1996-02-15 - Re: COO_kie

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: cypherpunks@toad.com
Message Hash: e5bb2fb0649298532bc58c8aad949e7a89f046ef536c5ae366bc3cd86c3f075d
Message ID: <199602150420.UAA09695@ix2.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1996-02-15 13:01:43 UTC
Raw Date: Thu, 15 Feb 1996 21:01:43 +0800

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 15 Feb 1996 21:01:43 +0800
To: cypherpunks@toad.com
Subject: Re: COO_kie
Message-ID: <199602150420.UAA09695@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:07 AM 2/13/96 -0800, Jeff Weinstein <jsw@netscape.com> wrote:
>  There is a lot of confusion about cookies.  They do not allow
>a web site to access private information such as the user's
>e-mail address or other preferences as was recently reported
>in Web Review.  They only store information that the web site
>already has.  If you never give a web site private information
>about you or your identity, they will not be able to match your
>access patterns to your identity.

What the cookie mainly does is allow a normally stateless server to
maintain state while using a normally stateless protocol, letting
the client machine store the state data at the cost of some extra
transmission and parsing.  If the cookie data is kept separate
for separate web pages, this gives you more privacy than having the
server keep the same information, since you can see it and maybe
change it.    (The documentation indicates that you _can_ do that,
but it looks like the amount of separation you get depends on
the cookie-generating-user's choices of options.) 

As a separate note, it looks like cookies will be bitten by the Year 2000
glitch; anybody who bakes cookies between now and late 1999 that
wants them to expire early in 2000 should probably just give up
and go for 12/31/99 expiration....
#--
#				Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com / billstewart@attmail.com +1-415-442-2215
# http://www.idiom.com/~wcs     Pager +1-408-787-1281






Thread