W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 1997

On CommentURSs ....

From: David W. Morris <dwm@xpasc.com>
Date: Tue, 25 Mar 1997 14:01:15 -0800 (PST)
To: Koen Holtman <koen@win.tue.nl>
Cc: http-wg@cuckoo.hpl.hp.com
Message-Id: <Pine.SOL.3.95.970325135330.10232F-100000@shell1.aimnet.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/2886

On Tue, 25 Mar 1997, Koen Holtman wrote:

> The same goes for the CommentURL proposal that had been floating around in
> another thread.  I don't think servers need hard-to-implement protocol
> extensions if they want to tell their users about their privacy policy.  Why
> not just put a link to your privacy policy on your company home page?

Because there is no obvious way for a user to obtain the information when
they are facing a prompt which asks if they want to accept a cookie.
The additional problem is that you force users to figure out what the
company home page is associated with a cookie and then to hunt around thru
the company pages to the cookie policy page. I don't see this as placing
any burden on servers.

It does place a burden on the UA but it also provides the UA with a crisp
clean way to provide the user with documentation on the purpose of a
particular cookie.

If we feel that privacy is important enough vis a vis cookies to impose 
restrictions on cookie sharing, then we need to include a clean mechanism
by which the user can make an informed decision.

Dave Morris
Received on Tuesday, 25 March 1997 14:03:00 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:01 UTC