W3C home > Mailing lists > Public > www-p3p-policy@w3.org > November 2008

Re: recipient semantic

From: Lorrie Faith Cranor <lorrie@cs.cmu.edu>
Date: Fri, 28 Nov 2008 08:31:38 -0500
Cc: www-p3p-policy@w3.org
Message-Id: <90805DA1-8343-4D17-80C4-5C5D8F8C1109@cs.cmu.edu>
To: assadarat@yahoo.com

Yes, service providers who share data with other companies must know  
whether they are the same or different. If they don't know then they  
can use the <unrelated/> tag. There is currently no way to do the  
comparison automatically, although if both parties use P3P that might  
be possible.


Lorrie Faith Cranor  lorrie@cmu.edu  http://lorrie.cranor.org/
Associate Professor, Computer Science and Engineering & Public Policy
CMU Usable Privacy and Security Laboratory  http://cups.cs.cmu.edu/
Carnegie Mellon University, 5000 Forbes Ave., Pittsburgh, PA 15213

On Nov 28, 2008, at 4:59 AM, Assadarat Khurat wrote:

> Hi all,
> I am a newbie for P3P. After reading the P3P specification, I have  
> one question below:
> About <Recipient> element, to be able to select some values e.g.  
> <delivery>, <same> and <other-recipient>, the original service  
> provider must know the data practices of other legal entities so  
> that it can say whether the data practice is the same or different.
> Do I understand correctly? If yes, is there any automatic comparison  
> mechanism specified?
> thank you very much,
> Sand
Received on Friday, 28 November 2008 13:32:15 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:01:10 UTC