[2396] in WWW Security List Archive
private cookies
daemon@ATHENA.MIT.EDU (Farez Abd-Rahman)
Sun Jul 14 18:47:22 1996
To: lensmith@mta-usa.org
cc: Vassilis Risopoulos <risopoul@informatik.uni-hamburg.de>,
www-security@ns2.rutgers.edu, F.AbdulRahman@cs.ucl.ac.uk
In-reply-to: Your message of "Wed, 10 Jul 1996 22:38:12." <199607110538.WAA23551@desiree.teleport.com>
Date: Sun, 14 Jul 1996 21:08:36 +0100
From: Farez Abd-Rahman <F.AbdulRahman@cs.ucl.ac.uk>
Errors-To: owner-www-security@ns2.rutgers.edu
--------------------------------------------------------
I only have a vague idea of the cookie mechanism, but i was just wondering
if one site can obtain cookies issued to us by another site from our
browser. if it can, then there could be a threat to privacy, especially
if ost of the sites we visit hands us a cookie, ie. info on the sites we
visit may be available to an arbitrary server.
farez
---------------------------------------------------------
Alfarez Abdul-Rahman, Dept of Computer Science, University College London
F.AbdulRahman@cs.ucl.ac.uk http://www.cs.ucl.ac.uk/staff/F.AbdulRahman/
