p3p2html is a document for parsing a p3p policy document and converting it to HTML, hilighting unknown or suspicous portions of the policy.
p3p2html is a product of a mechanical transformation from a P3P grammar taken from the P3P specification. Common uses of XSLT impart an almost heuristic approach to interpretaion -- the stylesheep (baah) matches the portions of the document for which it has matching templates and simply ignores the rest. p3p2html imparts the syntactic strictness of the P3P grammar. All unknown elements or elements not defined in the grammar are quoted verbatim and flagged with an appropriate style in the produced HTML. The styles used are:
The implementation of a notion of grammar validation may seem redundant as there are allready XML schema and RelaxNG scheam and DTD validators that can perform this task. The p3p2html "validation" is aimed at presenting areas of interest to the user beyond those that a schema validator would hilight. For instance, the XML P3P schema allows any element to appear inside an EXTENSION element. The semantics of those elements require user attention despite the fact that they are considered syntactically legal.
p3p2html does not (currently) enforce any cardinality constraints from the schema. Coding this is possible, but may be exceeding the purpose of XSLT, expecially as their are many tools for schema validation.
The mechanical transformation is not available in code. Much of the work was done in ephemoral emacs macros and substitutions from the template at the bottom of the stylesheet (look for
<xsl:template match="p3p:PROD1">). It would be feasible to annotate the RelaxNG schema for P3P with presentation information, allowing the entire process to be mechanical. Such a tool would be useful for any language specified by a similarly annotated RelaxNG schema.
User preferences are hard-coded and capriciously implemented, more of a proof of concept, really. For instance, resolution type service is redFlagged as it comes down to a question of whether the user trusts the service. In this, I gave W3C no hard-coded trust above that of any other site. In practice, rule interactions will be more complex than those modeled here. For instance, if one trusts site administrators with personal information and the recipient is ours, there would be no need to flag a purpose of other.
Not all of the grammar is implemented. A shortcut in the initial assumed grammar ommited the dataschema production (and element). This will be remedied given sufficient interest in this project.