Re: The Platform for Privacy Preferences 1.0 (P3P1.0) Specification

Dan,
While I don't disagree with you on a theoretical level; practically,
this is necessary. It must be possible for a User-Agent to discover
policy for a resource without requesting that resource. 
Additionally:
* HTTP headers are difficult to configure on many servers, and/or
 publishers don't have access to a means of controlling them
* sending an HTTP header on every response is a (to some people)
 signficant and needless overhead to serving traffic (particularly
 if they serve a lot)
* HTTP is but one protocol on the Web; its use is not required. URIs,
 however, are common to everything on the Web. Using a URI to
 associate policy seems more sensible in this aspect.
Cheers,
(speaking for myself)
On Sun, Jun 24, 2001 at 02:40:43PM -0500, Dan Connolly wrote:
> This /w3c/p3p.xml well-known location looks like
> a bad idea.
> 
> This and the .favico and /robots.txt thingies are bad: they shift
> the choice of what name to choose for some resource
> from the publisher to the technology designer.
> 
> By way of suggested alternative, I propose to delete
> the /w3c/p3p.xml stuff altogether; the
> P3P extension header is sufficient. 
> 
> [[[
> 2.2.1 Well-Known Location 
> 
> Web sites using P3P SHOULD place a policy reference file in a
> "well-known"
> location. To do this, a policy reference file would be placed in
> the site's /w3c
> directory, under the name p3p.xml. Thus a user agent could
> request this
> policy reference file by using a GET request for the resource
> /w3c/p3p.xml. 
> ]]]
> 
> -- The Platform for Privacy Preferences 1.0 (P3P1.0)
> Specification
> http://www.w3.org/TR/P3P/#Well_Known_Location
> http://www.w3.org/TR/2000/CR-P3P-20001215/#Well_Known_Location
> 2000年12月15日 22:36:00 GMT
> 
> 
> -- 
> Dan Connolly, W3C http://www.w3.org/People/Connolly/
> 
-- 
Mark Nottingham, Research Scientist
Akamai Technologies (San Mateo, CA USA)

Received on Monday, 25 June 2001 19:48:48 UTC

AltStyle によって変換されたページ (->オリジナル) /