- From: Adam van den Hoven <list@adamvandenhoven.com>
- Date: Mon, 19 Aug 2002 17:04:45 -0700
- To: "P3P Mailing list" <www-p3p-policy@w3.org>
I'm using the IBM P3P Editor to create a p3p policy for the site.
There are three different things that need to be included.
The first covers all of the content of the site. Since this is an online banking site, we collect personal financial to complete the transaction at hand and we keep it indefinately (as banks usually do). There is also the standard web logging in an anonymous fashion.
The second is the session cookie that manages the session
The third is a persistent cookie that stores your branch and account number so you don't have to remember.
Now I'm confused. Should I have three different policies and use the policy reference file to point to the two different cookies and then to the content or should I have one policy with three statements and point all the content and all the cookies at it.
Adam
__________________________________________________
D O T E A S Y - "Join the web hosting revolution!"
http://www.doteasy.com
Received on Monday, 19 August 2002 20:00:42 UTC