I had a look at the specs, and while it answers my question about what happens when the age is set to -1 (cookie is deleted when browser exits), it doesn't answer my other question. That was: "is there any way to ensure that a cookie lives forever"?
Joined: Mar 22, 2005
If the max age is an int, and negative ints won't work, then the maximum time a cookie can live is about 2^31-1 seconds. Not quite forever, but by then HTTP is most likely long forgotten