Cryptography Reference
In-Depth Information
voucher is necessary for Corbett to maintain record keeping, and it establishes
a formal relationship (which we will call a
state
), between him and Alice.
Cookies and HTTP
: In Internet terms, a server, when returningan HTTP
object to Alice, includes a cookie that has a description of the range of URLs for
which that cookie is valid. Any future HTTP requests made by Alice that fall
in that range will include the current value of the cookie from Alice sent back
to the server. This means that she can shop online and store information about
the currently selected items, and it frees Alice from retypingher user ID for each
visit. The sites at which she shops can store preferences on her computer, and
have Alice supply those preferences every time she visits that site. For instance,
the QQQ.com server provides the cookie to Alice's browser, which stores it in
its memory as a text file. Each time her browser sends a request to QQQ.com
(when she types in its URL for example), the cookie is sent back to the server.
Types of Cookies
: There are different types of cookies. For instance,
a
session cookie
(or
transient cookie
), is one that is erased when Alice closes
her browser, because the session cookie is stored in temporary memory and
discarded after the browser is closed. These transient cookies do not obtain
information from Alice's computer. Rather they store data in a session ID
format, which does not explicitly identify Alice. Another type of cookie is the
persistent cookie
(also called,
permanent
or
stored
cookie), which is a cookie set
with an expiration date and is stored on Alice's hard drive
8.22
until it expires (or
else Alice, herself, deletes it). Persistent cookies gather information about Alice,
includingher WWW surfingbehaviour or her preferences at, say QQQ.com. The
QQQ.com server may use this information to present Alice with a customized
welcome page with, say “Hello Alice”, the next time she visits.
Alice's browser automatically updates her cookies every time she revisits a
site, since once the browser is closed, the cookies are resaved to disk.
Effect of Cookies
: In the final analysis, a cookie is simply a piece of text,
not a program, and only Alice's browser can store cookies on her hard drive, if
it is a persistent cookie. The data is stored in a special file called a cookie list,
and is done without the knowledge or consent of Alice. However, it cannot be
used for, say, a virus, so it is harmless in that regard. Moreover, the number of
cookies allowed for storage on Alice's hard drive is also restricted. Most browsers
conform to RFC 2109 (see [203]), which puts a limitation of 300 cookies that
may be stored on a given hard drive (with a 4096 byte-per-cookie maximum).
This involves a limit of 20 cookies per WWW site, so if 15 sites maximize the
cookies on Alice's hard drive, then the next time a cookie is to be set, Alice's
browser will discard her least used cookie to free space for the new cookie.
When Alice returns to QQQ.com, her browser will automatically and again,
without her knowledge or consent, transmit the cookie containing her personal
data to QQQ.com's server.
8.22
A
hard disk
, also called a
disk drive
, is part of a unit that stores (and provides eIcient
access to) large blocks of data on one or more electromagnetically charged surfaces.
Search WWH ::
Custom Search