W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2013

Re: Stateful compression of cookies (Re: Delta Compression and UTF-8 Header Values)

From: Nico Williams <nico@cryptonector.com>
Date: Mon, 11 Feb 2013 10:58:48 -0600
Message-ID: <CAK3OfOikhdmTo55JTs7hDCBCDes-7iEjfVs082wG3TYC-fyuMw@mail.gmail.com>
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc: Zhong Yu <zhong.j.yu@gmail.com>, Julian Reschke <julian.reschke@gmx.de>, "Martin J. Dürst" <duerst@it.aoyama.ac.jp>, James M Snell <jasnell@gmail.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On Mon, Feb 11, 2013 at 10:50 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
> Content-Type: text/plain; charset=ISO-8859-1
> --------
> In message <CAK3OfOhcHQy1sosXNuVBS2emYFnY14wNrxs8-O0MkL5c7YJBHA@mail.gmail.com>
> , Nico Williams writes:
>
>>As for privacy, encrypted state cookies do not compromise privacy any
>>more than random session IDs.
>
> ...unless of course, they are used to track your on-line behaviour to
> such an degree that the EU finds reason to regulate them ?

But I'm not talking about web cookies.  Just state cookies in the
general sense -- these clearly are no different than session IDs with
unconstrained size.

Nico
--
Received on Monday, 11 February 2013 16:59:12 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 11 February 2013 16:59:14 GMT