diff --git a/lib/SimpleSAML/SessionHandler.php b/lib/SimpleSAML/SessionHandler.php
index 8ad3a135f82e09edbed67364370e5ac43599b008..9586d56e97a1d35f78d887a44b4dda1996e63cdb 100644
--- a/lib/SimpleSAML/SessionHandler.php
+++ b/lib/SimpleSAML/SessionHandler.php
@@ -155,7 +155,7 @@ abstract class SimpleSAML_SessionHandler {
 			$params = $this->getCookieParams();
 		}
 
-		SimpleSAML_Utilities::setCookie($name, $value, $params);
+		\SimpleSAML\Utils\HTTP::setCookie($name, $value, $params);
 	}
 
 }
diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index 410730202132e137e3541332817753acae6b8d74..b8717e82f4f555506a458c8a621c4c7f1e1f9911 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -1060,62 +1060,10 @@ class SimpleSAML_Utilities {
 
 
 	/**
-	 * Set a cookie.
-	 *
-	 * @param string $name  The name of the session cookie.
-	 * @param string|NULL $value  The value of the cookie. Set to NULL to delete the cookie.
-	 * @param array|NULL $params  Cookie parameters.
-	 * @param bool $throw  Whether to throw exception if setcookie fails.
+	 * @deprecated This method will be removed in SSP 2.0. Please use SimpleSAML\Utils\HTTP::setCookie() instead.
 	 */
 	public static function setCookie($name, $value, array $params = NULL, $throw = TRUE) {
-		assert('is_string($name)');
-		assert('is_string($value) || is_null($value)');
-
-		$default_params = array(
-			'lifetime' => 0,
-			'expire' => NULL,
-			'path' => '/',
-			'domain' => NULL,
-			'secure' => FALSE,
-			'httponly' => TRUE,
-			'raw' => FALSE,
-		);
-
-		if ($params !== NULL) {
-			$params = array_merge($default_params, $params);
-		} else {
-			$params = $default_params;
-		}
-
-		// Do not set secure cookie if not on HTTPS
-		if ($params['secure'] && !self::isHTTPS()) {
-			SimpleSAML_Logger::warning('Setting secure cookie on http not allowed.');
-			return;
-		}
-
-		if ($value === NULL) {
-			$expire = time() - 365*24*60*60;
-		} elseif (isset($params['expire'])) {
-			$expire = $params['expire'];
-		} elseif ($params['lifetime'] === 0) {
-			$expire = 0;
-		} else {
-			$expire = time() + $params['lifetime'];
-		}
-
-		if ($params['raw']) {
-			$success = setrawcookie($name, $value, $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
-		} else {
-			$success = setcookie($name, $value, $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
-		}
-
-		if (!$success) {
-			if ($throw) {
-				throw new SimpleSAML_Error_Exception('Error setting cookie - headers already sent.');
-			} else {
-				SimpleSAML_Logger::warning('Error setting cookie - headers already sent.');
-			}
-		}
+		return \SimpleSAML\Utils\HTTP::setCookie($name, $value, $params, $throw);
 	}
 
 }
diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index 59be933008ca450259b3b428d084e45129a4370d..bffe910a0d4aa7343c09a6cb5dc1cdf50e13595b 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -194,8 +194,8 @@ class HTTP
      * Save the given HTTP POST data and the destination where it should be posted to a given session.
      *
      * @param \SimpleSAML_Session $session The session where to temporarily store the data.
-     * @param string $destination The destination URL where the form should be posted.
-     * @param array  $data An associative array with the data to be posted to $destination.
+     * @param string              $destination The destination URL where the form should be posted.
+     * @param array               $data An associative array with the data to be posted to $destination.
      *
      * @return string A random identifier that can be used to retrieve the data from the current session.
      *
@@ -822,6 +822,80 @@ class HTTP
     }
 
