My bad on the -expires. I do have it properly formatted, but in the process of modifying my code (stripping out all the long-winded variables) for presentation here, I deleted the +. It's been a long day. :)
My -expires straight from the code looks like this:
-expires=>"+" . $config{cookie_expiration_time} . "m",
As for the cookie domain, the exact code is the following, with $config{cookie_domain} set to the proper '.domain.com'.
-domain=>$config{cookie_domain});
I have done a lot of google searching over the weeks looking for some explanation of why some browsers wouldn't work with -domain and have found no explanation. And since Netscape wrote the cookie specifications, I doubt that they would fail to adhere to one of the simplest aspects of it.
To be sure, I'm not positive what actually is the problem here outside of the -domain peculiarity. It is the only solid behavior I've nailed down and it leads me to think the overall problem causing cookies to fail on my site is that since I decide whether to use -domain when sending a cookie depends on what browser I've detected the user is visiting with, then on some oddball user-agent strings, the detection is failing and I'm sending a -domain when I shouldn't be.