HTTP - Related Specifications
BASIC and DIGEST authentication methods
RFC 2068 (January 1997) - Hypertext Transfer Protocol -- HTTP/1.1 - obsolete, replaced by 2616
"HTTP State Management Mechanism"
The specification about cookies. It is implemented by org.apache.tomcat.util.http.Rfc6265CookieProcessor that is available since Tomcat 8.0.15 and is the default one starting with Tomcat 8.5.0. See also "Cookies" page in "Development and Development Issues / Archive" on this wiki.
"Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP)"
Content-Disposition header is used by file uploads. See also Bug 59115
"Hypertext Transfer Protocol (HTTP) Keep-Alive Header". A draft of specification.