Post by David Wal » Sat, 10 Nov 2001 14:46:32

Now that IE 6 is out there, I noted that my cookies won't work when the
browser is set to HIGH privacy, though mine are working at MEDIUM HIGH.  It
says something about the P3P Compact policy needs to be returned for HIGH to
work.  The IBM policy editor I have creates the compact policy, but these
need to be returned as part of the HTTP response header.

How do I get Apache 1.3.22 to include such headers automatically for all

And if the privacy policies are hand-crafted by the site operators, how
would anybody really know if you the policy is honest or not?  Seems like
the browser would have to believe the P3P compact policy values, even if the
site really did track the user, for example.




Post by Joshua Sliv » Sun, 11 Nov 2001 05:06:04

> How do I get Apache 1.3.22 to include such headers automatically for all
> pages?


Joshua Slive



1. P3P for Apache?

This might be a bit early, since P3P is in early stage...
... but then it would be a disaster to be late in starting an initiative.

P3P will be a fundamental building block of an integrated Internet, not by hrefs
but rather with a personal - holistic - centric - dimension. On the server side
a set of useful new analytic and service dedicated automatic
agents/filters/layouts will grow onto the technology.

It would be a loss if the open source society of Internet where left behind
Microsofts (buying firefly, dimension X etc etc) lead, exploring/taking a grip
of this market in its early childhood.

For the first time, microsoft wont be the company running up to meet standards,
but creating them, and that
will be/is quite a challenge for the open community and also the general

Where do we start?
-  apache?

See: www.w3c.org/P3P

I'd like to hear comments and ideas about this.


Btw. P3P includes a lot of export/patent restricted RSA security.
But then... the last implementing link could be sized to one row like in Java
1.1 i.e. Math.BigInteger.expmod(BigInt,BigInt) - ... is it semantics?

< 1K Download

2. Local vs. Networked bootup