Re: proposal to add grouping mechanism to CP

Nice draft!

Am Wednesday 24 March 2004 21:23 verlautbarte Lorrie Cranor :
> I propose changing it to say:
> 

> policy. However, a site MUST make compact policy statements in good
> faith. User agents that are unable to obtain enough information from

This sentence is ambiguous as it can read:
1/ a site MUST make compact policy statements
2/ if a site makes compact statements, it has to do so 
in good faith.

> 
> User agents that use compact policies as part of their decision making
> MUST include a mechanism that allows users to determine that a
> particular decision was made based on a compact policy and to view
> that compact policy. However, user agents that provide general
> information about a site's P3P policies to users MUST use the full P3P
> policy and MUST NOT use the compact policy for this purpose.

The first requirement sounds really strange. It is raw access to 
the tokens as arrived at the user agent. This is normally done 
by experts using telnet or perl tools. But I think this was the consensus 
we had. We should be clear that it is really only raw access.

> 
> I propose adding a section 4.2.10 Compact STATEMENT
> 

> 
> Section 4.5, fourth paragraph, change MUST to MAY (as in "All of the
> purposes, recipients, and categories that appear in multiple
> statements in a full policy MAY be aggregated in a compact policy...."

Why transform? The whole paragraph does not make too much sense 
anymore.

Another thing is, does P3P 1.1 use mandatory extensions? In this case, 
the third paragraph is an issue too:
Full policies that include mandatory extensions MUST NOT be represented 
as compact policies.

> 
> Section 4.6 Transforming a Compact Policy to a P3P Policy should be 
> dropped.
> 
> 
In the same direction, 4.7 could be integrated somewhere instead of having 
an own point. I also wonder why we said SHOULD NOT while the above 
indicates that by inference it is supposed to read MUST NOT.