W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

Re: FW: revised trusted cookie spec

From: Koen Holtman <koen@win.tue.nl>
Date: Tue, 2 Sep 1997 21:19:32 +0200 (MET DST)
Message-Id: <199709021919.VAA12325@wsooti08.win.tue.nl>
To: Larry Masinter <masinter@parc.xerox.com>
Cc: DJaye@engagetech.com, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Larry Masinter:
>
>It was hard to separate your quotation from your statement, but I think
>you said:
>
>> My proposal does not put the privacy policy inside the state mgt 
>> mechanism.  A separate PICS-Label header is used.  It merely 
>> establishes how you relate cookie handling to privacy policies.  Do 
>> you think it is unnecessary to establish that link (from within the 
>> http protocol)?
>
>I think a privacy policy should be more comprehensive than merely a
>policy about cookie handling, so a Pics-Label header that's solely
>useful for labelling cookies seems pretty useless to me.

Larry, would you be happy with a spec which defines

a) an extensible Pics-Label header for conveying information about
   privacy policies
b) the specific cookie-related instance of this extensible header?

Or are you saying that this is to weak, and that we need a complete,
comprehensive scheme which handles cookies, passwords, business cards,
and so on, under a single unified unterface?

I would be with you on calling for an extensible header, but a call
for the development of a comprehensive scheme goes too far for me.  In
my opinion, a call for completeness will guarantee that there will
never be any convergence (because too many people with advertising
business models will be opposed to it), and I want to see convergence
on something which improves on the current cookie situation, even if it
does nothing more than that.

>Larry

Koen.
Received on Tuesday, 2 September 1997 12:24:19 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:59 EDT