Minutes P3P meeting May 7, 2003 from Dobbs, Brooks on 2003-05-07 (public-p3p-spec@w3.org from May 2003)

From: Dobbs, Brooks <bdobbs@doubleclick.net>
Date: Wed, 7 May 2003 17:45:49 -0400
To: "'public-p3p-spec@w3.org'" <public-p3p-spec@w3.org>
Message-ID: <D464F551A951ED4E804B9713B519E6C90AAB55@NYC-EX101.doubleclick.net>
P3P 1.1 WG call May 7, 2003

Attendees:

Lorrie Cranor, AT&T, Chair
Brooks Dobbs, DoubleClick, Minutes
Rigo Wenning, WSC 
Giles Hogben, JRC
Patrick Hung, CSIRO
Matthias Schunter, IBM 
Joseph Reagle

Marc Lanheinrich - regrets

Started 11:06 EST

1. Update on P3P 1.1 chartering (Rigo)

2. Task force reports

-P3P beyond HTTP
Joesph: Hoping to have something by next week.  Then feed back and then
pushed out to web services.  Suggests getting feedback from liberty
alliance.


-USER AGENT BEAVIOUR
Lorrie: we have gotten some feedback hoping for more

-Compact policies
Brian not on call

-Article 10 vocabulary issues - Giles Hogben
Giles: Will send out an announce Monday with the official regulators from
Brussels on article 29.  
Rigo: there will be questions about vocabulary and enforcement raised here
Giles/Lorrie: hopefully this will just clarify what P3P can and cannot do as
1.1

-Agent and domain relationships
Jack not here

-Consent choices - Matthias Schunter
Not started - Matthias just getting on the list

Matthias: Defines what the sub group does:  Granularity of opt in /opt out
is currently lacking.  

Lorrie:  Add syntax using extension mechanism, add syntax to group together
a set of opt ins or opt outs.  Details to be worked out by this task force
Giles: Is there a consent mechanism on the table for 2.0?
Lorrie: Yes hopefully someone will take this on.


- Converting P3P data schema to XML schema - Giles Hogben
Giles: Compatibity to version 1 was sticking point.  Considered using
parallel versions.  NEXT STEPS to write up a user-friendly specification of
how it would work.
Lorrie:  Great Progress!!! (had to add a progress announcement)

Giles: Problem is that it is so technical that it will likely not be well
reviewed
Lorrie: Just do a 1 or 2 page write up.  This is will either be a section or
appendix in the 1.1 spec.

Rigo: Still need an English explanation


- Signed P3P policies  - Giles Hogben

Giles:  Sent out a justification for what may be the reason for doing this.
I am not entirely convinced myself.
Lorrie: If we have signed policies will people think unsigned policies are
less good?
Giles: If this happens it means that this was a successful thing to do.
Joseph:  Implication still remains that unsigned is not valuable
Lorrie:  Suggests that buy in from Truste and major browsers.  Among the
browser's criteria that UAs use would be this digital signature.

...discussion of crypto an SSL ensues

Giles:  Should we directly contact a seals organization to see if they are
interested?
Giles:  RE: XML based data schema, Massimo was asking if anyone really
wanted it.  Yes Jeremy from Microsoft has been asking when this will be
ready.

3. Discussion of draft backwards compatibility guidelines
http://lists.w3.org/Archives/Public/public-p3p-spec/2003May/0002.html

Lorrie: Suggest there be a guideline that P3P 1.1 be compliant with p3p. 1.0
XML Schema.
Giles: points out that we can use extension mechanism to add attributes that
are still compatibility with 1.0 compliant UAs
Joseph: Should be very careful of fudging.  If you need to make a change you
need to change the namespace.
Lorrie:  None of the 1.0 UAs actually validate against the schema, plan is
not to do this.

Lorrie:  Guidelines are guidelines not requirements and group may not follow
them but need to make a conscious decision and understand why we are not
follow them
Lorrie: asks if we are willing to accept these as a set of guidelines?

Rigo:  How could anyone disagree?
Lorrie:  Now would be a good time to state a problem:  Unanimously agreed to
follow these guidelines


4. Discuss bugzilla 171
    http://www.w3.org/Bugs/Public/show_bug.cgi?id=171

The IBM P3P Policy Editor defines a P3P extension to assign a name
Attribute to the STATEMENT element. This is useful for the editor
itself, but it has also proven useful for user agents when they
display policy summaries to users. We should consider making this
extension an "official" part of the P3P specification -- probably by
referencing the extension in v1.1 and turning it into a regular
attribute (without using the extension mechanism ) in future versions.


Lorrie: Should we incorporate this in 1.1?
Consensus - Approved.  Going into 1.1


5. Discuss bugzilla 178
    http://www.w3.org/Bugs/Public/show_bug.cgi?id=178

Consider including mention of postal code, state, or region
information, etc. in definition of the demographic category in section
3.4

Post poned


NEW ITEM 
Giles: wanted to do some user testing on translations.  There is technology
called "Osozlab", interested in testing the results of our potential
translations.

Lorrie:  We should have consensus on a draft translation this summer.  And
we'll want feedback ASAP.

Giles: We'd need to get this to the students by mid June to begin testing.

Lorrie:  Great to get feedback on what people understand and what they
don't.

Lorrie: says we have attorneys who have volunteered to check the accuracy of
the translations.

Lorrie: Whatever translation we come up with will likely be based on the
pre-existing ones in 
Privacy Bird, IE and Netscape.

Lorrie: encourages comments on the 3 sets of translations.  Lorrie hopefully
be able to distribute her study in the next 2 weeks.

------------------------------------------------------------


Brooks Dobbs
Director of Privacy Technology
DoubleClick, Inc.

office: 404.836.0525
fax: 404.836.0521
email: bdobbs@doubleclick.net
Received on Wednesday, 7 May 2003 18:59:21 UTC