W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1997

RE: Issues with the cookie draft

From: M. Hedlund <hedlund@best.com>
Date: Sat, 22 Mar 1997 17:36:34 -0800 (PST)
To: Yaron Goland <yarong@microsoft.com>
Cc: Dave Kristol <dmk@research.bell-labs.com>, http-wg@cuckoo.hpl.hp.com
Message-Id: <Pine.SGI.3.95.970322172716.3030A-100000@shellx.best.com>

On Sat, 22 Mar 1997, Yaron Goland wrote:
> We all agree that the spec prevents completely legitimate behavior. Thus
> demonstrating there is a flaw in the spec. 

No, at least two of us agree that the spec fails to enable desirable
behavior.  That doesn't mean there's a flaw in the spec.  In this case, it
means that no standard exists for determining the organizational unit in a
domain name -- a prerequisite, as far as I can see, for the behavior you
want.  If you want to point fingers, point them at the domain name
standard.  The cookie spec does the best it can with the information it is
given.  If you disagree, propose an improvement -- which removing 'domain'
is not.

With regards to private top-level domains, we can crumble that cookie when
we come to it (if you'll forgive me).  I agree that the situation is just
going to get worse as we start litigating the nature of domain name
registries.  However, I have yet to hear how you intend to improve the spec
in light of your predictions.  Do you really think removing the domain
restriction altogether improves the spec?  I would argue that doing so
would _create_ a serious flaw where none exists today.

M. Hedlund <hedlund@best.com>
Received on Saturday, 22 March 1997 17:44:10 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:32 EDT