Now that IE 6 is out there, I noted that my cookies won't work when the
browser is set to HIGH privacy, though mine are working at MEDIUM HIGH. It
says something about the P3P Compact policy needs to be returned for HIGH to
work. The IBM policy editor I have creates the compact policy, but these
need to be returned as part of the HTTP response header.
How do I get Apache 1.3.22 to include such headers automatically for all
And if the privacy policies are hand-crafted by the site operators, how
would anybody really know if you the policy is honest or not? Seems like
the browser would have to believe the P3P compact policy values, even if the
site really did track the user, for example.