- From: Serge Egelman <egelman@cs.cmu.edu>
- Date: Thu, 05 Jul 2007 13:08:10 -0400
- To: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- CC: Web Security Context WG <public-wsc-wg@w3.org>
I'm not entirely sure either; it would seem that this is out of scope. If a site has P3P, that really isn't security context information. A phishing site can just as easily post a P3P policy (hey, if they're already breaking laws, why worry about FTC sanctions?). P3P is for disclosing practices regarding personal information, it was never meant for security. serge Mary Ellen Zurko wrote: > > I don't understand thsi topic. Can you give some examples? Or does > someone else understand this and what the issues are? > > > > *Web Security Context Issue Tracker <dean+cgi@w3.org>* > Sent by: public-wsc-wg-request@w3.org > > 07/02/2007 07:53 AM > Please respond to > Web Security Context WG <public-wsc-wg@w3.org> > > > > To > public-wsc-wg@w3.org > cc > > Subject > ISSUE-92: P3P and Internet filters > > > > > > > > > > > ISSUE-92: P3P and Internet filters > > http://www.w3.org/2006/WSC/Group/track/issues/92 > > Raised by: Bruno von Niman > On product: Note: use cases etc. > > The activity should strive for compatibility and consistency with the > W3C P3P > specifications and compatibility with currently used Internet filters, > in order > to satisfy basic consumer requirements on reliability, accessibility, > usability > and security. > As a piece of useful input, we recommend ANEC’s study of Internet > filters (ANEC- > R&T-2006-ICT-002), downloadable from www.anec.org. > > > > > -- /* Serge Egelman PhD Candidate Vice President for External Affairs, Graduate Student Assembly Carnegie Mellon University Legislative Concerns Chair National Association of Graduate-Professional Students */
Received on Thursday, 5 July 2007 17:09:17 UTC