|
|
Protocol Outline |
-
Client includes a "p3p-extension" HTTP header with initial GET
-
Uses "Mandatory" HTTP extension
-
If server understands P3P, it can reply with a "proposal" message in another
HTTP header
-
Proposals are expressed in XML, as RDF data, using a "harmonized vocabulary"
to describe the privacy policy
-
Proposals can be referenced by URI
-
Server's reply may include alternative proposals
-
Client can accept one of the proposals by returning its ID in an HTTP header
in the next GET
or
-
Client rejects all proposals by (quietly) going elsewhere
-
Client can also reject all proposals with feedback
-
If an accepted proposal includes a request for user data, client will return
that data with the GET