Fw: Change to safe zone to include client-side certificates from Lorrie Cranor on 2001-08-14 (www-p3p-dev@w3.org from August 2001)

From: Lorrie Cranor <lorrie@research.att.com>
Date: Tue, 14 Aug 2001 16:49:42 -0400
To: <www-p3p-dev@w3.org>
Message-ID: <03c901c12502$a4e64040$3a06cf87@research.att.com>

The P3P Specification working group adopted the following
clarifications to section 2.4.3 of the spec:

----- Original Message -----
From: "Martin Presler-Marshall" <mpresler@us.ibm.com>
To: <w3c-p3p-specification@w3.org>; <lorrie@research.att.com>
Sent: Wednesday, August 08, 2001 10:04 AM
Subject: Change to safe zone to include client-side certificates


>      I have updated section 2.4.3 of the spec to include mention that
> servers SHOULD NOT require a digital certificate from the client to handle
> safe zone requests. At the same time, I reorganized the text to make it
> easier to see the client and server requirements. I also made it clear
that
> the safe zone applies to policy and PRF requests (that was implied, and I
> believe intended, but not made 100% clear). Finally, I removed an obsolete
> paragraph about how clients MUST ignore any P3P headers which are returned
> on safe-zone requests.
>
>      Here is the new version:
> (See attached file: Section-243.html)
>
>      -- Martin
>
> Martin Presler-Marshall - Program Manager, Privacy Technology
> E-mail: mpresler@us.ibm.com     AIM: jhreingold
> Phone: (919) 254-7819 (tie-line 444-7819) Fax: (919) 254-6430 (tie-line
> 444-6430)

Attachments

text/html attachment: Section-243.html

Received on Tuesday, 14 August 2001 17:03:55 UTC