Re: duplicate cart numbers - New P3P Rule
This WebDNA talk-list message is from 2002
It keeps the original formatting.
numero = 45381
interpreted = N
texte = On the use of cookie for tracking cart number .... We too use this methodfor sites operating out of Japan, Singapore, South Korea and China. We havehad a couple of customers disabling cookies but the occurrence is far toolittle to be of prime consideration.Having said that .... A new animal is in town that can really force some ofus to rethink the way of the cookie or at the very least .... Abide by thenew rules. It is a new W3C Recommendation called P3P and is currentlyadopted by MIE 6.0 .... With the rest soon to follow.I like the cookie tracking method for cart session values and am trying tofigure out if there is any other alternative to it ... I.e. The benefits ofcookie without actually using a cookie. Apple's WebObjects claims to be ableto do this even though I have not had the time to explore it fully.Anyway .... Extracted below is the article that explains the P3P rule andyes, we are starting to see cookie related issues as more folks adopt IE6.0in our market._________ Extract ________Help! IE6 Is Blocking My Cookiesby Lorrie Cranor, author of Web Privacy with P3PI regularly hear from Web site developers who have added a newcookie-enabled feature to their site only to discover that visitors usingthe Microsoft Internet Explorer 6 (IE6) Web browser are unable to use it.After a little investigation, they discover the problem has something to dowith cookies and a new W3C Recommendation called P3P. What is P3P? theyask. What does it have to do with my cookies? And how can I stop IE6 fromblocking them? The answers to all of these questions and more can be foundin my new book, Web Privacy with P3P. In this article, I will give you aquick introduction to P3P and an overview of what you need to do to preventIE6 from blocking your cookies.What is P3P?The full name for P3P is the Platform for Privacy Preferences Project. P3P1.0 is an official recommendation of the World Wide Web Consortium (W3C)that was approved in April 2002. P3P provides a standard way for Web sitesto encode their privacy policies in a computer-readable XML format. Thisallows P3P-enabled Web browsers and other P3P user agents to fetch P3Pprivacy policies automatically, parse them, and compare them with a user'sprivacy preferences. P3P user agents can use the information in a P3P policyto provide a summarized version of Web site privacy policies to users. Forexample, IE6 offers a Privacy Report option from the View menu, and Netscape7 includes a Privacy Summary button on its Page Info screen. The AT&TPrivacy Bird is a free Internet Explorer add-on that puts a bird icon in thecorner of a user's browser window. The bird changes color to indicatewhether or not a site's P3P policy matches the user's preferences. Users canalso click on the bird to get a summary of a site's privacy policy.The P3P 1.0 Specification also defines an abbreviated version of a P3Ppolicy, called a compact policy, that can be transmitted in HTTP headerswhen cookies are set. Some P3P-enabled browsers, such as IE6, use theinformation in P3P compact policies to make cookie-blocking decisions.Many of the Web's most popular sites have adopted P3P. Early adopters of P3Pinclude information sites, such as About.com; search engines, such as Yahooand Lycos; advertising networks, such as DoubleClick and Avenue A; travelagencies, such as Expedia; and telecommunications companies, such as AT&T.Why Does IE6 Block My Cookies?IE6 includes privacy features that can be used to selectively block cookiesbased on their P3P compact policies. For detailed information about thesefeatures, see Privacy in Internet Explorer 6 on MSDN (reproduced as AppendixC in Web Privacy with P3P). In the default IE6 settings, which most usersnever change, third-party cookies are blocked when they do not have compactpolicies or when they have unsatisfactory compact policies. Most sitesthat are experiencing cookie-blocking problems have third-party cookies ontheir site that do not have P3P compact policies.What are Third-Party Cookies?Cookies are associated with a Web page or with an image or other objectembedded in a Web page. When a page or object is served, the server adds aspecial header that sets the cookie on the user's machine. Sometimes, Webpages include images, frames, or other content that is located on a sitewith a different domain name than the page in which it is embedded. Forexample, it is quite common for Web sites to embed banner advertisementsthat are served by an ad company. If any of these third-party images orobjects set cookies, than they are referred to as third-party cookies.Sometimes the domain from which a third-party cookie