- From: Marc Salomon <marc@ckm.ucsf.edu>
- Date: Wed, 24 Jul 1996 12:29:51 -0700
- To: lentz@annie.astro.nwu.edu, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
lentz@annie.astro.nwu.edu wrote: |Yet I would also like for the cookie to disappear after one person's |"use" of the client, whether this be signified by an actual quitting of |the client program, closing the browsing window, switching user environment, |etc. This is not a protocol issue, rather an implementation issue. I'd recommended the following language regarding the tossing of cookies that didn't make it into the draft: +If a browser has a kiosk mode for use as a public terminal, and is configured +to accept cookies, then the user agent should be configurable to clear its +cookie cache (and any other per-user authentication data), either by an +explicit user "log out" command or by a timeout mechanism. There is enough complexity to the unaddressed issues of cookie privacy that aren't appropriate to the protocol specification that an informational document on cookie practice is probably a good idea. -marc --
Received on Wednesday, 24 July 1996 12:36:14 UTC