 
+    /**
+     * Set a cookie.
+     *
+     * @param string      $name The name of the cookie.
+     * @param string|NULL $value The value of the cookie. Set to NULL to delete the cookie.
+     * @param array|NULL  $params Cookie parameters.
+     * @param bool        $throw Whether to throw exception if setcookie() fails.
+     *
+     * @throws \SimpleSAML_Error_Exception If any parameter has an incorrect type or the if the headers were already
+     *     sent and the cookie cannot be set.
+     *
+     * @author Andjelko Horvat
+     * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no>
+     */
+    public static function setCookie($name, $value, $params = null, $throw = true)
+    {
+        if (!(is_string($name) && // $name must be a string
+            (is_string($value) || is_null($value)) && // $value can be a string or null
+            (is_array($params) || is_null($params)) && // $params can be an array or null
+            is_bool($throw)) // $throw must be boolean
+        ) {
+            throw new \SimpleSAML_Error_Exception('Invalid input parameters.');
+        }
+
+        $default_params = array(
+            'lifetime' => 0,
+            'expire'   => null,
+            'path'     => '/',
+            'domain'   => null,
+            'secure'   => false,
+            'httponly' => true,
+            'raw'      => false,
+        );
+
+        if ($params !== null) {
+            $params = array_merge($default_params, $params);
+        } else {
+            $params = $default_params;
+        }
+
+        // Do not set secure cookie if not on HTTPS
+        if ($params['secure'] && !self::isHTTPS()) {
+            \SimpleSAML_Logger::warning('Setting secure cookie on plain HTTP is not allowed.');
+            return;
+        }
+
+        if ($value === null) {
+            $expire = time() - 365 * 24 * 60 * 60;
+        } elseif (isset($params['expire'])) {
+            $expire = $params['expire'];
+        } elseif ($params['lifetime'] === 0) {
+            $expire = 0;
+        } else {
+            $expire = time() + $params['lifetime'];
+        }
+
+        if ($params['raw']) {
+            $success = setrawcookie($name, $value, $expire, $params['path'], $params['domain'], $params['secure'],
+                $params['httponly']);
+        } else {
+            $success = setcookie($name, $value, $expire, $params['path'], $params['domain'], $params['secure'],
+                $params['httponly']);
+        }
+
+        if (!$success) {
+            if ($throw) {
+                throw new \SimpleSAML_Error_Exception('Error setting cookie: headers already sent.');
+            } else {
+                \SimpleSAML_Logger::warning('Error setting cookie: headers already sent.');
+            }
+        }
+    }
+
+
     /**
      * Submit a POST form to a specific destination.
      *
diff --git a/lib/SimpleSAML/XHTML/IdPDisco.php b/lib/SimpleSAML/XHTML/IdPDisco.php
index f423ca7100fdc10cbdffa62985ab22245c3dce1b..f64dac92b431e7ac4c51da2dacf7eb4e2886f27b 100644
--- a/lib/SimpleSAML/XHTML/IdPDisco.php
+++ b/lib/SimpleSAML/XHTML/IdPDisco.php
@@ -197,7 +197,7 @@ class SimpleSAML_XHTML_IdPDisco {
 			'httponly' => FALSE,
 		);
 
-		SimpleSAML_Utilities::setCookie($prefixedName, $value, $params, FALSE);
+        \SimpleSAML\Utils\HTTP::setCookie($prefixedName, $value, $params, FALSE);
 	}
 
 
diff --git a/lib/SimpleSAML/XHTML/Template.php b/lib/SimpleSAML/XHTML/Template.php
index b47cc772c6da9369732c8e6b1803d38f8c202ca7..68275de8b5d52d5446d58f9d3741eadf24463ff1 100644
--- a/lib/SimpleSAML/XHTML/Template.php
+++ b/lib/SimpleSAML/XHTML/Template.php
@@ -711,7 +711,7 @@ class SimpleSAML_XHTML_Template {
 			'httponly' => FALSE,
 		);
 
