{
  "draft": "draft-ietf-httpstate-cookie-23",
  "doc_id": "RFC6265",
  "title": "HTTP State Management Mechanism",
  "authors": [
    "A. Barth"
  ],
  "format": [
    "TEXT",
    "HTML"
  ],
  "page_count": "37",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "HTTP State Management Mechanism",
  "abstract": "This document defines the HTTP Cookie and Set-Cookie header fields.  These header fields can be used by HTTP servers to store state (called cookies) at HTTP user agents, letting the servers maintain a stateful session over the mostly stateless HTTP protocol.  Although cookies have many historical infelicities that degrade their security and privacy, the Cookie and Set-Cookie header fields are widely used on the Internet.  This document obsoletes RFC 2965. [STANDARDS-TRACK]",
  "pub_date": "April 2011",
  "keywords": [
    "Cookie",
    "Set-Cookie",
    "Secure",
    "HttpOnly"
  ],
  "obsoletes": [
    "RFC2965"
  ],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC6265",
  "errata_url": "https://www.rfc-editor.org/errata/rfc6265"
}