W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1997

Re: Unverifiable Transactions / Cookie draft

From: David Stein <webguru@burstmedia.com>
Date: Fri, 14 Mar 1997 18:00:19 -0500
Message-Id: <3329D883.402E@burstmedia.com>
To: http-wg@cuckoo.hpl.hp.com
M. Hedlund wrote:
> 
> I suspect that the number of businesses who have based their whole revenue
> model on cookie sharing is extremely low, and that no such outcome will
> occur.

I would have to disagree with this. My business, Burst! Media, is
currently
relying on this feature (not a loophole) and I currently have a list of
about 
40 web networks, most of which count on the technology of remote ad
serving.
Each of these networks may touch 1000's of other publications that rely
on a web network for revenue. 

Web networks are becoming a major source of ad revenue and we should be
taken seriously.

M. Hedlund wrote:
> As we discussed later in the group, the problem with cookie-sharing between
> disparate hosts is that it enables hosts to collaborate to share
> information collected from users in seemingly seperate transactions. 

I do not think cookie-sharing is the problem that Dwight (and myself) is
having with the spec. I want to make sure that people understand that
the
problem we have with this spec is that "Disabling stateful sessions for 
unverifiable transactions" prevents us from keeping any state within
a graphic that is served from a host other than the original web site.
We are not trying to merge cookie data from different hosts.

I too hope this spec is reconsidered.

Thanks,
Dave Stein
webguru@burstmedia.com
Burst! Media
Received on Friday, 14 March 1997 14:59:27 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:31 EDT