I had an application that requires login and sessions. When the app was loaded to a frame on a website with a different domain name, I found that cookies could not be set in IE6.
The problem is that these cookies were 3rd party cookies, meaning that they were written with a domain name different from the domain name of the main site. For IE6, the default privacy level blocks these 3rd party cookies.
To fix this problem, you can certainly ask your users to adjust their privacy setting. But a more elegant way is to fix it from your side.
I found a great solution from this post:
Add the following to the beginning of each page where cookies will be written:
ASP:
HttpContext.Current.Response.AddHeader("p3p", "CP=\""IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""")
PHP:
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');