[Geopriv] The Confluence of P3P and GEOPRIV
Andrew Newton <andy@hxr.us> Tue, 29 August 2006 17:27 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GI7N5-0002CB-W1; Tue, 29 Aug 2006 13:27:31 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GI7N4-0002C6-Sx for geopriv@ietf.org; Tue, 29 Aug 2006 13:27:30 -0400
Received: from zeke.toscano.org ([69.31.8.124] helo=zeke.ecotroph.net) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GI7Mz-0005XD-J1 for geopriv@ietf.org; Tue, 29 Aug 2006 13:27:30 -0400
Received: from [127.0.0.1] ([::ffff:208.50.38.5]) (AUTH: LOGIN anewton) by zeke.ecotroph.net with esmtp; Tue, 29 Aug 2006 13:27:02 -0400 id 0158801A.44F478E6.00002EBC
Message-ID: <44F478E3.3080601@hxr.us>
Date: Tue, 29 Aug 2006 13:26:59 -0400
From: Andrew Newton <andy@hxr.us>
User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)
MIME-Version: 1.0
To: GEOPRIV <geopriv@ietf.org>
Content-Type: text/plain; charset="iso-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.1 (/)
X-Scan-Signature: d185fa790257f526fedfd5d01ed9c976
Subject: [Geopriv] The Confluence of P3P and GEOPRIV
X-BeenThere: geopriv@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Geographic Location/Privacy <geopriv.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:geopriv@ietf.org>
List-Help: <mailto:geopriv-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
Errors-To: geopriv-bounces@ietf.org
Rigo Wenning, one of the organizers of the W3C workshop, has sent me his thoughts on P3P and GEOPRIV, and given me permission to redistribute them for comment. -------- Original Message -------- Subject: Re: A privacy-related introduction Date: Tue, 29 Aug 2006 18:56:16 +0200 From: Rigo Wenning <rigo@w3.org> Organization: W3C Hello Andrew, currently there is a bigger set of specifications and technology that geopriv is in context to. The P3P Working Group already introduced in 2001 the "location" category into the P3P Specification[1] to help some japanese services to have P3P express finality, usage, retention and other semantics over location data. Helena Lind (formerly Lindskog) from Ericsson was also part of the P3P Working Group and AFAIK also contributed to geopriv. Ericsson developed a scheme on how to use P3P together with CC/PP and made also an UAProf profile for this[2]. So there is a good way already to attach the announcement of some privacy implication to the client-side. geopriv is adding access control to it, but it would be nice, if this would go beyond the few criteria actually in the RFCs developed by the geopriv WG. At least there should be a reference to the P3P Specification. So my suggestion is, instead of the IETF re-inventing the privacy semantics over time, to use the vocabulary of P3P and to be able to plug that into the current geopriv protocol as expressed by [3]. As all is XML, the challenge is more on the side of scoping the semantics in time and space and to integrate well into the protocol used. P3P 1.1 has developed a generic linking mechanism that could do the trick[4] but that would also need some consideration from geopriv's side. Note that P3P 1.1 is still a Draft while P3P 1.0 is a Recommendation. P3P also defines a full fledged internationalized data format for personal data that can be used for the storage systems as defined by geopriv. This is important because once one wants to express preferences over personal data, it is important to have a sticky link between the data and their preferences. This allows to make personal data go past the trans-enterprise border without losing its privacy attributes. The W3C workshop on 17/18 October will talk more about the challenges inherent to this approach. Now to the SAML-issue. Like [3], SAML[5] is a framework and does not have privacy semantics on its own. The privacy considerations by the SAML TC are rather thin. XACML[6] as a specification for access control hasn't been mentioned at all so far. But again, there is a way to use the P3P semantics to fill in the existing framework. And P3P is for the moment the only world wide agreed privacy ontology that is technically defined and not only a law. So again, it would be nice, if one could link P3P semantics like retention, purpose and disclosure (to third parties) into the protocol actually made. A simple hook with some semantic scope description would be sufficient. Feel free to distribute and discuss my suggestion within geopriv. And I hope for participation in the W3C Workshop on Languages for Privacy Policy Negotiation and Semantics-Driven Enforcement[7]. 1. http://www.w3.org/TR/P3P/#Categories 2. http://www.w3.org/TR/CCPP-trust/ 3. http://www.ietf.org/internet-drafts/draft-ietf-geopriv-common-policy-11.txt 4. http://www.w3.org/TR/P3P11/#generic_attribute 5. http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security#technical 6. http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml#technical 7. http://www.w3.org/2006/07/privacy-ws/ Best, -- Rigo Wenning W3C/ERCIM Staff Counsel Privacy Activity Lead mail:rigo@w3.org 2004, Routes des Lucioles http://www.w3.org/ F-06902 Sophia Antipolis _______________________________________________ Geopriv mailing list Geopriv@ietf.org https://www1.ietf.org/mailman/listinfo/geopriv
- [Geopriv] The Confluence of P3P and GEOPRIV Andrew Newton