W3C home > Mailing lists > Public > www-p3p-policy@w3.org > August 2002

Expressing advanced policies in P3P (Was: Policy for an Internet registry [EUreg #2656]

From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Date: Wed, 14 Aug 2002 09:49:38 +0200
To: www-p3p-policy@w3.org
Message-ID: <20020814074938.GA30352@nic.fr>

On Tue, Aug 13, 2002 at 06:19:19PM +0200,
 Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote 
 a message of 20 lines which said:

> I'm a lazy beginner in P3P and I would like to know if there is an
> already existing policy file for an Internet domain
> registry. 

We have certain human-readable policies which I find difficult to
express in P3P. 

1) We plan to allow people to opt-out the disclosure (by whois or
whois-like services) of all contact information but one (we need to
publish at least a phone number *or* an email address *or* a fax
number). If I put all these elements in a STATEMENT which is covered
by an opt-out policy, how to ensure that at least one remains public?

2) We plan to allow people to opt-out the disclosure (by whois or
whois-like services) of their personal data only if they fulfill some
roles in the registry database. For instance, we might allow the
holder ("registrant") of a domain name to remain completely hidden,
but not the administrative contact (whose purpose is to be contacted,
after all). Again, I do not know how to express that.

Lorrie, if your book contain the replies to all my questions, I shut
up and I buy it :-)

Conclusions like "P3P is for Web sites only, you should find another
mean to formally express the privacy policy of an Internet registry"
are acceptable, too.
Received on Wednesday, 14 August 2002 03:49:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 17 January 2012 12:13:10 GMT