- From: Walter Deane <walter.deane@iconmedialab.com.au>
- Date: Mon, 18 Mar 2002 13:19:21 +1100
- To: www-p3p-policy@w3.org
The compact policy that is generated by IBM's editor will erroneously
include multiple elements with conflicting meanings because it it
creates a policy that is generated from all of your groups.
The process I follow is to first create my cookie policy and export the
cp. Then I create my policy for the other areas of my site and combine
them into a single policy file. This gets by the bug in the IBM editor.
From my readings, the cp is only related to cookies so the fact that it
doesn't take in consideration other elements is fine.
Also if some of your cookies have different policies, The most
"offensive" cookie policy must be sent as the header for a given page. I
don't think there is anything that prevents you from having multiple
policies for different cookies. The only technical drawback is you will
not be able to use a sitewide header for your p3p and will have to
resort to using a page by page solution since you can't send 2+ p3p
headers.
The cp is also optional but required because of IE's implementation if
it processed the cookies properly from the xml then it wouldn't be
necessary to do all of this hoop-jumping.
On Tuesday, March 12, 2002, at 06:00 AM, Lorrie Cranor wrote:
> P3P allows you to seperately declare policies
> for the URLs and cookies on your site. The full
> policy you have for cookies should match the
> compact policy, but it doesn't have to be the
> same policy as you have for the URLs on your site.
>
> Lorrie
>
>
> ----- Original Message -----
> From: "Tim Money" <Tim.Money@staff.virgin.com>
> To: <www-p3p-policy@w3.org>
> Sent: Friday, March 08, 2002 12:02 PM
> Subject: Non linked 3rd party cookie acceptance
>
>
>> Hi,
>>
>> I would just like a confirmation on the best way to imlpement
>> accepteable
>> 3rd party cookie accepteable compact poilcies. I used the IBM policy
> editor
>> to create a policy and compact policies and everything worked fine,
>> but I
>> didnt details non cookie data collection in the main policy. Now
>> that I
>> have done this and generated the files, the extra entries in the
>> compact
>> policy cause the cookie to be blocked.
>>
>> We dont use cookies in any conjunction with our database or other data
>> collection methods, and only use cookies for tracking user experience
>> etc,
>> so to solve the blocking issue do I
>>
>> a) Use the shorter full policy and compact policy, which doesnt
>> detail
>> our collection of data with our database. (but doesnt this deviate
>> from
> the
>> purpose of the main policy of declaration of use to the user)
>>
>> b) Use the detailed full policy and the shorter compact policy,
>> which
>> doesnt have any information about the non cookie related data
>> collection
>> (does this cause any issues with using a privacy policy which only half
>> relates to the compact policy)
>>
>> Any help would be gratefully recieved.
>>
>> Tim
>>
>
>
Walter Deane
Web Programmer
Email walter.deane@iconmedialab.com.au
Telephone +61 2 9968 3933
Facsimile +61 2 9960 7333
Icon Medialab Australia Pty Ltd
44 Avenue Road
Mosman.NSW.2088
Australia
Received on Sunday, 17 March 2002 21:20:09 UTC