- From: Nico Williams <nico@cryptonector.com>
- Date: Mon, 11 Feb 2013 10:58:48 -0600
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Zhong Yu <zhong.j.yu@gmail.com>, Julian Reschke <julian.reschke@gmx.de>, "Martin J. Dürst" <duerst@it.aoyama.ac.jp>, James M Snell <jasnell@gmail.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On Mon, Feb 11, 2013 at 10:50 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > Content-Type: text/plain; charset=ISO-8859-1 > -------- > In message <CAK3OfOhcHQy1sosXNuVBS2emYFnY14wNrxs8-O0MkL5c7YJBHA@mail.gmail.com> > , Nico Williams writes: > >>As for privacy, encrypted state cookies do not compromise privacy any >>more than random session IDs. > > ...unless of course, they are used to track your on-line behaviour to > such an degree that the EU finds reason to regulate them ? But I'm not talking about web cookies. Just state cookies in the general sense -- these clearly are no different than session IDs with unconstrained size. Nico --
Received on Monday, 11 February 2013 16:59:12 UTC