- From: Lorrie Cranor <lorrie@cs.cmu.edu>
- Date: Wed, 24 Mar 2004 14:45:47 -0500
- To: 'public-p3p-spec' <public-p3p-spec@w3.org>
P3P Call Minutes 3/24/04 11:00 AM Eastern Attendees: Lorrie Cranor (CMU)- Chair Brooks Dobbs - DoubleClick (scribe) Giles Hogben - JRC Jeff Edelen - American Express Jack Humphrey - Coremetrics Dave Stampley - Reynolds and Reynolds Rigo Wenning - W3C Agenda Item 1 - revised agents domain draft Jack - has anyone had a chance to read it over? Brooks - has not Lorrie - let's skip over until people have chance to read over it Agenda Item 2 (skip) Agenda Item 3 - Grouping Mechanism Lorrie: have people read this Brooks: yes - I liked it Lorrie: says that wording should be hint but wants to make sure it is understood that you can't lie Lorrie: any comments? Would you all be inclined to approve it then? Giles: hasn't read yet Jack: are there certain tokens that can't be grouped Brooks and Lorrie: yes it is grouped by same rules as <statement> Dave: suggests a language changes from "must honor" to "must make CP statements in good faith" Lorrie: says okay Lorrie: any objections? Rigo: please add parenthetically "bona fide" to "good faith" Rigo: concerns about attributes. P3P 1.1 CP format expresses 1.0 Lorrie: what isn't supported is an optional extension and this is not a tragic omission Jack: which extension are we talking about? Rigo: the statement already has a grouping extension to allow display of opt in and opt out statements from Matthias Lorrie: if we needed to we could add another layer of grouping to handle this Lorrie: do we need to support this - would there be a case when you wanted to accept or reject a cookie based upon if the entire group was opt in or opt out. Rigo: wants to change camps because he doesn't want them to be "too smart" and then there would be less pressure to do away with them Giles: does this mean that you need to have compact policy parser? Lorrie: is there anyone who wants to argue to add the 1.1 statement grouping into CPs (not the "grouping mechanism" for CPs)? Giles: do we agree that we want CPs dumb? Giles: okay with CP grouping mechanism Lorrie: can we accept this today or do we need time to think? Giles: With regards to displaying policies to user change language to SHOULD use full policy for source of information and specifically not the CP Giles: pushes for MUST rather than should Lorrie: likes Giles argument Brooks: Wants the UA to display the set of information actually used to make a decision Lorrie: suggest language change that reflects that - user agents that provide information to user that make cookie handling decisions must provide information based on the CP or full policy actually used to make the decision Rigo: thinks that this is ambiguous Rigo: thinks that Brooks wants a debugger SYNOPSIS: Brooks pushing for UA to display the ACTUAL criteria actually used to make decision vs. the full policy. Rigo thinks retranslation of CP provides a bad meaning to the end user. Courts will want to use this bad translation. Lorrie: will send out a revision that essentially says that if a UA does use a CP to make a decision it MUST have a mechanism for displaying that CP... UAs that provide general information MUST use the full policy Lorrie: will circulate anther draft Last Agenda Item - Lorrie: Would April 9th be a reasonable date for our next working draft Rigo: what would be added? Lorrie: known-hosts, grouping and some edits Lorrie: can this be our last call draft NO Lorrie: let's get this as close as possible. Let's make us have a mindset that this version internally that all the issues are 95% resolved. Lorrie: very short issues that remain Rigo: Lorrie please send the list the issues that you think remain Lorrie: what is left in bug tracker? Rigo: could you please just send your list? Lorrie: I will send it Lorrie: next meeting - same time next week Brooks Dobbs Director of Privacy Technology DoubleClick, Inc. email: bdobbs@doubleclick.net
Received on Wednesday, 24 March 2004 16:36:37 UTC