Richard Spangenberg wrote: > Hi, > > I am using PHP Sessions in my coding. I have noticed that my cookies work > just fine in MSIE 6.0 if the browser's privacy setting is set to low. > However, in all other settings it is not responding. I bleive this is > because of the P3P privacy setting. Is this a major issue, or are the > higher P3P settings not really being used. > > What are others doing about this? Implimenting P3P at clients sites or > standing by and waiting? >
Well, if you want to get a project done and get paid, you've got no choice but to jump into the P3P stuff. It's a major pain, let me tell you. Getting clients who take 3 weeks to determine what shade of blue they like to suddenly have to positively articulate a privacy policy just isn't my idea of fun. And don't think you can throw just anything in there. If your customer will use the client's info to call them about something, and you indicate in the P3P that no phone calls will be made to the user, you may be in trouble (or at least the site owner would be). The legal ramifications are unknown at this point, but given the big business at stake, and the litigious nature of our society (US anyway) nothing would surprise me at this point. The whole P3P gives too much control to users without requiring any education on their part. Sliding a bar to 'medium' without knowing precisely what it's doing causes nothing but support headaches for the sites. We went through this about 6 months ago. IE6 came out and about 6 percent of our client's users were using it after about a month. Support calls skyrocketed because suddenly a huge number of people couldn't use the site. Cookies weren't being accepted. In every case, it was an IE6 user who'd set their privacy settings up higher than 'low'. We had to hastily put up a P3P policy and modify it later. People were just paranoid about 'privacy', as if moving a slider made them safer. The sad thing is that the slime who *will* sell your name and email and whatever other info they gather will have no compunction about creating a false P3P policy file. Michael Kimsal http://www.phphelpdesk.com 734-480-9961 Guaranteed PHP support when you need it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