is set is owned by thesame company as the Web page it which it is embedded. For example, a Webpage at http://example.com/ might include an image and cookie fromhttp://example.org/. However, IE6 does not know which sites are reallyrelated, so any cookie from a different domain than the site in which it isembedded is considered a third-party cookie.Some cookie-blocking problems occur when a site is framed by another site.For example, a CD store that is part of an online shopping portal may appearin a frame provided by the portal. From the perspective of the browser, theCD store content may appear to be third-party content when framed by theportal. However, if a visitor goes directly to the CD store without goingthrough the portal, the content will be first-party content. Thus, the CDstore will find their cookies are blocked only when visitors come in throughthe portal. Web-based mail systems also cause a similar problem. If a Website visitor emails a Web page to a friend who uses a Web-based mail system,the email message will appear as third-party content to the friend'sbrowser, because it is framed by the email system. If there are any cookiesassociated with the page that was emailed, they will be treated asthird-party cookies by IE6.How Can I Prevent IE6 from Blocking My Cookies?To prevent IE6 from blocking cookies on your site, you need to make surethat all of the cookies that are being set in a third-party context have P3Pcompact policies associated with them, and that those compact policies areconsidered satisfactory by IE6. If the third-party cookies are being set byanother company, you may need to ask them to P3P-enable and set P3P compactpolicies. Any host that sets a P3P compact policy must also have acorresponding full P3P policy. Users can change their IE6 settings so thatcookies will be blocked under other conditions as well; however, placingsatisfactory compact policies on third-party cookies will prevent most IE6cookie blocking.Unsatisfactory cookies are basically cookies with a P3P compact policy thatindicates that the cookie may be associated with personally-identifiableinformation that may be shared with other companies, used for marketing,used for profiling, or used for unknown purposes -- without giving the userthe option of opting out. There is a detailed explanation of satisfactoryand unsatisfactory cookies in my book and on the Microsoft Web sitereferenced above. How Do I P3P Enable My Web Site and Use Compact Policies?P3P-enabling a site need not be difficult, time consuming, or expensive. Asmall site that has an existing privacy policy may be able to getP3P-enabled within a few hours. However, I know from experience that P3Penabling a site for a multi-national company that has dozens, or evenhundreds, of Web servers for many different business units located aroundthe world can be a challenge. Fortunately, the task can be accomplishedincrementally, and P3P can be rolled out one server at a time, if need be.In Web Privacy with P3P I describe the process of P3P-enabling a Web site inseven steps. Here is a summary of this process:1. Hopefully, your site already has a privacy policy. If not, you need tocreate one. This is not only essential for using P3P, but also good businesspractice. Chapter 5, Overview and Options, of Web Privacy with P3Pincludes some tips on writing a privacy policy and links to online resourcesthat you may find helpful.2. Once you have created a privacy policy, you will need to analyze the use ofcookies and third-party content on your site. Privacy policies describe thekinds of data a company may collect, but they generally do not go into muchdetail about the ways in which cookies are used. Cookies can enableotherwise non-identifiable data to be linked to identifiable data, sometimesunintentionally. They may also enable data to be shared in unanticipatedways. It is important to analyze how cookies are used on your Web site andhow they interact with other cookies and with HTML forms. It is alsoimportant to identify cookies that may be treated as third-party cookies.3. Next, determine whether you want to have one P3P policy for your entire siteor different P3P policies for different parts of your site. If you alreadyhave multiple privacy policies for your site, then you will probably want tohave multiple P3P policies as well. For example, some sites have differentpolicies associated with different types of services they offer. Even if youhave a single, comprehensive policy for your entire site, you may want tohave multiple P3P policies. For example, your site's privacy policy mightinclude a statement like We do not collect personally identifiableinformation from visitors except when they fill out a form to order aproduct from us. You might wish to create