W3C home > Mailing lists > Public > xmlp-comments@w3.org > July 2002

comments from P3P Specification working group

From: Lorrie Cranor <lorrie@research.att.com>
Date: Fri, 12 Jul 2002 10:26:55 -0400
Message-ID: <00c801c229b0$382a62c0$9816cf87@barbaloot>
To: <xmlp-comments@w3.org>

Dear XML Protocol WG,

On behalf of the P3P Specification Working Group I would
like to raise a concern about the complete absence of any
mention of P3P in any of the XML Protocol documents other
than the Requirements document [1]. Indeed, there is only
a single mention of privacy in any of the XML Protocol documents
under review, and that one mention just points out that
SOAP intermediaries raise privacy issues. We believe that
SOAP may raise considerable privacy issues and that it is
crucial for these issues to be acknowledged and suggestions
for mitigating these issues to be included in the specifications
where appropriate. 

In section 5.2 of the Requirements document [1] it states
"It must be possible to associate a P3P Privacy Policy with 
an XMLP message." In a previous exchange with the
P3P Specification working group [2] we agreed that indeed
it appeared that this was possible. However, we do not
believe that the requirement can be adequately met without
actually documenting how a P3P policy can be associated
with an XMLP message. As there are a variety of ways this
might be done, it is important that your working group
document the preferred method so that implementations
will be interoperable.

In our previous discussion [2] it was suggested that a SOAP
header could be defined to associate a policy with 
a message. (Actually it might make more sense to associate
a policy reference file with a message if there is a way to
uniquely reference messages by URI -- that's a topic we would
be happy to discuss with you further). As far as we can tell, no 
such header has been defined. Furthermore it was 
suggested that a policy could be directly embedded within 
a header. If this mechanism is to be
used, it would need to be documented that embedding a 
P3P policy has the meaning of associating that policy
with the message within which it is embedded. There may
be some scoping and lifetime issues that would also be
necessary to resolve, as well as issues about resolving
potential policy conflicts. 

When XMLP messages are
conveyed over HTTP the existing mechanisms defined
in the P3P1.0 specification may be used to associate policies
with XMLP messages. However, it is unclear to us whether
the P3P specification supplies a sufficient level of granularity
to identify XMLP messages. If it does not, it is likely that
the P3P extension mechanism could be used to provide
this granularity, but again this would need to be documented.
Furthermore, if other mechanisms are defined specifically for
use with XMLP, then conflicts may arise between these 
mechanisms and the P3P1.0-defined mechanisms. The
proper way to resolve these conflicts needs to be documented
as well.

Besides documenting how a P3P policy should be associated
with an XMLP message, we believe it would be useful to offer
some usage scenarios that include P3P. We are concerned
that in the absence of discussion of privacy and P3P, developers
will be likely to ignore privacy issues when implementing
the XML Protocol.

Thank you for your attention to these issues. We would be
happy to discuss possible solutions with members of your group.

Regards,

Lorrie Cranor
P3P Specification Working Group Chair

1. http://www.w3.org/TR/2002/WD-xmlp-reqs-20020626
2. http://lists.w3.org/Archives/Public/xmlp-comments/2002Jan/0022.html
Received on Friday, 12 July 2002 10:36:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:27 GMT