W3C home > Mailing lists > Public > www-p3p-policy@w3.org > September 2004

Re: Invalid Namespace Issue

From: Rigo Wenning <rigo@w3.org>
Date: Thu, 30 Sep 2004 23:31:56 +0200
To: "William C Hesselbein Jr" <William.HesselbeinJr@ipaper.com>
Cc: www-p3p-policy@w3.org
Message-Id: <200409302331.57349.rigo@w3.org>
Dear William, 

Your file looks like this:

<?xml version="1.0" ?> 
<META xmlns="http://www.w3.org/2002/01/P3Pv1">
 <POLICY-REFERENCES>
    <POLICY-REF about="http://www.qtrnote.com/w3c/policy.xml">
       <INCLUDE>\*</INCLUDE>
       <COOKIE-INCLUDE name="*" value="*" domain="*" path="*"/>
    </POLICY-REF>
 </POLICY-REFERENCES>
</META>

1/ the <?xml version="1.0" ?> directs the validator to the pure 
XML namespace, not to P3P ;)
Remove <?xml version="1.0" ?>

2/ in the about=, you don't need a full path, as the policy 
is on the same machine

3/ The notion of path in P3P is according to RFC 2396. This 
means don't use \, but use / instead

4/ your cookie include is kind of dangerous, as it would apply 
your policy on everything the cookie is replayed to. You should 
really limit this at least with the domain.

According to this, your p3p.xml should look like this:
<META xmlns="http://www.w3.org/2002/01/P3Pv1">
 <POLICY-REFERENCES>
    <POLICY-REF about="/w3c/policy.xml">
       <INCLUDE>/*</INCLUDE>
       <COOKIE-INCLUDE name="*" value="*" domain="*.qtrnote.com" path="*"/>
    </POLICY-REF>
 </POLICY-REFERENCES>
</META>

Now the validator should be happy..

Best, 
-- 
Rigo Wenning            W3C/ERCIM
Staff Counsel           Privacy Activity Lead
mail:rigo@w3.org        2004, Routes des Lucioles
http://www.w3.org/      F-06902 Sophia Antipolis


Am Thursday 30 September 2004 17:56 verlautbarte William C Hesselbein Jr :
> When I use the validator for http://www.qtrnote.com I get the
> following:
>
>
>     /w3c/p3p.xml has invalid namespace
> http://www.w3.org/2000/12/p3pv1.
>
>
>     Validator could not find P3P policy file. Validation aborted.
>
>
>  I dont understand what I have done wrong. All of the sites on the
>  compliant list do the same thing. Using IE6, I cannot login to my
> site, which does Cookies. Can anyone help??
>
>
>  Thanks,
>
>
>  Bill Hesselbein

Received on Thursday, 30 September 2004 21:32:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 17 January 2012 12:13:11 GMT