two P3P policies -- one for useon most of your site where there are no forms, and the other for usespecifically on the parts of the site where visitors fill out forms to orderproducts.4. Create a P3P policy (or policies) and compact policy for your site. You canuse one of the P3P policy-generator tools listed at http://www.w3.org/P3P/to easily create a P3P policy and compact policy without having to learnXML. My personal favorite is the P3P Policy Editor from IBM, which isavailable as a free download. Chapter 7, Creating P3P Policies, of WebPrivacy with P3P includes step-by-step instructions for using the P3P PolicyEditor.5.Create a policy reference file for your site. Most of the policy generatortools will help you create a policy reference file. This file lists all ofthe P3P policies on your site and the parts of your site to which theyapply. In most circumstances, you will have just one policy reference filefor your entire site.6. Configure your server for P3P. On most sites, this can be done by simplyplacing the P3P policy and policy reference files on the Web server in theproper locations. (Usually, the proper location for the policy referencefiles is /w3c/p3p.xml -- which is known as the well-known location.)However, due to the way some sites are set up, they may find it advantageousto configure their servers to send a special P3P header with every HTTPresponse. Some sites may find it useful to add special P3P LINK tags totheir HTML content. Sites with third-party cookies (and some sites withfirst-party cookies) will also want to configure their servers to add P3Pcompact policies to their HTTP set-cookie responses. Appendix B of my bookprovides instructions for configuring several popular Web servers to dothis. This information is also available online.7. Test your site to make sure it is properly P3P enabled. The W3C P3PValidator can be used to test your site and report back a list of anyproblems it finds. Of course, this tool cannot verify that your P3P policymatches your privacy policy, or that either policy conforms with your actualpractices. But it can make sure that your policy and policy reference filesare syntactically correct and that you've configured everything properly.This tool can also be used to verify that your server is issuing P3P compactpolicies when it sets cookies. You can try the W3C P3P Validator.Some Web developers have told me that they found P3P policies and compactpolicies on random Web sites and copied them onto their own sites in orderto quickly P3P-enable. This is a very bad idea! P3P policies are similar tocontracts. They make statements about Web site privacy policies that must beconsistent with the site's human-readable privacy policy, as well as thesite's actual practices. You may want to review other Web sites' P3Ppolicies to better understand P3P, or take a look at the examples in mybook, but make sure the policies you post represent your site's actualpractices!I P3P-Enabled My Site, But My Cookies are Still Being Blocked by IE6There are several reasons why this may happen. It may take a littledetective work to solve the problem, but usually it is solvable.Most often, the problem is that the Web server is not actually issuing theP3P compact policy with the set-cookie responses. In some cases, it may beissuing the compact policy with some set-cookie responses, but not withothers. You can use the W3C P3P Validator to check whether the compactpolicy is being issued. Fixing this problem depends on your particularserver and how the cookie is being set.Sometimes the problem is that the compact policy is not syntacticallycorrect. This is easily checked with the W3C P3P Validator.In other cases, the compact policy is correct, but it does not meet IE6'squalifications as a satisfactory policy. The P3P Policy Editor providesinformation about whether a compact policy is considered satisfactory. Someof the Web-based compact policy tools listed on the W3C Web site alsoprovide this information. If your compact policy is not satisfactory, youmay need to change your site's data practices. Generally, this involvesproviding a way for users to opt out of having their data used in certainways. Sometimes cookies are blocked only when users change the IE6 defaultcookie settings. In this case, a user has selected more stringent criteriafor cookie blocking. Again, you can change your practices to meet thesecriteria. However, this is not always possible. You should make sure yourapplications at least fail gracefully in cases where your cookies areblocked. Ideally, your applications will be able to operate (at leastpartially) without cookies, or they will notify the user that cookies arerequired and provide instructions for overriding the blocking.I have seen a few cases where