-		SimpleSAML_Utilities::setCookie($name, $language, $params, FALSE);
+        \SimpleSAML\Utils\HTTP::setCookie($name, $language, $params, FALSE);
 	}
 
 }
diff --git a/modules/cdc/lib/Server.php b/modules/cdc/lib/Server.php
index 41cffb927ebc51d274c1801bdacd989d6b2932ce..890e4376ed95ca244135fde74135b6cc894383ee 100644
--- a/modules/cdc/lib/Server.php
+++ b/modules/cdc/lib/Server.php
@@ -211,7 +211,7 @@ class sspmod_cdc_Server {
 			'httponly' => FALSE,
 		);
 
-		SimpleSAML_Utilities::setCookie('_saml_idp', NULL, $params, FALSE);
+        \SimpleSAML\Utils\HTTP::setCookie('_saml_idp', NULL, $params, FALSE);
 		return 'ok';
 	}
 
@@ -407,7 +407,7 @@ class sspmod_cdc_Server {
 			'httponly' => FALSE,
 		);
 
-		SimpleSAML_Utilities::setCookie('_saml_idp', $cookie, $params, FALSE);
+        \SimpleSAML\Utils\HTTP::setCookie('_saml_idp', $cookie, $params, FALSE);
 	}
 
 }
diff --git a/modules/consent/lib/Consent/Store/Cookie.php b/modules/consent/lib/Consent/Store/Cookie.php
index 5790fa684d26746beca3814bb3065f654f2dc8b7..7eb153e8e4ee097fccef0334fa279ebbb1bb85e1 100644
--- a/modules/consent/lib/Consent/Store/Cookie.php
+++ b/modules/consent/lib/Consent/Store/Cookie.php
@@ -279,7 +279,7 @@ class sspmod_consent_Consent_Store_Cookie extends sspmod_consent_Store
             $params['secure'] = false;
         }
 
-        SimpleSAML_Utilities::setCookie($name, $value, $params, FALSE);
+        \SimpleSAML\Utils\HTTP::setCookie($name, $value, $params, FALSE);
     }
 
 }
diff --git a/modules/core/www/cleardiscochoices.php b/modules/core/www/cleardiscochoices.php
index afd72997fea12bd52d4ea6987401adf59cc6694d..6a1b0729147d4952d5950284ea3b469f5e719098 100644
--- a/modules/core/www/cleardiscochoices.php
+++ b/modules/core/www/cleardiscochoices.php
@@ -20,7 +20,7 @@ foreach($_COOKIE as $cookieName => $value) {
 	/* Delete the cookie. We delete it once without the secure flag and once with the secure flag. This
 	 * ensures that the cookie will be deleted in any case.
 	 */
-	SimpleSAML_Utilities::setCookie($cookieName, NULL, array('path' => $cookiePath, 'httponly' => FALSE), FALSE);
+    \SimpleSAML\Utils\HTTP::setCookie($cookieName, NULL, array('path' => $cookiePath, 'httponly' => FALSE), FALSE);
 }
 
 
diff --git a/modules/core/www/loginuserpass.php b/modules/core/www/loginuserpass.php
index 4ce0f93e66dca80463268a4d82b83c8bbb584778..f253ac53232e1b86fc95014e79dcdc8a06243de5 100644
--- a/modules/core/www/loginuserpass.php
+++ b/modules/core/www/loginuserpass.php
@@ -53,7 +53,7 @@ if (!empty($_REQUEST['username']) || !empty($password)) {
 		$params = $sessionHandler->getCookieParams();
 		$params['expire'] = time();
 		$params['expire'] += (isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300);
-		SimpleSAML_Utilities::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
+        \SimpleSAML\Utils\HTTP::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
 	}
 
