- From: ivan stern <tornrapt@hotmail.com>
- Date: Mon, 8 Jul 2002 20:05:13 -0400 (EDT)
- To: www-p3p-policy@w3.org
A number of questions follow. Thank you in advance for your assistance. 1. Assume that a family of web sites has multiple domains: www.website.com www.website.ca ... 2. Cookies and other file types are shared across these domains such that www.website.ca may call / receive cookies and images from www.website.com Would we have to include compact policies in the header of all cookies and images etc to ensure that they are not flagged by the browser and that functionality is not interrupted? 3. Majority of pages are dynamically generated such that the page is specified in a query string and the root URL is the same across the site: www.website.com/some-cgi/bigdll.dll?complexvariablestring&... How would one specify the page where particular data collection occurs given that 90% of the site is actually the same page, just different variables passed to the dll? For example: www.website.com/some-cgi/bigdll.dll?color&... might ask the user to input the color they want their background to be while www.website.com/some-cgi/bigdll.dll?creditcard&... might ask the user to input billing information. How can one specify that different policies apply to these URLs given that the differentiation occurs in the query string? If one created a single policy for all such strings and some were asking for personally identifiable information what would be risked? Note, only cookies and images are shared across the domains, pages are not called across domains. 4. Where can one find a definition of Personally Identifiable Information? Clearly this includes name, address etc. as well as userIDs where such apply. Is it any information that can be "mapped" back to an individual, or is that too specific? That's all for now, and thank you in advance for your assistance! CONFIDENTIALITY NOTICE: This message is intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this message by error, please delete it from your records. _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com
Received on Friday, 12 July 2002 05:52:17 UTC