Code review comment for lp:~mir-team/mir/handle-mis-shaped-cookies

What I'm really saying is that we probably want to be able to tell the difference between a failed malicious spoofing attempt (invalid cookie), and non-malicious truncation (invalid cookie).