     if ($source->isRememberMeEnabled()) {
diff --git a/modules/core/www/loginuserpassorg.php b/modules/core/www/loginuserpassorg.php
index ad4ba44b04b2bf7c2ace3de4cf47e10c57e05d95..441f046aa320c4b42fc31a1d66de9ea5e3d0c303 100644
--- a/modules/core/www/loginuserpassorg.php
+++ b/modules/core/www/loginuserpassorg.php
@@ -57,7 +57,7 @@ if ($organizations === NULL || !empty($organization)) {
 			$params = $sessionHandler->getCookieParams();
 			$params['expire'] = time();
 			$params['expire'] += (isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300);
-			SimpleSAML_Utilities::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
+            \SimpleSAML\Utils\HTTP::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
 		}
 
 		try {
diff --git a/modules/discopower/lib/PowerIdPDisco.php b/modules/discopower/lib/PowerIdPDisco.php
index aaed123b69c9eabcb45e2231f66fd6f847d1f909..cf673c4c9f1b0053224fcfffe7361a36190e19f0 100644
--- a/modules/discopower/lib/PowerIdPDisco.php
+++ b/modules/discopower/lib/PowerIdPDisco.php
@@ -306,7 +306,7 @@ class sspmod_discopower_PowerIdPDisco extends SimpleSAML_XHTML_IdPDisco {
 			'secure' => TRUE,
 			'httponly' => FALSE,
 		);
-		SimpleSAML_Utilities::setCookie('_saml_idp', $newCookie, $params, FALSE);
+        \SimpleSAML\Utils\HTTP::setCookie('_saml_idp', $newCookie, $params, FALSE);
 	}
 
 
diff --git a/modules/multiauth/lib/Auth/Source/MultiAuth.php b/modules/multiauth/lib/Auth/Source/MultiAuth.php
index de7fcd4b006f5201a810715c0f4c41dc3c550e39..3e5b853a78eecceec1bb80ae10c5680369c72cc9 100644
--- a/modules/multiauth/lib/Auth/Source/MultiAuth.php
+++ b/modules/multiauth/lib/Auth/Source/MultiAuth.php
@@ -208,7 +208,7 @@ class sspmod_multiauth_Auth_Source_MultiAuth extends SimpleSAML_Auth_Source {
 			'httponly' => FALSE,
 		);
 
-		SimpleSAML_Utilities::setCookie($cookieName, $source, $params, FALSE);
+        \SimpleSAML\Utils\HTTP::setCookie($cookieName, $source, $params, FALSE);
 	}
 
 	/**
diff --git a/modules/negotiate/www/disable.php b/modules/negotiate/www/disable.php
index 1cda47ee96d1ee2cad03d399e37dbdb1939868ed..52620042d162bcf9d41d3a3d07869dd9a2aa670f 100644
--- a/modules/negotiate/www/disable.php
+++ b/modules/negotiate/www/disable.php
@@ -13,7 +13,7 @@ $params = array(
     'secure' => FALSE,
     'httponly' => TRUE,
 );
-SimpleSAML_Utilities::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', 'True', $params, FALSE);
+\SimpleSAML\Utils\HTTP::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', 'True', $params, FALSE);
 
 $globalConfig = SimpleSAML_Configuration::getInstance();
 $session = SimpleSAML_Session::getSessionFromRequest();
diff --git a/modules/negotiate/www/enable.php b/modules/negotiate/www/enable.php
index 0eda57367bc22ef9b356a2c1f52feec1ec64a823..56d66a865e83a6fa6113629f8a2a9ff062a1f41f 100644
--- a/modules/negotiate/www/enable.php
+++ b/modules/negotiate/www/enable.php
@@ -12,7 +12,7 @@ $params = array(
 	'secure' => FALSE,
 	'httponly' => TRUE,
 );
-SimpleSAML_Utilities::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', NULL, $params, FALSE);
+\SimpleSAML\Utils\HTTP::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', NULL, $params, FALSE);
 
 $globalConfig = SimpleSAML_Configuration::getInstance();
 $session = SimpleSAML_Session::getSessionFromRequest();