Re: Public Suffix List

Adrien de Croy wrote:
> I see it creating a large administrative burden on many people, but
> never catching up with the current state.  I see people relying on it
> for all manner of things for which it's not designed. 

That's their problem.

> Also you're
> dealing with organisations whose prime focus is not maintaining your
> list.  You might get some initial enthusiasm to start, but down the
> track I see that waning.

Their incentive to keep the list up to date is that sites in their TLD
will be treated correctly by browsers, which will keep their customers
happy.

> This is all being proposed to _enable_ cross-site cookies (as opposed to
> just blocking or warning the user).. 

No. It's being proposed to *disable* cross-site cookies which we
currently enable because we have no good way to prevent. Along with
other UI applications in the areas of:

- History
- Download Manager
- UI display of responsible domain for SSL DV certs
  (this isn't switched on by default in Firefox 3)

> As for privacy, if an issuer of a cookie prescribes the realms within
> which that cookie may be submitted, then privacy falls under the control
> of the cookie-issuing site.  A compliant browser won't submit it outside
> those realms.

The problem is sites conspiring against a user to damage the user's
privacy and track them across multiple sites.

Gerv

Received on Monday, 9 June 2008 15:29:51 UTC