Re: Removing CommentURL

On Fri, 25 Jul 1997, Judson Valeski wrote:

> The user would have to look at what the commentURL says and make a decision
> anyway.
> > (And what are the odds that they'll even get that
> > cookie policy at the URL without another cookie being sent to them,
> > and being asked to accept the same cookie?).  How many people
> > will actually do it?
> Not many. But no-one said the UA wouldn't parse the comment attribute, realize
> there's a url in in and provide essentially the same functionality the
> commentURL would provide. There would be no copying and pasting.

Sure, but now you want us to believe that a UA will parse the comment
and that is less complex than what is proposed.

> > If you cut CommentURL out, you might as well cut Comment out as well.
> I don't agree here. A cookie should have some means for describing its purpose
> (the comment attribute).

As has been pointed out, a meaningful explanation would require a paragaph
or more of non-internationalized text, sent with each cookie ... text
which is much harder to isolate from the 'CGI' code and keep current than
a carefully isolated URL identified resource. I believe with a high
degree of confidence that CommentURLs would be much heavier in usage
than the comment from my perspective as a service author. The CommentURL
isolates the explanation from the programmer and the code. The comment
will come right out of code, be harder to review and keep current,
not be sharable as a single site statement of cookie policy, etc.

If we eliminate something it MUST be the comment attribute as that is
almost useless for meaningful communication except as it is extended
in implementation in include URLs which are parsed out by UAs and

Dave Morris

Received on Saturday, 26 July 1997 11:17:28 UTC