W3C home > Mailing lists > Public > public-p3p-spec@w3.org > December 2003

MINUTES of 10 December 2003 P3P Specification Call

From: Jeffrey A Edelen <jeffrey.a.edelen@aexp.com>
Date: Wed, 10 Dec 2003 11:33:13 -0700
To: public-p3p-spec@w3.org
Message-ID: <OFD57C1F01.CA305B14-ON07256DF8.0065AAA4-07256DF8.0065E92C@ipc.us.aexp.com>

Minutes of 10 December 2003 P3P Specification Call

Present:
Rigo Wenning
Dave Stampley
Giles Hogben
Brooks Dobbs
Jack Humphrey
Jeff Edelen

1/ Report on P3P Beyond HTTP

Rigo provided an update on the P3P and WSDL effort.  Expect P3P to define
attributes in a p3p namespace for use by WSDL.  The discussion went into detail
beyond this scribe's ability to capture in the minutes, but there seemed to be
consensus as to the approach, and ammendments to these minutes are welcomed on
the mailing list.

2/ Continued discussion of agent-relationships

ACTION: Jack to distribute revised proposal.

In discussion as to the feasibility of using the "referer" header, Rigo pointed
out that, in addition to other arguments against this approach, the "referer"
header is not to be sent in the safe zone.

After further discussion of typical use-cases involving agent-relationships, it
was agreed that the problem statement requires clarification.

ACTION: All to continue to define problem statement on the mailing list.

3/ discuss the link-texts from Giles and Jeff
+are they ready
+Where should they go,

Discussed Giles' 10/15 email "Cookie linking v2".
Jeff requested clarification as to what information linkages need to be
disclosed at set-cookie time.  Rigo's position that all linked information,
both on-line and off-line, requires disclosure was agreed, with some discussion
as to what constitutes a "reasonable" linkage.
Giles: Can we apply the concept of proportionality as to what information can
be "reasonably deduced?"
Brooks: Declare linkages if the architecture employed is the same as an
architecture one would employ if the intent were to facilitate the linking.
(Jeff: My apologies for the phrasing)

Rigo's suggestion that we need better guidelines on cookie usage in P3P was
agreed.

Discussed the implications of policy evaluation at cookie replay time, versus
set-cookie time.  Arguments for policy evaluation at cookie replay time were
advanced, but further analysis is needed.

ACTION: All to continue discussion of policy evaluation at replay time on the
mailing list.

ACTION: Giles to update cookie linking text to address the effects of adding
linked information to an existing cookie, assuming policy evaluation at
set-cookie time.  That effect being that a new cookie must be set, with the new
policy.

4/ decision on consent-choices
Should we go for the proposal as is? Which deadline for comments
do we give?

No time for this discussion.

5/ Next call proposed for 17 December 2003.




American Express made the following
 annotations on 12/10/2003 11:33:11 AM
------------------------------------------------------------------------------
******************************************************************************

     "This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited.  If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments.  Thank you."

******************************************************************************


==============================================================================
Received on Wednesday, 10 December 2003 13:33:14 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 17 March 2004 17:46:29 EST