Re: Defining First and Third Party Cookies

On 19/01/2016 10:15 PM, "Mike West" <mkwst@google.com> wrote:
>
> On Mon, Jan 18, 2016 at 11:52 PM, Matthew Kerwin <matthew@kerwin.net.au>
wrote:
>>
>> * local / remote cookies
>> * internal / external cookies
>>
>> The English words are pretty open, and AFAIK they're not really used in
this domain, so there's hopefully less chance of them carrying particular
arbitrary definitions for folk who encounter them (unlike "site" which
means many things to many people.)
>
>
> I think most words are going to carry some baggage, "internal",
"external", "local", and "remote" included. I mean, all cookies are
"external" in the sense that they're sent out there to the public internet,
and all cookies are "local" in that they're stored on my hard drive. We can
define those terms in this context to mean something else, certainly, but
we could also solidify the definition of "site" as it applies to cookies.
>

Fair enough.

>>
>> That means the definition we write will be the first/true one.
>
>
> Except insofar as the world has already settled on
"first-party"/"third-party". :) Colloquial usage of those terms is fairly
pervasive (see Chrome, Firefox, and Edge's settings pages, as well as
RFC6265 itself). Lawyers aside, those are the "first" and "true"
definitions that exist status quo.
>
> Safari is the only browser I know of that avoids the "*-party"
terminology, settling for "Cookies from this website" and "websites I
visit", which lead me to "site" as a potentially viable option which has
similar connotations to the verbose-but-accurate "same-registrable-domain".
>

That makes sense. I'll happily go with whatever is settled on, I think I
like 'site'.

By the way, what happened to "second party" cookies?