W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2008

Re: [DNSOP] Public Suffix List

From: Gervase Markham <gerv@mozilla.org>
Date: Mon, 09 Jun 2008 15:21:11 +0100
Message-ID: <484D3C57.7010205@mozilla.org>
To: Wes Hardaker <wjhns1@hardakers.net>
CC: dnsop@ietf.org, ietf-http-wg@w3.org

Wes Hardaker wrote:
> I think a better policy would be to fix the HTTP protocol so that it
> could specify an incoming cookie policy.  Rather than having every site
> under the sun be able to set cookies and block that by some random list
> of hard coded "within" list, allow each site to specify where they
> accept cookies from.  

That doesn't solve the privacy problem.

If www.flirble.co.zz and www.widget.co.zz wished to conspire to track
users across the two sites, they would simply both say that they are
happy to accept co.zz cookies.

I am not particularly interested in a long discussion about whether we
need this data. Please be assured that we need it. I am, on the other
hand, open to suggestions about better ways to obtain it.

Gerv
Received on Monday, 9 June 2008 14:22:00 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:48 GMT