P3P-enabling a site solves the cookie-blockingproblem, but the developer who is testing the site doesn't realize this,because their browser has stored old cookies that are still being blocked.If all else fails, try removing your site's cookies from your computer (oreven deleting all of your cookies) and restarting your browser to seewhether the new cookies are still being blocked.My Cookies aren't being Blocked, But Users are Not Able to View an IE6Privacy Report for My SiteUsually this occurs when a site has not been properly P3P-enabled. In orderfor a privacy report to display the site must be properly P3P-enabled with afull P3P policy and policy reference file. The first thing you should do isuse the W3C Validator to make sure there are no syntax errors in these filesand verify that they have been placed in the proper location on your Webserver. If the Privacy Report is available from some pages on your site butnot others, then you probably have a problem with your policy referencefile. Chapter 8, Creating and Referencing Policy Reference Files, of WebPrivacy with P3P gives detailed information about policy reference files.Web Privacy with P3P explains the P3P protocol and shows web site developershow to configure their sites for P3P compliance. Full of examples and casestudies, the book delivers practical advice and insider tips. Softwaredevelopers, privacy consultants, corporate decision-makers, lawyers, publicpolicy-makers, and any individual interested in online privacy issues willfind this book a necessary reference.About the Author:Lorrie Cranor is a principal technical staff member in the Secure SystemsResearch Department at AT&T Labs-Research Shannon Laboratory in FlorhamPark, New Jersey. She is chair of the Platform for Privacy PreferencesProject (P3P) Specification Working Group at the World Wide Web Consortium.Her research has focused on a variety of areas where technology and policyissues interact, including online privacy, electronic voting, and spam.___ End Quote __-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Associated Messages, from the most recent to the oldest:
On the use of cookie for tracking cart number .... We too use this methodfor sites operating out of Japan, Singapore, South Korea and China. We havehad a couple of customers disabling cookies but the occurrence is far toolittle to be of prime consideration.Having said that .... A new animal is in town that can really force some ofus to rethink the way of the cookie or at the very least .... Abide by thenew rules. It is a new W3C Recommendation called P3P and is currentlyadopted by MIE 6.0 .... With the rest soon to follow.I like the cookie tracking method for cart session values and am trying tofigure out if there is any other alternative to it ... I.e. The benefits ofcookie without actually using a cookie. Apple's WebObjects claims to be ableto do this even though I have not had the time to explore it fully.Anyway .... Extracted below is the article that explains the P3P rule andyes, we are starting to see cookie related issues as more folks adopt IE6.0in our market._________ Extract ________Help! IE6 Is Blocking My Cookiesby Lorrie Cranor, author of Web Privacy with P3PI regularly hear from Web site developers who have added a newcookie-enabled feature to their site only to discover that visitors usingthe Microsoft Internet Explorer 6 (IE6) Web browser are unable to use it.After a little investigation, they discover the problem has something to dowith cookies and a new W3C Recommendation called P3P. What is P3P? theyask. What does it have to do with my cookies? And how can I stop IE6 fromblocking them? The answers to all of these questions and more can be foundin my new book, Web Privacy with P3P. In this article, I will give you aquick introduction to P3P and an overview of what you need to do to preventIE6 from blocking your cookies.What is P3P?The full name for P3P is the Platform for Privacy Preferences Project. P3P1.0 is an official recommendation of the World Wide Web Consortium (W3C)that was approved in April 2002. P3P provides a standard way for Web sitesto encode their privacy policies in a computer-readable XML format. Thisallows P3P-enabled Web browsers and other P3P user agents to fetch P3Pprivacy policies automatically, parse them, and compare them with a user'sprivacy preferences. P3P user agents can use the information in a P3P policyto provide a summarized version of Web site privacy policies to users. Forexample, IE6 offers a Privacy Report option from the View menu, and Netscape7 includes a Privacy Summary button on its Page Info screen. The AT&TPrivacy Bird is a free Internet Explorer add-on that puts a bird icon in thecorner of a user's browser window. The bird changes color to indicatewhether