Are these session cookies, or more permanent sorts? I notice I’ve got six cookies from your site – a couple are session cookies, but one expires in two years, and one in 2038. Google took some flak a couple years ago for having eternal cookies, and it seems to be that the “best practices” – especially for something (I presume is) open-source.

I’m not really too bothered by it, but the more (vocal|paranoid) privacy-advocates might get their tinfoil knickers in a twist. 🙂