URI Escaping from Giles Hogben on 2001-10-29 (www-p3p-dev@w3.org from October 2001)

From: Giles Hogben <giles.hogben@jrc.it>
Date: Mon, 29 Oct 2001 19:06:22 +0100
To: "p3pdev" <www-p3p-dev@w3.org>
Message-ID: <009b01c160a4$6ab9a960$162abf8b@pcdsa22>

We would like some clarification on this section of the current P3P spec, as we are still not clear what it means


a.. URIs represented in policy-ref files MUST be properly escaped, as in [URI]. 
b.. P3P user agents MUST escape any characters which should be escaped, as according to [URI], before attempting to match a URI for a policy. 
c.. P3P user agents MUST un-escape any escaped sequences which resolve to URI-legal characters, according to [URI], before attempting to match a URI for a policy, EXCEPT 
d.. Literal '*'s in URIs MUST be escaped by P3P user agents before attempting to match a URI for a policy. 
e.. P3P user agents MUST ignore any URI pattern that does not conform to [URI] 

We find these points very confusing.

1. We are not clear if this means that the escaping and unescaping should be done by the author of the Policyreference, or by the automated agent. If by the automated agent, how does he know whether % signs are not already part of an escape sequence or are meant literally?
2. Do all points apply to about attribute values as well as Include and exclude element contents.
3. How does an automated user agent know if a * is literal or not?
4. Once escaping has taken place, what would constiture a "pattern that does not conform to [URI] ".

Could some examples be given to clarify this?

Thanks

Giles Hogben,

EC Joint Research Center P3P Development team,
Ispra,
Italy

Received on Monday, 29 October 2001 13:04:49 UTC