- From: Yaron Goland <yarong@microsoft.com>
- Date: Tue, 18 Mar 1997 22:02:39 -0800
- To: 'Larry Masinter' <masinter@parc.xerox.com>
- Cc: http-wg@cuckoo.hpl.hp.com
My alternative proposal is to remove section 7 of the current draft and to make the other alterations I have specifically suggested in the rest of the post you referred to below. Would you like me to do a little cutting and pasting and actually make it into an I-D or should we continue to discuss the basic issue of how far this group should be going in its protocols? Yaron > -----Original Message----- > From: Larry Masinter [SMTP:masinter@parc.xerox.com] > Sent: Tuesday, March 18, 1997 8:08 PM > To: Yaron Goland > Cc: http-wg@cuckoo.hpl.hp.com > Subject: Re: Issues with the cookie draft > > Yaron Goland wrote: > > > > I went through this same debate on the DAV group when I made a > > suggestion similar to Larry's. I was told, in no uncertain terms, > that > > telling people to go off and write their own spec is not the IETF > way. > > Rather it is the responsibility of the document editor to ensure > that > > all comments are addressed to the satisfaction of the group. It is > clear > > that this is not the case. In order to help the document editor out > I > > will recap my major problems with the current specification. I hope > > others who have issues with the specification will do the same. > > The circumstances are considerably different. > > First, we're discussing a revision to a Proposed Standard which we > passed > through working group consensus, last call, and IESG review, after > considerable > discussion of the very same points that are being re-raised. It is > that > this issues were not previously considered, it was considered > at great length. > > Secondly, I am not suggesting that you go off and write your own > protocol, > I am suggesting that you explicate your own point of view in an > auxiliary > draft which explains how this particular element of the protocol > should > work, > and what the privacy and security implications are for that > alternative. > We certainly would need to justify any change in position on the issue > of > privacy and cookies from the one we've promoted over the last year, > and > until > that justification is written and the privacy considerations > explained, > we > won't get past the IESG, much less the press. > > Personally, I am skeptical that it is possible to deal with the > privacy > issues. However, on the mailing list, various people (including you) > have made rather forthright assertions that there is an alternative > which > provides adequate(? equivalent? different but just as important?) > privacy > guarantees. However, these details have been floating by in the middle > of mail messages that also allude to the business models of the > various > companies that are engaged in advertising. If a separate proposal is > written, > we'll be able to evaluate the privacy concerns independently of the > business > considerations. > > So, I will continue to call for volunteer(s) to write up an > alternative > proposal to Dave Kristol's soon-to-be-issued internet draft, and ask > that > we defer discussion of that particular issue until we have at least an > interim draft of an alternative that is claimed by its authors > to deal with the requirements credibly. > > Regards, > > Larry > (as HTTP-WG chair)
Received on Tuesday, 18 March 1997 22:05:02 UTC