|
 ABSTRACT
How did we get from a world where cookies were something you ate and where "nontechies" were unaware of "Netscape cookies" to a world where cookies are a hot-button privacy issue for many computer users? This article describes how HTTP "cookies" work and how Netscape's original specification evolved into an IETF Proposed Standard. I also offer a personal perspective on how what began as a straightforward technical specification turned into a political flashpoint when it tried to address nontechnical issues such as privacy.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
CRANOR, L. 2001. private communication.
|
| |
2
|
CRANOR,L.F.AND REIGLE, J., JR. 1998. Designing a social protocol: Lessons learned from the Platform for Privacy Preferences Project. http://www.research.att.com/ >>lorrie/pubs/ dsp/dsp.html.
|
| |
3
|
EU. 1995. Directive 95/46/EC of the European Parliament and the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and the free movement of such data. http://europa.eu.-int/eur-lex/eu/lif/dat/1995/eu 3951 0046.html.
|
| |
4
|
FIELDING, R., MOGUL, J., FRYSTYK, H., MASINTER, L., LEACH,P.,AND BERNERS-LEE, T. 1999. Hypertext Transfer Protocol-HTTP/1.1. Tech. Rep. RFC 2616 (June), IETF. http://www. ietf.org/rfc/rfc2616.txt.
|
| |
5
|
FTC. 1996. Public workshop on consumer privacy on the global information infrastructure. http://www.ftc.gov/bcp/privacy/wkshp96/frdoc.htm.
|
| |
6
|
FTC. 1997. Consumer information privacy workshop. http://www.ftc.gov/bcp/privacy/ wkshp97/.
|
| |
7
|
GARFINKEL, S. 2000. Database Nation. O'Reilly & Associates, Inc.
|
| |
8
|
HARTLEY, P. F. 1997. Comments of Netscape concerning consumer on-line privacy-P954807. http://www.ftc.gov/bcp/privacy/wkshp97/comments2/netsc067.htm.
|
| |
9
|
http-wg. HTTP-WG mailing list archive. http://www.ics.uci.edu/pub/ietf/http/hypermail/.
|
| |
10
|
KAPLAN, C. S. 2001. Kafkaesque? Big brother? Finding the right literary metaphor for net privacy. New York Times. http://www.nytimes.com/2001/02/02/technology/02CYBERLAW. html.
|
| |
11
|
KRISTOL, D. M. 2001. HTTP cookies: Standards, privacy, and politics. An extended version of this article. ACM Digital Libr. URL.
|
| |
12
|
KRISTOL,D.M.AND MONTULLI, L. 1997. HTTP state management mechanism. Tech. Rep. RFC 2109 (Feb.), IETF. http://www.ietf.org/rfc/rfc2109.txt.
|
| |
13
|
KRISTOL,D.M.AND MONTULLI, L. 2000. HTTP state management mechanism. Tech. Rep. RFC 2965 (Oct.), IETF. http://www.ietf.org/rfc/rfc2965.txt.
|
| |
14
|
LEWIN, B. 2000. Governing trust. http://207.87.15.232/issues/Issue371/item9225.asp.
|
| |
15
|
MONTULLI, L. 2001. Private communication.
|
| |
16
|
MOORE,K.AND FREED, N. 2000. Use of HTTP state management. Tech. Rep. RFC 2964 (Oct.), IETF. http://www.ietf.org/rfc/rfc2964.txt.
|
| |
17
|
NEW YORK TIMES. 2001. Senator raises privacy as Federal Web site issue. http://www.nytimes. com/2001/04/17/technology/17PRIV.html.
|
| |
18
|
NS. undated. Netscape Communications Corporation. Persistent Client State HTTP Cookies. http://www.netscape.com/newsref/std/cookie spec.html.
|
| |
19
|
P3P. 2001. P3P public overview. http://www.w3.org/P3P/Overview.html.
|
| |
20
|
PF. 2000. The top 10 privacy stories of 2000. http://www.privacyfoundation.org/release/ top10.html.
|
| |
21
|
PICS. 2000. Platform for internet content selection (PICS). http://www.w3.org/PICS/.
|
| |
22
|
POSTEL, J. 1993. Instructions to RFC authors. Tech. Rep. RFC 1543 (Oct.), IETF. http://www.ietf.org/rfc/rfc1543.txt.
|
| |
23
|
POSTEL,J.AND REYNOLDS, J. K. 1997. Instructions to RFC authors. Tech. Rep. RFC 2223 (Oct.), IETF. http://www.ietf.org/rfc/rfc2223.txt.
|
| |
24
|
|
| |
25
|
S.2606. 2000. Consumer Privacy Protection Act, S.2606. http://frwebgate.access.gpo.gov/ cgibin/getdoc.cgi?dbname=106 cong bills&docid=f:s2606is.txt.pdf.
|
| |
26
|
SMITH, R. 2001. Invasion of the web bugs. http://www.privacyfoundation.org/commentary/ tipsheet.asp?id=34&action=0.
|
| |
27
|
STATE. http-STATE mailing list archive. http://www.bell-labs.com/mailing-lists/http-state/archive. html for April 1997 through March 2000 and http://lists.bell-labs.com/pipermail/http-state/after April 2000.
|
| |
28
|
WEBSIDESTORY. 2001. Cookie rejection less than 1 percent on the Web, according to WebSideStory. http://www.websidestory.com/cgi-bin/wss.cgi?corporate&news&press 2 124.
|
| |
29
|
Wired. 2000. Dead site? There goes privacy. http://www.wired.com/news/business/0,1367, 37354,00.html.
|
| |
30
|
WP17. 1999. Recommendation 1/99 on invisible and automatic processing of personal data on the internet performed by software and hardware. Tech. Rep. (Feb.), European Union Work-ing Party on the Protection of Individuals with regard to the Processing of Personal Data. http://europa.eu.int/comm/internal market/en/media/dataprot/wpdocs/wp17en.htm.
|
| |
31
|
www-talk. WWW-TALK mailing list archive. http://www.webhistory.org/www.lists/ for 1991- 1995, http://lists.w3.org/Archives/Public/www-talk/ for 1995-2001.
|
CITED BY 9
|
|
Bruno Gusmão Rocha , Virgílio A. F. Almeida , Lucila Ishitani , Wagner Meira, Jr., Disclosing users' data in an environment that preserves privacy, Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society, p.71-80, November 21-21, 2002, Washington, DC
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Vicki Ha , Kori Inkpen , Farah Al Shaar , Lina Hdeib, An examination of user perception and misconception of internet cookies, CHI '06 extended abstracts on Human factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada
|
|
|
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
C.2