W3C home > Mailing lists > Public > public-p3p-spec@w3.org > April 2003

[BH] Comments on draft-ietf-geopriv-reqs-03

From: Joseph Reagle <reagle@w3.org>
Date: Wed, 9 Apr 2003 15:13:02 -0400
To: jmpolk@cisco.com, jon.peterson@neustar.biz, dmulligan@law.berkeley.edu, jmorris@cdt.org, Jorge.Cuellar@mchp.siemens.de
Cc: public-p3p-spec@w3.org, geopriv@mail.apps.ietf.org
Message-Id: <200304091513.03020.reagle@w3.org>


I've reviewed [1] as part of my background research for the "Beyond-HTTP" 
P3P taskforce [2]. I'm not presently able to draw any conclusions with 
respect to [2] but I think it's an interesting document and have two 
comments.

[1] http://www.ietf.org/internet-drafts/draft-ietf-geopriv-reqs-03.txt
[2] http://www.w3.org/P3P/2003/04-beyond-http.html

[[[
   5.2. The Location Object and Using Protocol
   ...
      Location Object (LO): This data contains the Location Information
         of the Target, and other fields including an identity or
         pseudonym of the Target, time information, core Privacy Rules,
         authenticators, etc.  ...

   Nothing is said about the semantics of a missing field.  For
   instance, a partially filled object MAY be understood implicitly as
   the request to complete it....
]]]

Since a LO contains the core Privacy Rules, one should *not* permit the 
absence of the privacy rule syntax to result in ambigous semantic 
interpretation [3].

[3] http://www.w3.org/TR/md-policy-design#_Semantic_Clarity



[[[
  5.5. Privacy Rules
   ...A full set of Privacy Rules will likely include both rules that have
   only one possible technical meaning, and rules that will be affected
   by a locality's prevailing laws and customs. 
]]]

This, and the example, makes it sound as if these were disjoint sets. "You 
may not store my location for more than 2 days" is very clear even if it is 
overridden by other (legal) rules. This paragraph seems to be confusing the 
articulation of a non-ambiguous rule with the an a posteriori 
interpretation of all operative rules that might exceed the knowledge of 
the Rule Maker or Location Recipient beforehand.
Received on Wednesday, 9 April 2003 15:13:48 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 17 March 2004 17:46:23 EST