>I agree 100%. I want the way a site tells me what it is doing with my >private information to be available via a simple, consistent UA >mechanism. I don't want one mechanism for cookies, another mechanism for >content negotiation, a third mechanism for deciding whether to supply my >email address as the password for anonymous FTP, another mechanism for >deciding whether I want to supply personal information in forms I fill >out using a web browser, another mechanism for deciding whether I want >to supply personal information when interacting with a Java applet. I >want just what you're calling for: a single, consistent UA mechanism, >adapted for local preferences for charset and language, but I want it to >be useful for all of those mechanisms. Putting in "Comment" and/or >"CommentURL" inside Set-Cookie does nothing to help out with any of the >other situations in which privacy is also an issue, and is quite >possibly inconsistent or incompatible with those other situations. I agree -- one mechanism for handling private information would be much better than separate mechanisms for cookies, Java, etc. It should also be pursued by another working group, so that http-state can handle the rest of the revisions to the cookie spec. This has been a tremendously contentious issue, which should be handled in general purpose fashion rather than on a case-by-case basis (which is what commentURL does). Thanks for writing the above, Larry -- I was going to ask you exactly why you objected to commentURL, but your email stated it very clearly (and changed my mind to boot). ========================================================== Mark Leighton Fisher Thomson Consumer Electronics fisherm@indy.tce.com Indianapolis, IN "Browser Torture Specialist, First Class"Received on Tuesday, 19 August 1997 11:33:54 EDT
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:51 EDT