W3C home > Mailing lists > Public > www-p3p-policy@w3.org > February 2004

Re: Policy Required if we are not collecting information

From: Rigo Wenning <rigo@w3.org>
Date: Thu, 5 Feb 2004 12:46:36 +0100
To: "Gammel, Denise" <Denise.Gammel@rrb.gov>
Cc: www-p3p-policy@w3.org
Message-ID: <20040205114636.GK565@accueil.w3.org>

Dear Denise, 
On Mon, Jan 12, 2004 at 10:01:35AM -0600, Gammel, Denise wrote:
> I have a very basic question.  Most of the pages on our website are
> static html pages and are not collecting information.  Do we need to
> have a machine readable policy for these pages?  

Yes. You probably collect normal weblogs etc. Investigate, what
information is collected on the normal static web-pages and integrate
them into one generic P3P policy served from the well-known-location.

> We are thinking we would have a generic machine readable policy for
> all pages and one or more specific policies for those particular pages
> that collect information.  

This is an excellent idea and reflects what the P3P WG intended by
allowing multiple policies for a single web-site
> We maintain www.rrb.gov and https://secure.rrb.gov.  Most of our web
> pages which collect information are on the secure site.

Note, that there are some issues around using P3P with https (ssl). If
you have trouble with ssl, please report it here.

Rigo Wenning            W3C/ERCIM
Policy Analyst          Privacy Activity Lead
mail:rigo@w3.org        2004, Routes des Lucioles
http://www.w3.org/      F-06902 Sophia Antipolis
Received on Thursday, 5 February 2004 06:50:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:01:09 UTC