W3C home > Mailing lists > Public > www-p3p-dev@w3.org > September 2001

Re: P3P Http Response Header for Compact Policies

From: Rigo Wenning <rigo@w3.org>
Date: Fri, 28 Sep 2001 13:54:20 +0200
To: www-p3p-dev@w3c.org
Message-ID: <20010928135420.D1903@localhost>
If you use the normal P3P-mechanisms, it is getting easier, as
you can declare the ressources up-front in the Policy Reference
File (PRF). The client than knows, which policy applies to which
sector on the server. If you have a complicated site and you are
forced to use the header-method, the header still points to a
PRF.  Unless the site is REALLY complex, you don't need multiple
PRF's. So go for full P3P in this case instead of only having
compact policies.

The http-header is configured by the HTTP-server unless you generate
them by yourself in your scripts. You can tell him, which header
to server for which realm of URI's.

More info can be found in the Platform for Privacy
Preferences 1.0 Deployment Guide:
http://www.w3.org/TR/p3pdeployment

Best, 

Rigo

On Fri, Sep 28, 2001 at 09:58:06AM -0400, Gerald_T_Beattie@comerica.com wrote:
> 
> 
> 
> I manage a web site with multiple servers, multiple types of
> applications(ASP,JSP, etc) and I want to add Compact Policies to URL's
> that throw down cookie files.  I want a common method of adding compact policies
> to Http
> Response Headers for all applications so I don't have a maintenance
> nightmare.
> 
> If I added a compact policy to an Http Server response header wouldn't that come
> down with every web page?
> Thanks for any help
> 
> JB
> 
> 
> 
> 
> 
Received on Friday, 28 September 2001 13:28:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 18 June 2010 00:12:47 GMT