- From: Christian Voelker <christian.voelker@freenet-ag.de>
- Date: Mon, 5 Nov 2001 20:41:00 +0100
- To: www-p3p-policy@w3.org
- Message-ID: <BDC37D9EAC71AE4DB09A7A0D422EEC663FCDB7@STAFFBOX>
Hello, until now, I rejected to go through all the rules written down in the XML file for the medium setting of the IE 6 user prefs. But as it didnt work out with the headers I constructed so far, I had to investigate on this side as well. Now im through round about 150 rules and have the strange feeling that MS did not know themselves what theyre doing. So this is just to those who have read this file too. Is it true that the short version of the third party section would just be: <thirdParty noPolicyDefault="reject" noRuleDefault="accept" alwaysAllowSession="no"> <if expr="PHY" action="reject" /> <if expr="ONL" action="reject" /> <if expr="GOV" action="reject" /> <if expr="FIN" action="reject" /> </thirdParty> What leads me to this opinion is this: <if expr="PHY,!CUR, !ADM, !DEV, !CUS, !TAI, !PSA, !PSD, !IVA, (...)" action="reject" /> (...) <if expr="PHY,IVA" action="reject" /> The same is true for the other three categories of data. It just means that the first rule rejects the cookie if you gather physical data and dont do an individual analysis on it; the se- cond applies if you do. In either case, your cookies are rejected. As with adservers and the german counting mechanism for page impressions, the "IVW- Tag", it would be fairly simple then: Just avoid to gather postal adress, tele- phone (PHY), email adress (ONL) and any account information (FIN) of the visitor - stuff you propably dont store on your adserver anyway. The GOV doesnt apply (so far - beware of it) at all. Everything else is just fine. Am I right? Please tell me. I hope, the list accepts appended files. I just took the user pref down from the MS website, saved in UTF-8 (which is nothing different from normal as long as the file contains ASCII only). You may find it your- self by going there: http://msdn.microsoft.com/workshop/security/privacy/overview/privacyimportxm l.asp Then, scroll down to: A Real Example: Microsoft's Medium Setting Click "Show Example" to expand. Cheers, Christian
Attachments
- application/octet-stream attachment: UserPrefMedium.xml
Received on Monday, 5 November 2001 14:41:02 UTC