- From: David W. Morris <dwm@xpasc.com>
- Date: Tue, 25 Mar 1997 14:01:15 -0800 (PST)
- To: Koen Holtman <koen@win.tue.nl>
- Cc: http-wg@cuckoo.hpl.hp.com
On Tue, 25 Mar 1997, Koen Holtman wrote: > The same goes for the CommentURL proposal that had been floating around in > another thread. I don't think servers need hard-to-implement protocol > extensions if they want to tell their users about their privacy policy. Why > not just put a link to your privacy policy on your company home page? Because there is no obvious way for a user to obtain the information when they are facing a prompt which asks if they want to accept a cookie. The additional problem is that you force users to figure out what the company home page is associated with a cookie and then to hunt around thru the company pages to the cookie policy page. I don't see this as placing any burden on servers. It does place a burden on the UA but it also provides the UA with a crisp clean way to provide the user with documentation on the purpose of a particular cookie. If we feel that privacy is important enough vis a vis cookies to impose restrictions on cookie sharing, then we need to include a clean mechanism by which the user can make an informed decision. Dave Morris
Received on Tuesday, 25 March 1997 14:03:00 UTC