W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1997

RE: Issues with the cookie draft

From: Yaron Goland <yarong@microsoft.com>
Date: Tue, 18 Mar 1997 22:02:39 -0800
Message-Id: <11352BDEEB92CF119F3F00805F14F485025666CC@RED-44-MSG.dns.microsoft.com>
To: 'Larry Masinter' <masinter@parc.xerox.com>
Cc: http-wg@cuckoo.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/2737
My alternative proposal is to remove section 7 of the current draft and
to make the other alterations I have specifically suggested in the rest
of the post you referred to below. Would you like me to do a little
cutting and pasting and actually make it into an I-D or should we
continue to discuss the basic issue of how far this group should be
going in its protocols?


> -----Original Message-----
> From:	Larry Masinter [SMTP:masinter@parc.xerox.com]
> Sent:	Tuesday, March 18, 1997 8:08 PM
> To:	Yaron Goland
> Cc:	http-wg@cuckoo.hpl.hp.com
> Subject:	Re: Issues with the cookie draft
> Yaron Goland wrote:
> > 
> > I went through this same debate on the DAV group when I made a
> > suggestion similar to Larry's. I was told, in no uncertain terms,
> that
> > telling people to go off and write their own spec is not the IETF
> way.
> > Rather it is the responsibility of the document editor to ensure
> that
> > all comments are addressed to the satisfaction of the group. It is
> clear
> > that this is not the case. In order to help the document editor out
> I
> > will recap my major problems with the current specification. I hope
> > others who have issues with the specification will do the same.
> The circumstances are considerably different.
> First, we're discussing a revision to a Proposed Standard which we
> passed
> through working group consensus, last call, and IESG review, after
> considerable
> discussion of the very same points that are being re-raised. It is
> that
> this issues were not previously considered, it was considered
> at great length.
> Secondly, I am not suggesting that you go off and write your own
> protocol,
> I am suggesting that you explicate your own point of view in an
> auxiliary
> draft which explains how this particular element of the protocol
> should
> work,
> and what the privacy and security implications are for that
> alternative.
> We certainly would need to justify any change in position on the issue
> of
> privacy and cookies from the one we've promoted over the last year,
> and
> until
> that justification is written and the privacy considerations
> explained,
> we
> won't get past the IESG, much less the press.
> Personally, I am skeptical that it is possible to deal with the
> privacy
> issues. However, on the mailing list, various people (including you)
> have made rather forthright assertions that there is an alternative
> which
> provides adequate(? equivalent? different but just as important?)
> privacy
> guarantees. However, these details have been floating by in the middle
> of mail messages that also allude to the business models of the
> various
> companies that are engaged in advertising. If a separate proposal is
> written,
> we'll be able to evaluate the privacy concerns independently of the
> business
> considerations.
> So, I will continue to call for volunteer(s) to write up an
> alternative
> proposal to Dave Kristol's soon-to-be-issued internet draft, and ask
> that
> we defer discussion of that particular issue until we have at least an
> interim draft of an alternative that is claimed by its authors
> to deal with the requirements credibly. 
> Regards,
> Larry
> (as HTTP-WG chair)
Received on Tuesday, 18 March 1997 22:05:02 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:19 UTC