[thelist] Privacy Policy Help

Hershel Robinson hershelr at netvision.net.il
Sun Mar 21 08:50:23 CST 2004

We have a secure site which uses cookies and supports MSIE 6 only. One of
our clients wants to access our site via an <iframe> on a page on his site,
instead of directly in his browser, as the rest of the clients do.

We would like to persuade his browser to accept our third-party cookie,
without having to ask the client to adjust his security settings. Would an
appropriate privacy policy help?

I tried to make one using this IBM Alpha thing that was discussed on thelist
some time ago. I put the file p3p.xml on our site at:


and it says:

 <POLICY-REF about="https://our.site.com/privacy.p3p#Privacy">

which comes up in my browser with no problem.

When I go to a page on another site however with an iframe pointed to

IE says that it can't find a privacy policy for

I put the xml and p3p file also in the cgi-bin directory but that doesn't
help either.

Can someone tell me what I'm doing wrong?


More information about the thelist mailing list