W3C home > Mailing lists > Public > www-p3p-policy@w3.org > August 2001

Re: expiry changes / cookie events

From: Rigo Wenning <rigo@w3.org>
Date: Mon, 6 Aug 2001 12:54:01 +0200
To: Sebastian Kamp <kamp@ti.informatik.uni-kiel.de>
Cc: Lorrie Cranor <lorrie@research.att.com>, www-p3p-dev@w3.org, www-p3p-policy@w3.org
Message-ID: <20010806125401.B712@rigo.inria.fr>
On Sun, Aug 05, 2001 at 05:30:27PM +0200, Sebastian Kamp wrote:
> > > > > Is it correct that the only way then to associate a lifetime to a
> > > > > policy (other than 24-hours) is by putting it into a POLICIES 
> > > > > element?
> >
> > Why do you find this solution incovenient?
> First of all I had the (admittedly vague) intuition, that a policy rather 
> than a collection of policies should have an expiry date.
> A more severe argument is that in the case of "inline" policies (a 
> POLICIES-element within a PRF) it won't be possible anymore to assign 
> different expiry dates to different policies, because a PRF allows only one 
> POLICIES-element.

We discussed the solution of having different expiries on
different <policy>-elements within a <policies>-element. You can
than address the different policy-fragments with XPATH. We had
feedback from implementers, that this creates a big overhead for
implementation. As the adoption is the first challenge of P3P, we
decided to postpone this feature until version 2. 

In any case, it is still possible to have multiple different
files with different <policies>-elements, which have different
expiries. Those can be addressed from one policy-reference file,
so that it is not to hard as a server-side way around the issue.

> Besides it is slightly more work to extract a policy from a file, when one 
> has to consider a POLICIES/EXPIRY element wrapped around the actual 
> policydata. A policy inherits its expiry date from its container, but there 
> is an additional indirection.

There was extensive discussion around this issue. Does the policy
inherit the lifetime of the PRF? An explicit expiry on the
policies-element get's you out of that mess. 

> On the other hand - unfortunately I got the idea first when Nikolaj and me 
> were discussing this matter - one can treat inline policies now the same way 
> one treats external/stand-alone policies.
> This is a remarkable advantage I did not see before ;-)

right, but even the expiry would have allowed this using XPATH..


Received on Monday, 6 August 2001 07:00:24 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:01:07 UTC