W3C home > Mailing lists > Public > www-p3p-dev@w3.org > April 2006

help me!!!

From: Nguyen Viet Ha <HaNV@fsoft.com.vn>
Date: Fri, 14 Apr 2006 19:41:35 +0700
Message-ID: <2AAB52AC4DF8FB4B801C5B174D3BA2FB1F3BC4@fsoft-email03.fsoft.fpt.vn>
To: <www-p3p-dev@w3.org>
I have been trying to understand what is involved with P3P and I was
dubious about whether a single line of code in a header would solve any
problem, and even worse, if its insertion would open a whole can of
compliance worms.  


>From what I've read regarding P3P there are 3 levels of policy:


1.	Compact policy - that can be inserted into a header for example
- I think this is what eGS have suggested. 
2.	XML policy for machine reading (which can be referenced on each
page, modified for each page, or modified for sections) 
3.	Text policy for human readability 


I understand that P3P is good practice and not a technical nor legal
requirement, but,

What needs clarification is 

-          I understand that even though our system is JSP we can still
include the required HTTP declaration in a header. - is that right?

-          Is there a genuine technical requirement to have a P3P
policy, compact or otherwise, ie: will it be a significant benefit to
our system?

-          Can a compact policy statement code in a header stand alone
as the privacy policy in an application, or it will need the other XML
and text policies to reference to?

-          If a line of code can stand alone in the headers - what
should that code be? (verify the code Gareth Boden has suggested)

-          Will the line of code impact in others ways - new
accessibility issues for eg: other browser problems / user agents.  How
much back testing will be involved?


Received on Friday, 14 April 2006 20:51:38 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:49:16 UTC