or not a site's P3P policy matches the user's preferences. Users canalso click on the bird to get a summary of a site's privacy policy.The P3P 1.0 Specification also defines an abbreviated version of a P3Ppolicy, called a compact policy, that can be transmitted in HTTP headerswhen cookies are set. Some P3P-enabled browsers, such as IE6, use theinformation in P3P compact policies to make cookie-blocking decisions.Many of the Web's most popular sites have adopted P3P. Early adopters of P3Pinclude information sites, such as About.com; search engines, such as Yahooand Lycos; advertising networks, such as DoubleClick and Avenue A; travelagencies, such as Expedia; and telecommunications companies, such as AT&T.Why Does IE6 Block My Cookies?IE6 includes privacy features that can be used to selectively block cookiesbased on their P3P compact policies. For detailed information about thesefeatures, see Privacy in Internet Explorer 6 on MSDN (reproduced as AppendixC in Web Privacy with P3P). In the default IE6 settings, which most usersnever change, third-party cookies are blocked when they do not have compactpolicies or when they have unsatisfactory compact policies. Most sitesthat are experiencing cookie-blocking problems have third-party cookies ontheir site that do not have P3P compact policies.What are Third-Party Cookies?Cookies are associated with a Web page or with an image or other objectembedded in a Web page. When a page or object is served, the server adds aspecial header that sets the cookie on the user's machine. Sometimes, Webpages include images, frames, or other content that is located on a sitewith a different domain name than the page in which it is embedded. Forexample, it is quite common for Web sites to embed banner advertisementsthat are served by an ad company. If any of these third-party images orobjects set cookies, than they are referred to as third-party cookies.Sometimes the domain from which a third-party cookie is set is owned by thesame company as the Web page it which it is embedded. For example, a Webpage at http://example.com/ might include an image and cookie fromhttp://example.org/. However, IE6 does not know which sites are reallyrelated, so any cookie from a different domain than the site in which it isembedded is considered a third-party cookie.Some cookie-blocking problems occur when a site is framed by another site.For example, a CD store that is part of an online shopping portal may appearin a frame provided by the portal. From the perspective of the browser, theCD store content may appear to be third-party content when framed by theportal. However, if a visitor goes directly to the CD store without goingthrough the portal, the content will be first-party content. Thus, the CDstore will find their cookies are blocked only when visitors come in throughthe portal. Web-based mail systems also cause a similar problem. If a Website visitor emails a Web page to a friend who uses a Web-based mail system,the email message will appear as third-party content to the friend'sbrowser, because it is framed by the email system. If there are any cookiesassociated with the page that was emailed, they will be treated asthird-party cookies by IE6.How Can I Prevent IE6 from Blocking My Cookies?To prevent IE6 from blocking cookies on your site, you need to make surethat all of the cookies that are being set in a third-party context have P3Pcompact policies associated with them, and that those compact policies areconsidered satisfactory by IE6. If the third-party cookies are being set byanother company, you may need to ask them to P3P-enable and set P3P compactpolicies. Any host that sets a P3P compact policy must also have acorresponding full P3P policy. Users can change their IE6 settings so thatcookies will be blocked under other conditions as well; however, placingsatisfactory compact policies on third-party cookies will prevent most IE6cookie blocking.Unsatisfactory cookies are basically cookies with a P3P compact policy thatindicates that the cookie may be associated with personally-identifiableinformation that may be shared with other companies, used for marketing,used for profiling, or used for unknown purposes -- without giving the userthe option of opting out. There is a detailed explanation of satisfactoryand unsatisfactory cookies in my book and on the Microsoft Web sitereferenced above. How Do I P3P Enable My Web Site and Use Compact Policies?P3P-enabling a site need not be difficult, time consuming, or expensive. Asmall site that has an existing privacy policy may be able to getP3P-enabled within a few hours. However, I know from experience that P3Penabling a site for a multi-national company that has dozens, or evenhundreds, of Web servers for many different business