Re: locating policy reference files

Hi Lorrie,

thanks for your answer. 

On Tuesday 24 April 2001 15:38, you wrote:
> Even in the scenario you describe, the host company can include
> a policy reference file that provides the policies for all the content
> it hosts. 
Theoretically the host company could, but usually it does not know the 
structure of the subtree (or policies covering different parts of this 
subtree respectively) a foreign company is responsible for. All they can do 
is therefore explicitely say that everything below the root of this subtree 
is out of their responsibility. Otherwise the host company would have to 
adjust *its* policy reference file everytime the *foreign company* changes 
the structure of its subtree/system of policies; which is most certainly not 
what we want.
My suggestion was, that the host company just excludes the subtree from its 
policy reference file (avoiding the 1000 entries problem, see below) and the 
foreign company puts its policy reference file in the root of its subtree.

> The policy reference file may point to the policies for
> each company that it hosts. The problem is that if a company
> hosts content for a large number of clients -- say 1000 clients --
> the policy reference file would have at least 1000 entries. 
> This is a non-trivial amount of extra data to be shipping around. 

> Also, we have been told by some of the content distribution networks
> that their file system is not actually hierarchical, so it is not as
> simple as identifying each client with a directory.
Im not quit sure what you mean by "not actually hierarchical". But I think 
even if a content distribution network has a filesystem that is physically 
organised in some non-hierarchical way there must be a mapping to a logical 
hierarchy, since URLs are hierarchically interpretated.

>
> Regards,
>
> Lorrie Cranor
> P3P Specification Working Group Chair

Regards,
Sebastian Kamp

Received on Thursday, 26 April 2001 05:43:11 UTC