On Tue, Dec 18, 2012 at 5:41 PM, Kevin Israel <pleasest...@live.com> wrote:
> > Even if you do not check "Remember my login on this browser", the > username is saved for 180 days (which, by the way, is four times the > duration set out in the WMF privacy policy). As far as I can tell, this > "feature" has existed at least since the phase3 reorg in 2003, if not > before then. Not really. The cookie expiration was bumped to 180 days back in August of 2011. Before that we had a shorter expiry. See https://www.mediawiki.org/wiki/Special:Code/MediaWiki/94430 . Given that the user has to agree to the remember me function, I do not feel this is a privacy concern. >Ideally, an anonymous user, whether or not they have ever been logged in as a >>registered user, will not transmit any personally identifying information in >their >requests. I'm not sure, but I thought I heard somewhere that we give logged out users cookies to ensure that some local caching is invalidated. -bawolff _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l