- From: M. Hedlund <hedlund@best.com>
- Date: Fri, 14 Mar 1997 01:54:15 -0800 (PST)
- To: Yaron Goland <yarong@microsoft.com>
- Cc: "'dmerriman@doubleclick.net'" <dmerriman@doubleclick.net>, http-wg@cuckoo.hpl.hp.com
On Thu, 13 Mar 1997, Yaron Goland wrote: > I would also point out that besides denying smaller sites revenue, > preventing "unverifiable transactions" only puts a very small bump in > the road of collecting user data. [...] > User Privacy - 0 > Small Web Sites - 0 It is a misrepresentation to say that there is "0" gain in user privacy by way of the unverifiable transaction limitation in the cookie RFC. We would not have wasted the extensive amount of time we spent on this issue for no gain. The specification as written provides reasonable protection for users while trying to allow implementors flexibility in user interface design. I do agree that data sharing can be accomplished through other means than shared cookies. However, the concern of the state management subgroup was crafting a specification that did not create _new_ privacy problems. Because there are other privacy issues on the Web does not mean that we should throw up our hands and surrender in this specification. M. Hedlund <hedlund@best.com>
Received on Friday, 14 March 1997 01:57:06 UTC