In IE 6 a person can set their security setting to High which blocks all cookies which do not have a "compact security policy" This can cause problems for Squirrelcart because the session cookie is never set. Well my qustion was "What is a compact security policy and how do I get one?"

What is a compact security policy?
A compact security policy is a machine readable code that allows a IE (and other P3P enabled browsers) to "understand" how your site will use someones information.

How do I get one?
Download p3peditor (http://www.alphaworks.ibm.com/aw.nsf/download/p3peditor) it's free. Create your security policy. Save the compact policy as text use the code provided in the text file to add a header tag as the first thing on your page such as
header('P3P:CP="IDC DSP COR CURa ADMa DEVa TAIa OUR NOR BUS IND PHY ONL UNI PUR COM NAV DEM"
policyref="http://mysite.com/p3p/w3c.xml"');
Then test it!

More info:
Platform for Privacy Preferences Project (P3P) specification from the W3C (http://www.w3c.org/TR/P3P/)
alphaWorks > App Dev > P3P Policy Editor > Overview (http://www.alphaworks.ibm.com/tech/p3peditor/)
Microsoft Article (http://www.microsoft.com/windowsxp/pro/using/howto/security/ie6.asp[/url)