P3P: Beyond HTTP (P3P-BH) Task Force
Status
This page describes a rough work plan for exploring requirements and
scenarios of using P3P in contexts other than HTTP, specifically XML
applications and Web Services, as described on the P3P1.1 Specfication Task Forces page. The draft
report of this task force is available!
Candidate Applications
Primary: Third Party Intermediary Scenario with
Delegation
The Web
Services Architecture Requirements and PROVREG
provide our main motivating scenarios.
The most interesting/difficult requirement is with respect to delegation
and propagation. The Web Services
Architecture Usage Scenarios has a Third Party
Intermediary scenario that might be an interesting first case.
Others
- GeoPriv,
IETF WG assessing the the authorization, integrity and privacy
requirements that must be met inorder to transfer geographical
information.
- CPExchange, an
extension of the P3P privacy vocabulary, {Access, Purpose, Retention,
Recipient}, with a more extensive XML data profile based on XML Schema
data types.
- Extensible
Provisioning Protocol, a privacy vocabulary based on P3P that
includes {access, purpose, retention}.
- WS-Policy,
a mechanism for communicating the policies of a Web service.
- @@Liberty
- @@ Need to dig up papers on network layering.
Joseph Reagle Jr.
Last update $Date: 2003/06/05 14:09:04 $ by $Author: reagle $