- From: Gervase Markham <gerv@mozilla.org>
- Date: Mon, 09 Jun 2008 15:21:11 +0100
- To: Wes Hardaker <wjhns1@hardakers.net>
- CC: dnsop@ietf.org, ietf-http-wg@w3.org
Wes Hardaker wrote: > I think a better policy would be to fix the HTTP protocol so that it > could specify an incoming cookie policy. Rather than having every site > under the sun be able to set cookies and block that by some random list > of hard coded "within" list, allow each site to specify where they > accept cookies from. That doesn't solve the privacy problem. If www.flirble.co.zz and www.widget.co.zz wished to conspire to track users across the two sites, they would simply both say that they are happy to accept co.zz cookies. I am not particularly interested in a long discussion about whether we need this data. Please be assured that we need it. I am, on the other hand, open to suggestions about better ways to obtain it. Gerv
Received on Monday, 9 June 2008 14:22:00 UTC