[www-p3p-public-comments] <none> from Rigo Wenning on 2001-09-10 (www-p3p-public-comments@w3.org from September 2001)

From: Rigo Wenning <rigo@rigo.w3.org>
Date: Mon, 10 Sep 2001 18:38:47 +0200
To: www-p3p-public-comments@w3.org
Message-Id: <E15gU59-0000NB-00@rigo.w3.org>
>From rigo  Mon Sep 10 18:38:01 2001
Return-path: <rigo@tux.w3.org>
Envelope-to: rigo@localhost
Delivery-date: Mon, 10 Sep 2001 18:38:01 +0200
Received: from localhost ([127.0.0.1])
	by rigo.w3.org with esmtp (Exim 3.31 #1 (Debian))
	id 15gU2Z-0000Cw-00
	for <rigo@localhost>; Mon, 10 Sep 2001 18:36:08 +0200
Received: from www49.inria.fr [138.96.10.12]
	by localhost with POP3 (fetchmail-5.8.3)
	for rigo@localhost (single-drop); Mon, 10 Sep 2001 18:36:07 +0200 (CEST)
Received: from sophia.inria.fr by www49.inria.fr (8.11.1/8.10.0) with ESMTP id f8AL2J121694 for <rwenning@www49.inria.fr>; Mon, 10 Sep 2001 23:02:19 +0200 (MET DST)
Received: from tux.w3.org by sophia.inria.fr (8.11.1/8.10.0) with ESMTP id f8AL2wr19180 for <Rigo.Wenning@sophia.inria.fr>; Mon, 10 Sep 2001 23:02:58 +0200 (MET DST)
Received: (from rigo@localhost)
	by tux.w3.org (8.9.3/8.9.3) id RAA30459
	for Rigo.Wenning@sophia.inria.fr; Mon, 10 Sep 2001 17:02:57 -0400
Received: from www19.w3.org (www19.w3.org [18.29.0.19])
	by tux.w3.org (8.9.3/8.9.3) with ESMTP id RAA30453
	for <rigo@w3.org>; Mon, 10 Sep 2001 17:02:57 -0400
Received: by www19.w3.org (8.9.0/8.9.0) id RAA16737
	for rigo@w3.org; Mon, 10 Sep 2001 17:02:56 -0400 (EDT)
Date: Mon, 10 Sep 2001 17:02:56 -0400 (EDT)
X-Envelope-From: www-p3p-public-comments-request@tux.w3.org  Mon Sep 10 17:02:44 2001
Received: from tux.w3.org (tux.w3.org [18.29.0.27])
	by www19.w3.org (8.9.0/8.9.0) with ESMTP id RAA16717
	for <www-p3p-public-comments@www19.w3.org>; Mon, 10 Sep 2001 17:02:43 -0400 (EDT)
Received: from mail1.digitalcyclone.com (IDENT:qmailr@mail1.digitalcyclone.com [216.245.140.5])
	by tux.w3.org (8.9.3/8.9.3) with SMTP id RAA30440
	for <www-p3p-public-comments@w3.org>; Mon, 10 Sep 2001 17:02:43 -0400
Received: (qmail 29376 invoked from network); 10 Sep 2001 21:02:41 -0000
Received: from unknown (HELO dc0.digitalcyclone.com) (216.245.140.10)
  by mail1.digitalcyclone.com with SMTP; 10 Sep 2001 21:02:41 -0000
Received: (qmail 2178 invoked from network); 10 Sep 2001 21:02:41 -0000
Received: from dc60.digitalcyclone.com (HELO ?10.0.1.4?) (216.245.140.70)
  by dc0.digitalcyclone.com with SMTP; 10 Sep 2001 21:02:41 -0000
Old-Date: Mon, 10 Sep 2001 16:02:41 -0500
From: Ken Martin <kenm@digitalcyclone.com>
To: <www-p3p-public-comments@w3.org>
Message-ID: <B7C294A0.1660E%kenm@digitalcyclone.com>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-Diagnostic: Not on the accept list
Subject: [Moderator Action] IE6 and 3rd party cookies
X-Diagnostic: Mail coming from a daemon, ignored
X-Envelope-To: www-p3p-public-comments
Resent-From: rigo@rigo.w3.org
Resent-Date: Mon, 10 Sep 2001 18:38:47 +0200
Resent-To: P3P Public Comments <www-p3p-public-comments@w3.org>

I am quite near ulcer over this... :(

I work on a web site that serves weather information through affiliate
frames. We are, of course, seeing IE6 reject our cookies because we were not
P3P compliant.

On discovering this, I have spend a *lot* of time on the w3c site and the MS
site trying to apply the steps and become compliant. The site now runs fine
through the W3C Validator - see
<http://validator.w3.org/p3p/20001215/p3p.pl?uri=frame.my-cast.com>.

I have even set up a dummy 'affiliate' site through which I frame through to
the weather information and tried to make that dummy affiliate P3P compliant
- see <http://validator.w3.org/p3p/20001215/p3p.pl?uri=www.kpmartin.com>.

The workflow, pre-IE6, was:

- a user would log in (possible from a variety of places)
- they would be redirected to their affiliate
- the new page would have a frame which pointed to our frame.my-cast.com
  server
- that my-cast server would attempt to write the cookies necessary to server
  the personalized weather (as a third-party)

This works flawlessly with every other browser, but the addition of P3P is
killing it.

I have noted on MS's site the things that MS will consider unacceptable, and
as far as I can tell, our CP has none of those things.

Is IE6 working properly with third-party cookies? Is there a way to
troubleshoot what I've done? (It's very hard since if I try to validate the
actual 'landing page' of the redirected user, the *validator* is redirected
since it doesn't send valid cookies.)

Privacy is important to our customers, and we've tried to be on top of
things, but this is truly confounding us.

Can anyone offer any advice?

Ken Martin
Received on Monday, 10 September 2001 18:11:17 UTC