Hacker News new | ask | show | jobs
by tusharsoni 2018 days ago
Because not all cookies are regulated (such as session cookies). It would be hard for browser to tell what the cookie is for.
1 comments
BlueTemplar 2018 days ago
Still, why isn't there a Web standard for this?
link
zinekeller 2018 days ago
Attempts have been done on this, not once (P3P [1]), not twice (DNT [2]), but multiple times (several expired RFCs, GPC [3]). This sounds like the evil bit (RFC 3514 [4]) at this point.

1: https://en.wikipedia.org/wiki/P3P

2: https://en.wikipedia.org/wiki/Do_Not_Track

3: https://arstechnica.com/tech-policy/2020/10/coming-to-a-brow...

4: https://tools.ietf.org/html/rfc3514

link
kevincox 2018 days ago
The problem with these standards is that they the operators had little if any incentive to follow them.

Pairing one of these standard with laws would be a powerful solution with good UX.

link
Macha 2017 days ago
Lawmakers are generally hestitant to prescribe specific technological implementations because technology moves faster than laws. Imagine if radio spectrum regulations hadn't applied to wifi because they'd specifically specified TV/radio.
link
kevincox 2017 days ago
You can do this somewhat abstractly. By saying "when storing user data it must inform the user agent the purposes of that data using a standard mechanism". Then for http you can bless some RFC and the standard way.

But you are right. It isn't ideal.

link