Re: A P3P Assurance Signature Profile from Lorrie Cranor on 2000-11-08 (w3c-ietf-xmldsig@w3.org from October to December 2000)

From: Lorrie Cranor <lorrie@research.att.com>
Date: Wed, 8 Nov 2000 16:20:53 -0500
To: "P3P Members/Experts" <w3c-p3-interest@w3.org>, "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>, "Joseph M. Reagle Jr." <reagle@w3.org>
Message-ID: <0dde01c049c9$d00fe290$9816cf87@barbaloot>

Joseph,

Thank you for preparing the draft document on P3P Assurance
Signature Profiles. The P3P Specification Working Group
reviewed it at our face-to-face meeting last week. Overall,
we think your suggestions for signing P3P policies
and putting the signature in a seperate document sound
reasonable. We agree that attaching a signature directly
to a P3P policy or policy reference file would be nice, but
we are not prepared to work on that for P3Pv1. That is
certainly something that could be examined for version 2.

Some members of the spec group plan to review your
document further and may send you some additional
comments.

Regards,

Lorrie Cranor
P3P Specification Working Group Chair

----- Original Message -----
From: "Joseph M. Reagle Jr." <reagle@w3.org>
To: "P3P Members/Experts" <w3c-p3-interest@w3.org>; "IETF/W3C XML-DSig WG"
<w3c-ietf-xmldsig@w3.org>
Sent: Friday, October 20, 2000 11:52 AM
Subject: FYI: A P3P Assurance Signature Profile


> I've written a draft XML Signature Profile ( < 10 pages) in an invented
P3P
> context [1]
>
> This might be of interest to XML Signature folks because it shows how one
> might use signatures in an application context (particularly the
definition
> of a signature semantic).
>
> This might of interest to P3P folks because it shows how P3P might be
fitted
> with Signatures, and it includes a basic XSLT that transforms P3P policy
in
> XML --> English statement in  HTML.
>
> [1] http://www.w3.org/2000/10/xmldsig-p3p-profile/
>
> Abstract
> This document specifies a P3P Assurance Signature Profile.
>
> Status of this document
>
> This document has no status what-so-ever. It is a very rough draft of the
> author that hasn't received any review. It is not intended to be a
normative
> specification. Instead, it an captures the authors' thoughts on how
> applications might use the XML Signature specification to meet their
> requirements (defining signature semantics and algorithm profile) via the
> P3P application context.
>
> __
> Joseph Reagle Jr.
> W3C Policy Analyst                mailto:reagle@w3.org
> IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
>
>

Received on Wednesday, 8 November 2000 16:21:34 UTC