I read an interesting article today Handling Cookies is a Minefield. It’s basically about what characters are supported in cookies across browsers and servers.
As a rule I only use two cookies: a session cookie, which identifies the session, and a persistent browser cookie, which identifies the user and their browser.