RE: Unverifiable Transactions / Cookie draft

On Tue, 18 Mar 1997, Yaron Goland wrote:
> There is an interesting assumption being made that protocols have the
> right to dictate user interface to software makers. Am I the only one
> who finds this development disturbing?

I agree with you that UI should not be dictated by this spec.  Lou Montulli
from Netscape agreed with you too (as I understood his position)  and as a
result we tried to remove such dicta from the spec.  Lou's comments
directly resulted in the wording of section 7.1:

> 7.1  User Agent Control
>   [...] This state
>   management specification therefore requires that a user agent give
>   the user control over such a possible intrusion, although the
>   interface through which the user is given this control is left
>   unspecified.

We felt it important to give the user control of their cookie database, but
at Lou's behest we did not try to specify a particular UI for this control. 
Instead, we tried to specify requirements for browser capabilities, while
leaving the UI up to the browser vendor. 

If you are arguing that we should not have tried to specify requirements
for browser capabilities at all, on that point I disagree.

M. Hedlund <>

Received on Tuesday, 18 March 1997 10:04:15 UTC