W3C home > Mailing lists > Public > www-p3p-dev@w3.org > August 2001

p3p spec clarification -- 4.5 Transforming a P3P policy to a compact policy

From: Lorrie Cranor <lorrie@research.att.com>
Date: Thu, 9 Aug 2001 10:34:41 -0400
Message-ID: <017a01c120e0$6d0b8840$9816cf87@barbaloot>
To: <www-p3p-dev@w3.org>, <www-p3p-policy@w3.org>
This is a clarification rather than a change. These wording changes
will be reflected in the next public draft of the P3P1.0 specification.



In Sec. 4.5 add a sentence to:

#

All of the purposes, recipients, and categories that appear in multiple
statements in a full policy MUST be aggregated in a compact policy, as
described in section 3.3.1. When performing the aggregation, a web site
MUST disclose all relevant tokens (for instance, observe the following
example, where multiple retention policies are specified.) 

#

Yielding:

#

All of the purposes, recipients, and categories that appear in multiple
statements in a full policy MUST be aggregated in a compact policy, as
described in section 3.3.1. When performing the aggregation, a web site
MUST disclose all relevant tokens (for instance, observe example  4.1,
where multiple retention policies are specified.) 

In addition, for each fixed category data element appearing in a
statement the associated category as defined in the associated schema
MUST be included in the compact policy.

# 

 The blank line should be left in to call out that the last sentence
does not pertain to simply parsing the policy.

Change example 4.1 from

#

[...]

<STATEMENT>
    <PURPOSE><customization required="opt_out"/></PURPOSE>
    <RECIPIENT><ours/></RECIPIENT>
    <RETENTION><stated-purpose/></RETENTION>
    <DATA-GROUP>
      <DATA ref="#dynamic.cookies">
        <CATEGORIES><preference/><uniqueid/></CATEGORIES>
      </DATA>
    </DATA-GROUP>
  </STATEMENT>
</POLICY>


The corresponding compact policy is: 
"NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
#
to:
#
[...]
<STATEMENT>
    <PURPOSE><customization required="opt_out"/></PURPOSE>
    <RECIPIENT><ours/></RECIPIENT>
    <RETENTION><stated-purpose/></RETENTION>
    <DATA-GROUP>

      <DATA ref="#user.name.given"/>

      <DATA ref="#dynamic.cookies">
        <CATEGORIES><preference/><uniqueid/></CATEGORIES>
      </DATA>
    </DATA-GROUP>
  </STATEMENT>
</POLICY>


 

The corresponding compact policy is: 
"NON DSP ADM DEV PSD CUSo OUR IND STP PHY PRE NAV UNI"
# 
 
note the inclusion of PHY. This example underscores the process. 
Received on Thursday, 9 August 2001 10:37:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 18 June 2010 00:12:47 GMT