units located aroundthe world can be a challenge. Fortunately, the task can be accomplishedincrementally, and P3P can be rolled out one server at a time, if need be.In Web Privacy with P3P I describe the process of P3P-enabling a Web site inseven steps. Here is a summary of this process:1. Hopefully, your site already has a privacy policy. If not, you need tocreate one. This is not only essential for using P3P, but also good businesspractice. Chapter 5, Overview and Options, of Web Privacy with P3Pincludes some tips on writing a privacy policy and links to online resourcesthat you may find helpful.2. Once you have created a privacy policy, you will need to analyze the use ofcookies and third-party content on your site. Privacy policies describe thekinds of data a company may collect, but they generally do not go into muchdetail about the ways in which cookies are used. Cookies can enableotherwise non-identifiable data to be linked to identifiable data, sometimesunintentionally. They may also enable data to be shared in unanticipatedways. It is important to analyze how cookies are used on your Web site andhow they interact with other cookies and with HTML forms. It is alsoimportant to identify cookies that may be treated as third-party cookies.3. Next, determine whether you want to have one P3P policy for your entire siteor different P3P policies for different parts of your site. If you alreadyhave multiple privacy policies for your site, then you will probably want tohave multiple P3P policies as well. For example, some sites have differentpolicies associated with different types of services they offer. Even if youhave a single, comprehensive policy for your entire site, you may want tohave multiple P3P policies. For example, your site's privacy policy mightinclude a statement like We do not collect personally identifiableinformation from visitors except when they fill out a form to order aproduct from us. You might wish to create two P3P policies -- one for useon most of your site where there are no forms, and the other for usespecifically on the parts of the site where visitors fill out forms to orderproducts.4. Create a P3P policy (or policies) and compact policy for your site. You canuse one of the P3P policy-generator tools listed at http://www.w3.org/P3P/to easily create a P3P policy and compact policy without having to learnXML. My personal favorite is the P3P Policy Editor from IBM, which isavailable as a free download. Chapter 7, Creating P3P Policies, of WebPrivacy with P3P includes step-by-step instructions for using the P3P PolicyEditor.5.Create a policy reference file for your site. Most of the policy generatortools will help you create a policy reference file. This file lists all ofthe P3P policies on your site and the parts of your site to which theyapply. In most circumstances, you will have just one policy reference filefor your entire site.6. Configure your server for P3P. On most sites, this can be done by simplyplacing the P3P policy and policy reference files on the Web server in theproper locations. (Usually, the proper location for the policy referencefiles is /w3c/p3p.xml -- which is known as the well-known location.)However, due to the way some sites are set up, they may find it advantageousto configure their servers to send a special P3P header with every HTTPresponse. Some sites may find it useful to add special P3P LINK tags totheir HTML content. Sites with third-party cookies (and some sites withfirst-party cookies) will also want to configure their servers to add P3Pcompact policies to their HTTP set-cookie responses. Appendix B of my bookprovides instructions for configuring several popular Web servers to dothis. This information is also available online.7. Test your site to make sure it is properly P3P enabled. The W3C P3PValidator can be used to test your site and report back a list of anyproblems it finds. Of course, this tool cannot verify that your P3P policymatches your privacy policy, or that either policy conforms with your actualpractices. But it can make sure that your policy and policy reference filesare syntactically correct and that you've configured everything properly.This tool can also be used to verify that your server is issuing P3P compactpolicies when it sets cookies. You can try the W3C P3P Validator.Some Web developers have told me that they found P3P policies and compactpolicies on random Web sites and copied them onto their own sites in orderto quickly P3P-enable. This is a very bad idea! P3P policies are similar tocontracts. They make statements about Web site privacy policies that must beconsistent with the site's human-readable privacy policy, as well as thesite's actual practices. You may want to review other Web sites' P3Ppolicies to