC2119].
Requirements phrased in the imperative as part of algorithms (such as
"strip any leading space characters" or "return false and abort these
steps") are to be interpreted with the meaning of the key word
("MUST", "SHOULD", "MAY", etc) used in introducing the algorithm.
Conformance requirements phrased as algorithms or specific steps can
be implemented in any manner, so long as the end result is
equivalent. In particular, the algorithms defined in this
specification are intended to be easy to understand and are not
intended to be performant.
2.2. Syntax Notation
This specification uses the Augmented Backus-Naur Form (ABNF)
notation of [RFC5234].
The following core rules are included by reference, as defined in
[RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF
(CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote),
HEXDIG (hexadecimal 0-9/A-F/a-f), LF (line feed), OCTET (any 8-bit
sequence of data), SP (space), HTAB (horizontal tab), CHAR (any US-
ASCII character), VCHAR (any visible US-ASCII character), and WSP
(whitespace).
2.3. Terminology
The terms user agent, client, server, proxy, origin server, request-
host, and request-uri have the same meaning as in cookie
specification ([cite: Cookies], Section 2.3).
Two sequences of octets are said to case-insensitively match each
other if and only if they are equivalent under the i;ascii-casemap
collation defined in [RFC4790].
The term string means a sequence of octets.
Barth Expires September 6, 2011 [Page 5]
Internet-Draft Origin Cookies March 2011
3. Overview
Using the Origin attribute, a server can set a cookie for its origin.
Unlike the Path, Domain, and Secure attributes, the Origin attribute
harmonizes the security properties of the cookie with the same-origin
policy [cite: Principles of Origin]. In particular, the Origin
attribute provides both confidentiality and integrity from other
origins.
The Origin attribute superceeds the Path, Domain, and Secure
attributes. The server can set these attributes as well to control
the scope of cookies in legacy user agents. User agents that support
origin cookies will ignore these attributes when the Origin attribute
is present.
Origin cookies are returned from the user agent to the server in the
Origin-Cookie header field and not the Cookie header field because
the Cookie header field does not provide any information about the
source of the cookie. When the server receives a cookie in the
Origin-Cookie header field, the server can reason that the cookie was
set by its own origin, and not injected by another origin.
3.1. Examples
The server can set an origin cookie, which is returned in the Origin-
Cookie header field. Origin cookies support all the same attributes
as other kinds of cookies, except Path, Domain, and Secure, which are
ignored.
== Server -> User Agent ==
Set-Cookie: SID=31d4d96e407aad42; Origin
== User Agent -> Server ==
Origin-Cookie: SID=31d4d96e407aad42
Non-origin cookies are returned in the Cookie header as usual. If
the user agent sends the server both origin and non-origin cookies,
the origin cookies are returned in the Origin-Cookie header field and
the non-origin cookies are returned in the Origin-Cookie header
field.
== Server -> User Agent ==
Set-Cookie: SID=31d4d96e407aad42; Origin
Set-Cookie: lang=en-US; Path=/; Domain=example.com
Barth Expires September 6, 2011 [Page 6]
Internet-Draft Origin Cookies March 2011
== User Agent -> Server ==
Cookie: lang=en-US
Origin-Cookie: SID=31d4d96e407aad42
Barth Expires September 6, 2011 [Page 7]
Internet-Draft Origin Cookies March 2011
4. Server Requirements
TODO
Barth Expires September 6, 2011 [Page 8]
Internet-Draft Origin Cookies March 2011
5. User Agent Requirements
TODO
Barth Expires September 6, 2011 [Page 9]
Internet-Draft Origin Cookies March 2011
6. Privacy Considerations
TODO
Barth Expires September 6, 2011 [Page 10]
Internet-Draft Origin Cookies March 2011
7. Security Considerations
TODO
Barth Expires September 6, 2011 [Page 11]
Internet-Draft Origin Cookies March 2011
8. IANA Considerations
The permanent message header registry (see [RFC3864]) should be
updated with the following registrations:
8.1. Origin-Cookie
Header field name: Origin-Cookie
Applicable protocol: http
Status: standard
Author/Change controller: IETF
Specification document: this specification
Barth Expires September 6, 2011 [Page 12]
Internet-Draft Origin Cookies March 2011
9. References
9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
[RFC4790] Newman, C., Duerst, M., and A. Gulbrandsen, "Internet
Application Protocol Collation Registry", RFC 4790,
March 2007.
[RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", STD 68, RFC 5234, January 2008.
9.2. Informative References
[RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration
Procedures for Message Header Fields", BCP 90, RFC 3864,
September 2004.
Barth Expires September 6, 2011 [Page 13]
Internet-Draft Origin Cookies March 2011
Appendix A. Acknowledgements
TODO
Barth Expires September 6, 2011 [Page 14]
Internet-Draft Origin Cookies March 2011
Author's Address
Adam Barth
Google, Inc.
Email: ietf@adambarth.com
URI: http://www.adambarth.com/
Barth Expires September 6, 2011 [Page 15]
Html markup produced by rfcmarkup 1.129b, available from
https://tools.ietf.org/tools/rfcmarkup/