Criag; How true the statement is that you need to have a p3p policy active on your website in order to use cookies. If you live in the United States you can get a p3p policy generator software through IBM free to use. There other sites online that you can use but I have found that the IBM generator with a little work on the users end will produce a very exceptable P3P policy. You will also need to create a HTML Privacy Policy to put on your site. I am not in the business of marketing P3P but you can see my Privacy Policy at http://acssystem4u.com/w3c/acsprivacypolicy.htm If you drop me a line using my contact form at the bottom of the page I will send you the link to IBM's p3p policy generator. Robert Anderson
The IBM generator doesn't seem to work. It generates SOMETHING but the files it generates do NOT PASS the validation tests for the P3P policy. http://www.w3.org/P3P/validator.html So I'm sort of at a loss for what to do. I don't want to pay $29 for a P3P policy that might not pass validation. This whole P3P thing is a pile of excrement. How can IE force you to put a P3P policy in place BUT there not be better tools or systems to create these P3P policies?
Dug into this a little.. OECD provides an online free privacy statement generator: http://www2.oecd.org/pwv3/ in connection with this free online tool which will generate the necessary XML files to ensure you pass validation: http://www.vsubhash.com/projects/privacy_policy_gen.asp
policy files I created the P3P policy using a toolkit as follows (output attached): From: oecd.org online editor: http://www.doctorquek.com/privacy/privacypolicystatement.html from this site: http://www.vsubhash.com/projects/privacy_policy_gen.asp: http://www.doctorquek.com/w3c/p3p.xml http://www.doctorquek.com/policy/privacy.xml When I entered into Validater, I get the attached error message. 1. In Step 1, it says: Message: P3P policy indicated at line 3 can be accessed. However, the policy file might have syntax errors or warnings. 2. In Step 2 it says: HTTP headers have no P3P: header. 3. In Step 3 it says: HTML document has no P3P compliant link tags. 3. In Step 4 it says: Step 4-1: Syntax check Policy file has syntax errors or warnings. Error: The root elemnt of P3P policy MUST be <POLICIES>, or <META>. Can anyone advise?
Did you get this rectified or not? I have managed to get it all down except I still have the issue with: Step 2: HTTP Protocol Validation ( HTTP headers ) HTTP headers have no P3P: header. Don't know what this is??
I thought this was an error. It's saying that Step 2: HTTP Protocol Validation ( HTTP headers ) HTTP headers have no P3P: header. i.e. headers are missing p3p: header
P3P does it still apply? Hi, These posts in this thread are 2 years old, but our manual still tells us: Last, but not least, you have to make affiliate cookies working. Recent version of IE and other browsers have the following "feature" - it don't store permanent cookies from websites that don't have P3P policy. Please read this website http://www.p3ptoolbox.org , then build and install your own P3P policy. But I just just got on their site and it says the site is no longer active and that post is dated 2005. Before I jump through all these hoops I would like to know if this is even necessary anymore? Thank you - again! Claudia Beck
Claudia, It's not required but recommended setting. That note in manual was relaed to IE6 it have too restrictive privacy setings by default. That is not valid for latest browsers but anyway, use can change privacy settings manually so if your site will not have p3p, affiliate cookies will not be accepted by user's browser. Contact us in helpdesk we will help to setup it.