[Previous] [Next] [Index]
[Thread]
Re: cookies and privacy
> I've just read this, and I apologize if this is the wrong forum for me to
> make my comments. The first thing I notice is that this draft maintains
> the (IMO) absurd practice of deleting a cookie by expiring it into the
> past. Wouldn't it be better to remedy that now with a "delete-cookie:"
> HTTP header?
There's generally a reluctance to add new HTTP headers. Furthermore,
the original Netscape implementation used the expires-in-the-past
mechanism. So for compatibility we did the same.
Dave Kristol
Follow-Ups: