W3C home > Mailing lists > Public > www-p3p-policy@w3.org > November 2002

Re: New to P3P! Need Help!

From: Lorrie Cranor <lorrie@research.att.com>
Date: Thu, 7 Nov 2002 23:53:37 -0500
Message-ID: <00f501c286e2$f8821240$fbbcfea9@research.att.com>
To: <rayliu@btinternet.com>, <www-p3p-policy@w3.org>

> I just launched a new corporate website recently which consists of a
different site (or domain) embedded in a frame.  This third party site uses
cookies and hence the whole third party cookie problem kicks in in IE6
blocking the user from logging on properly to our service.
> The website in question is www.universal-salvage.com
> It embeds www.universal-auctions.co.uk (the site with the cookies in
> Ive spent a week looking at various documentation and implementing out p3p
using the IBM editor. Question I wanted to ask is:
> Do I need to implement p3p on both of the domains? So far I have only
specified it on the third-party site which is embedded in a frame on the
main site. I have used the p3p validator tool to validate my policy is
correct but it still doesnt allow the cookies to work properly from the main

You do not need to P3P-enabled the main site to avoid cookie
blocking, although it is a good idea and would allow users to
view a privacy report for your site, so I do recommend it.

The most likely reason that your cookies are getting blocked is that
you are not sending P3P compact policies with your cookies.
The IBM generator can generate compact policies for you.


Lorrie Faith Cranor - http://lorrie.cranor.org/
P3P Specification Working Group Chair - http://www.w3.org/p3p/
New book: Web Privacy with P3P - http://p3pbook.com/
Received on Thursday, 7 November 2002 23:56:35 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:01:08 UTC