[2459] in WWW Security List Archive
Re: cookies and privacy
daemon@ATHENA.MIT.EDU (Micah Brandon)
Thu Jul 18 13:20:44 1996
Date: Thu, 18 Jul 1996 11:19:08 -0400
To: www-security@ns2.rutgers.edu
From: Micah Brandon <brandon@vv.com>
Errors-To: owner-www-security@ns2.rutgers.edu
At 01:28 PM 7/17/96 -0400, Seth I. Rich wrote:
>I'm not convinced by this argument, though. Yes, expires-in-the-past
>should work, for backwards compatibility. But if the "cookie" thing is
>going to be enshrined as a standard, shouldn't there be a -real- way to
>delete a cookie, one which doesn't depend on the time settings on the
>clients' machines?
>
But, it doesn't depend on the time settings of the client machine.
It depends on the time setting of the cookie itself which the server sets.
--
micah
