W3C home > Mailing lists > Public > site-comments@w3.org > December 2003

pls make your page valid, don't use cookies without a clear ?privacy policy

From: Dan Connolly <connolly@w3.org>
Date: Tue, 16 Dec 2003 12:21:58 -0600
To: webmaster@www.un.org, webmaster@un.org
Cc: site-comments@w3.org, Tim Berners-Lee <timbl@w3.org>, Rigo Wenning <rigo@w3.org>, Karl Dubost <karl@w3.org>
Message-Id: <1071598918.7650.438.camel@dirk.dm93.org>

Hello U.N. webmaster,

I just followed a link from a W3C news item

to an article "In e-mail to students, Annan urges communication to build

I was surprised that the www.un.org server asks to set a cookie.
Why does it do that?

I suggest you turn that off.

If you're going to set cookies, you owe your readers
a clear privacy policy. I don't see any p3p headers in the server's
response, nor any human-readable privacy policy.

Are you familiar with P3P?

We have a tool that checks for P3P stuff:

"Validator could not find valid policy reference file URI."

(Rigo, please consider arranging for the P3P validator
to complain more loudly if it finds Set-Cookie headers
without a P3P policy.)

Also, I notice that the HTML markup of the page does
not conform to the community standards:


Please fix.

Dan Connolly, W3C http://www.w3.org/People/Connolly/
Received on Tuesday, 16 December 2003 13:22:00 UTC

This archive was generated by hypermail 2.4.0 : Monday, 18 April 2022 20:33:43 UTC