Next Steps

[Detailed Notes]

Workshop participants identified a list of areas for possible further work on P3P. Participants were then divided into small groups to discuss and prioritize the list. Individuals volunteered to write-up one-page proposals on how to proceed with the items they were most interested in. The areas we identified as well as links to the writeups produced since the workshop are as follows:

1. Vocabulary issues

(high priority - mostly for P3P1.1, maybe some for P3P2.0)

EU Directive Article 10 issues [Alons o-Blas/Hogben]

primary data uses [Crano r]

general vocab review [Crano r] (maybe long term)

2. Agent status and domain relationships

Add element to indicate agent status, multiple domains owned by same company, etc.[Zwit< /a>] (high priority - possibly for P3P 1.1, otherwise for P3P 2.0)

3. Ambiguities of the 1.0 Specification

Clarifications from Matthias [Schun ter] (short term high priority)

4. Compact policies

(high priority for 1.1)

a. What are performance issues that motivate CP and what are alternative approaches? Where exactly is the problem? [Dobbs ]

b. Semantic issues [Dobbs ]

c. Cross-product problem -- need for grouping mechanism [Dobbs ]

5. User agent behavior

[Zwit< /a>](high priority, either short term or long term)

Human readable notices

user friendly version in spec (must, should, or reference examples)

coordinate with short notices

6. Clarification of the Scope of P3P

Statements in the spec to better articulate what P3P is and isn't [Zwit< /a>](short term high priority)

7. A new binding mechanism

How to use P3P independently of HTTP binding and possibly with references to objects that have no URIs [Weitz ner](quick win)

8. Consent recording mechanism

[Schun ter](long term high priority, not a priority short term)

9. Feedback channel

(little interest)

10. User preference language

-- APPEL, etc. [Hogbe n](high priority)

a. ontology - default languages

11. Convert P3P data schema to XML schema

[Hogbe n](low priority but might be quick win)

12. Coordination with other efforts

[Weitz ner](high priority for both short term and long term)

Liberty Alliance
Other authentication efforts
Web services/SOAP
Geopriv
Short notices
DAML

13. XML signatures for P3P

[Hogbe n](low priority but might be quick win)

14. P3P in backend databases

(little interest -- can be done by individual companies without W3C coordination)

15. