Forum OpenACS Q&A: P3P Standard and IE 6.0

Collapse
1: P3P Standard and IE 6.0
Posted by David Kuczek on 09/19/01 07:05 PM
I heard that the new IE 6.0 by default only accepts cookies from sites
that are conform to P3P-Standards.

If your site isn't, the user will have to manually activate cookies.

Anyone familiar with the P3P-process? Worth it?

Collapse
2: Response to P3P Standard and IE 6.0 (response to 1)
Posted by Jonathan Ellis on 09/19/01 10:23 PM
I dunno what p3p is, but I'm browsing openacs.org right now from IE 6, and I didn't manually activate anything...
Collapse
3: Response to P3P Standard and IE 6.0 (response to 1)
Posted by David Kuczek on 09/19/01 10:38 PM
It's good to hear that you didn't have to activate any cookies manually while browsing on IE 6.0.

It might be possible that the people that wrote the article in Germany meant the IE 6.0 that comes with Windows XP...

http://www.w3.org/P3P/

Collapse
4: Response to P3P Standard and IE 6.0 (response to 1)
Posted by Jonathan Ellis on 09/19/01 10:49 PM
relevant quote:
The default setting in IE 6 allows a "first-party" cookie to be set, meaning that if a person visits Yahoo the browser will accept a cookie from Yahoo.

However, "third-party" cookies--most often set by marketers or ad networks to track consumer response to promotions--will be allowed through IE 6 default settings only if the third party allows consumers to opt out of data-collection practices. If the company doesn't give consumers an option, the cookie will be blocked.

my experience confirms this.
Collapse
5: Response to P3P Standard and IE 6.0 (response to 1)
Posted by Bart Teeuwisse on 09/19/01 10:55 PM

IE 6.0 lets you change the privacy settings whereby you can elect to review the site's privacy policy before you add the site to the list of sites whose cookies you accept.

The default in IE 6.0 is to accept cookies more freely, in fact it seems the same as in IE 5.0. Read Microsoft's Privacy in Internet Explorer 6 for the exact definition of the various pre-defined security levels.

If you do choose the review the privacy policy of the site you are visiting before you decide to accept their cookies then IE 6.0 will display the company privacy policy upon entering the site. Sites that don't have a P3P compatible privacy policy show up with a blank page which could leave a bad impression on the user.

I haven't worked with P3P policies yet, but put in a first attempt in the near future

--Bart