For website that require cookies, if using the web site in an Iframe, and parent website is on a different domain, then 3rd party(cross domain) cookies that do not have a compact policy will be blocked on some common browser privacy settings, e.g. IE when privacy setting is set to Medium.
This result on the web site inside the Iframe won't working properly, as session won't work if cookie is not enabled.
P3P compact policy can be applied to website as HTTP header so user agents such as IE can detect the P3P policy and decide whether or not to allow cookies from a particular site.
Please refer to http://en.wikipedia.org/wiki/P3P and http://www.w3.org/TR/P3P/ for further details on P3P definition.
If you are building a test site, you can grab some dummy P3P compact policy online(e.g. CP="CAO PSA OUR"), but if you need a proper one for your production website, generate your own one would be better :-)
There are some softwares or online generators can be used to generate P3P policy. I used the P3P Policy Editor from IBM http://www.alphaworks.ibm.com/tech/p3peditor/ to generate P3P policy.
Unzip the p3pExecutableJar and execute the p3p.jar to load up the software.
You can create a new policy from scratch or create one from one of the templates which I found is easier.
Please refer to this Knowledge Gene Create and Use P3P Policy for Website for detailed instructions.
* To view text views, select a knowde and click Attached Text icon on the right panel header.
For example, Page.Response.AddHeader("p3p","CP=\"CAO PSA OUR\""); for ASP.NET C#,
Adam Young's blog has a very good post about syntax on different languages.
Alternatively, you can set it in IIS for the whole web site. The KGene include instruction on how to set up HTTP header in IIS as well :-)