better understand P3P, or take a look at the examples in mybook, but make sure the policies you post represent your site's actualpractices!I P3P-Enabled My Site, But My Cookies are Still Being Blocked by IE6There are several reasons why this may happen. It may take a littledetective work to solve the problem, but usually it is solvable.Most often, the problem is that the Web server is not actually issuing theP3P compact policy with the set-cookie responses. In some cases, it may beissuing the compact policy with some set-cookie responses, but not withothers. You can use the W3C P3P Validator to check whether the compactpolicy is being issued. Fixing this problem depends on your particularserver and how the cookie is being set.Sometimes the problem is that the compact policy is not syntacticallycorrect. This is easily checked with the W3C P3P Validator.In other cases, the compact policy is correct, but it does not meet IE6'squalifications as a satisfactory policy. The P3P Policy Editor providesinformation about whether a compact policy is considered satisfactory. Someof the Web-based compact policy tools listed on the W3C Web site alsoprovide this information. If your compact policy is not satisfactory, youmay need to change your site's data practices. Generally, this involvesproviding a way for users to opt out of having their data used in certainways. Sometimes cookies are blocked only when users change the IE6 defaultcookie settings. In this case, a user has selected more stringent criteriafor cookie blocking. Again, you can change your practices to meet thesecriteria. However, this is not always possible. You should make sure yourapplications at least fail gracefully in cases where your cookies areblocked. Ideally, your applications will be able to operate (at leastpartially) without cookies, or they will notify the user that cookies arerequired and provide instructions for overriding the blocking.I have seen a few cases where P3P-enabling a site solves the cookie-blockingproblem, but the developer who is testing the site doesn't realize this,because their browser has stored old cookies that are still being blocked.If all else fails, try removing your site's cookies from your computer (oreven deleting all of your cookies) and restarting your browser to seewhether the new cookies are still being blocked.My Cookies aren't being Blocked, But Users are Not Able to View an IE6Privacy Report for My SiteUsually this occurs when a site has not been properly P3P-enabled. In orderfor a privacy report to display the site must be properly P3P-enabled with afull P3P policy and policy reference file. The first thing you should do isuse the W3C Validator to make sure there are no syntax errors in these filesand verify that they have been placed in the proper location on your Webserver. If the Privacy Report is available from some pages on your site butnot others, then you probably have a problem with your policy referencefile. Chapter 8, Creating and Referencing Policy Reference Files, of WebPrivacy with P3P gives detailed information about policy reference files.Web Privacy with P3P explains the P3P protocol and shows web site developershow to configure their sites for P3P compliance. Full of examples and casestudies, the book delivers practical advice and insider tips. Softwaredevelopers, privacy consultants, corporate decision-makers, lawyers, publicpolicy-makers, and any individual interested in online privacy issues willfind this book a necessary reference.About the Author:Lorrie Cranor is a principal technical staff member in the Secure SystemsResearch Department at AT&T Labs-Research Shannon Laboratory in FlorhamPark, New Jersey. She is chair of the Platform for Privacy PreferencesProject (P3P) Specification Working Group at the World Wide Web Consortium.Her research has focused on a variety of areas where technology and policyissues interact, including online privacy, electronic voting, and spam.___ End Quote __-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Terry Nair
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
cart (1997)
Disappearing records (2002)
writing cart to db (1998)
Active Server Code... (1998)
[delete] problem (1997)
WebCat2.0 [format thousands .0f] no go (1997)
[WebDNA] sudo and shell (2010)
HomePage Caution (1997)
Need relative path explanation (1997)
WebCat2: Formulas.db question (1997)
Re:2nd WebCatalog2 Feature Request (1996)
Can't use old cart file (was One more try) (1997)
Tcp Connect and IPaddress (2000)
WebCatalogCtl (2003)
Mozilla/4. and Browser Info.txt (1997)
[BULK] Fwd: [WebDNA] [BULK] WebDNA discovery in the Console - [having many crashes] (2011)
Multiple security dbs (1997)
protect tag on NT IIS (1997)
emailer (1997)
Shopping cart not being assigned (1999)