If you're going to start futzing with cookies at a low-level (instead of, say, using CGI::Cookie), it helps to understand what cookies are and how they're constructed and transfered.

RFC 2109 is a good starting point, though it's a bit formal. You might find Netscape Cookies to be more readable.

Once you've had a go at one or both of these, give the CGI::Cookie POD a read.