- From: Lorrie Cranor <lorrie@research.att.com>
- Date: Mon, 19 Aug 2002 20:14:49 -0400
- To: <list@adamvandenhoven.com>, "P3P Mailing list" <www-p3p-policy@w3.org>
P3P allows you to set up sites either way. Unless you are very careful about keeping cookie info from mingling with other info in your web logs, I advise you to have one policy with three statements rather than three policies. Lorrie ----- Original Message ----- From: "Adam van den Hoven" <list@adamvandenhoven.com> To: "P3P Mailing list" <www-p3p-policy@w3.org> Sent: Monday, August 19, 2002 8:04 PM Subject: Multiple Statements or Policies > > I'm using the IBM P3P Editor to create a p3p policy for the site. > > There are three different things that need to be included. > > The first covers all of the content of the site. Since this is an online banking site, we collect personal financial to complete the transaction at hand and we keep it indefinately (as banks usually do). There is also the standard web logging in an anonymous fashion. > > The second is the session cookie that manages the session > > The third is a persistent cookie that stores your branch and account number so you don't have to remember. > > Now I'm confused. Should I have three different policies and use the policy reference file to point to the two different cookies and then to the content or should I have one policy with three statements and point all the content and all the cookies at it. > > Adam > > > __________________________________________________ > D O T E A S Y - "Join the web hosting revolution!" > http://www.doteasy.com > >
Received on Monday, 19 August 2002 20:14:44 UTC