- From: Lorrie Cranor <lorrie@research.att.com>
- Date: Sun, 17 Dec 2000 13:19:13 -0500
- To: <www-p3p-dev@w3.org>, <www-p3p-policy@w3.org>
Web site and software developers: We expect the December 15 specification announced below to be stable for quite some time. Please update your sites and software according to this specification. And we are very interested in your feedback. Lorrie Cranor P3P Specification Working Group Chair ----- Original Message ----- From: Daniel J. Weitzner <djweitzner@w3.org> To: <w3c-p3p-ig@w3.org> Sent: Sunday, December 17, 2000 11:29 AM Subject: FW: Call for Implementation: Platform for Privacy Preferences 1.0 (P3P 1.0) Becomes a W3C Candidate Recommendation Dear Colleagues, P3P has been advanced to W3C Candidate Recommendation Status. This indicates that the Consortium believes P3P is ready for widespread implementation by the Web community, in user agents, on Web servers, and in server-side software tools. Congratulations to everyone who has worked hard to reach this important milestone. And thanks to all those along the way who have provided constructive, even skeptical, criticism. :-) All of these efforts have contributed to making the P3P specification responsive to the diverse needs of the Web community as a whole. What should you expect next? Watch for implementations. The P3P Working Groups will be looking closely at the experience of implementers and users when we consider advancing P3P the final Recommendation status. Best regards, Danny Weitzner -----Original Message----- From: w3t-request@w3.org [mailto:w3t-request@w3.org]On Behalf Of Janet Daly Sent: Friday, December 15, 2000 6:31 PM To: w3c-ac-members@w3.org Cc: Lorrie Cranor; djw@w3.org; rigo@w3.org Subject: Call for Implementation: Platform for Privacy Preferences 1.0 (P3P 1.0) Becomes a W3C Candidate Recommendation Dear W3C Advisory Committee Representative, W3C is pleased to announce the advancement of the The Platform for Privacy Preferences 1.0 (P3P 1.0) to Candidate Recommendation status. The Platform for Privacy Preferences 1.0 (P3P 1.0) Specification http://www.w3.org/TR/2000/CR-P3P-20001215 Editor: Massimo Marchiori, W3C/MIT/UNIVE, (massimo@w3.org) Authors: Lorrie Cranor, AT&T Marc Langheinrich, ETH Zurich Massimo Marchiori, W3C/MIT/UNIVE Martin Presler-Marshall, IBM Joseph Reagle, W3C/MIT 1 Overview of P3P (from the Abstract and Introduction to P3P 1.0) This is the specification of the Platform for Privacy Preferences (P3P). This document, along with its normative references, includes all the specification necessary for the implementation of interoperable P3P applications. The Platform for Privacy Preferences Project (P3P) enables Web sites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. P3P provides a way for a Web site to encode its data-collection and data-use practices in a machine-readable XML format known as a P3P policy. The P3P specification defines: * A standard schema for data a Web site may wish to collect, known as the "P3P base data schema" * A standard set of uses, recipients, data categories, and other privacy disclosures * An XML format for expressing a privacy policy * A means of associating privacy policies with Web pages or sites, and cookies * A mechanism for transporting P3P policies over HTTP The goal of P3P version 1.0 is twofold. First, it allows Web sites to present their data-collection practices in a standardized, machine-readable, easy-to-locate manner. Second, it enables Web users to understand what data will be collected by sites they visit, how that data will be used, and what data/uses they may "opt-out" of or "opt-in" to. 2 Request for publication and outstanding issues The publication is in response to the Working Group Chair's request, archived in W3C member space at: http://lists.w3.org/Archives/Member/chairs/2000OctDec/0111.html The last-call issues which remain open are listed (along with the other issues raised during last call) in the Working Group chairs' summary of last-call issues at http://www.w3.org/P3P/Group/Specification/p3p-issues.html (W3C Member only) http://www.w3.org/P3P/p3p-issues-public.html (public document) The Director is satisfied that all issues raised during the Last Call period have received sufficient review and consensus in the community. Since the close of the Last Call period, questions regarding requirements for user agent handling of syntactically-incorrect policies have been raised. Exit criteria have been added which will establish how to address this open issue before the specification becomes a Recommendation. 3 Exit criteria The Candidate Recommendation period ends once the milestones below are achieved. Input from implementors will be accepted at least through 15 March 2001. Milestones to be achieved before exiting Candidate Recommendation status: 1. At least one P3P user agent implementation integrated into an HTTP user agent capable of fetching HTML files that includes all of the functionality required and recommended by this specification 2. A second P3P user agent implementation of each specified function (these functions may be demonstrated across several partial P3P implementations or they may be demonstrated in a second full P3P implementation) 3. At least one special-purpose tool for generating P3P policies and policy reference files 4. At least one tool for converting full P3P policies to compact policies 5. At least 10 P3P-enabled production Web sites 6. At least one web site that illustrates each of the example scenarios in Section 2.5 of the P3P1.0 specification as well as at least one Web site that uses mini-policies (these may be either production web sites or demonstration sites) Furthermore during the Candidate Recommendation review period, the Working Group will: 1. Prepare a W3C Note describing RDF data models representing P3P policies and policy reference files. 2. Submit an Internet Draft to the IETF describing the P3P header and request that an RFC be issued documenting this header. 3. Prepare a set of test policies and policy reference files that user agent implementers can use to demonstrate that their implementations behave correctly. This should include examples of policies that contain syntax errors. 4. Specify the appropriate behavior for user agents upon encountering a policy with invalid syntax. The working group also encourages implementors to explore the possibility of implementations in web proxies and mobile devices, as well as implementations that can import user preferences using the [APPEL] language. Please send review comments to: www-p3p-public-comments@w3.org (publicly archived) Should this specification prove very difficult or impossible to implement, the Working Group will return the document to Working Draft status and make necessary changes. Otherwise, the Working Group anticipates asking the W3C Director to advance this document to Proposed Recommendation. Implementors are invited to contact the Working Group chair to participate in the final report. 4 Description of what Candidate Recommendation status means The W3C Process Document describes the Candidate Recommendation status of a specification in Section 6.2.3: http://www.w3.org/Consortium/Process/Process-19991111/tr.html#RecsCR A Candidate Recommendation has received significant review from its immediate technical community (resulting from the Last Call). Advancement of a document to Candidate Recommendation is an explicit call to those outside of the related Working Groups or the W3C itself for implementation and technical feedback. There is no requirement that a Working Draft have two independent and interoperable implementations to become a Candidate Recommendation. Instead, this is the phase at which the Working Group is responsible for formally acquiring that experience or at least defining the expectations of implementation. 5 Status of This Document The "status of this document" section for the Candidate Recommendation reads: This section describes the status of this document at the time of its publication. Other documents may supersede this document. The latest status of this document series is maintained at the W3C. This is the 15 December 2000 Candidate Recommendation of the Platform for Privacy Preferences 1.0 (P3P1.0) Specification. This means that the P3P Specification Working Group (Members-only) considers the specification to be stable and encourages implementation and comment on the specification during this period. for Tim Berners-Lee, W3C Director; Janet Daly, Head of Communications
Received on Sunday, 17 December 2000 13:21:31 UTC