W3C home > Mailing lists > Public > www-talk@w3.org > March to April 2000

Security: Cookies

From: Joris Dobbelsteen <j.p.tdobbelsteen@freeler.nl>
Date: Sat, 18 Mar 2000 23:44:17 +0100
To: <www-talk@w3.org>
Message-ID: <000201bf912b$7fd2b5c0$0d0aa8c0@Thuis.local>
Last I heard about privacy violation by use of cookies:
- They should provide a web server with personal information about you
- provide Web Server Administrators (and authorized users) with information
about the web server usage from a specific user or all users.

The guy was on the radio and complained cookies where a real violation to
his privacy and turned it off, also he said servers should announce that
they are using cookies. RFC 2616 (HTTP/1.1 - June 1999) and another document
discussing HTTP/1.1 did not mension cookies, and they don't see to be
standard (???) or this is part of HTML (???).

I desided that monitoring what users like can be done much easier by logging
the links clicked (redirection) and using counters.
Maybe other HTTP/1.1 parts provide much greater security vulabilities:
user-agent, server, via, from, etc.....

Can I have some more info about this???

Joris
Received on Saturday, 18 March 2000 17:43:34 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:24 GMT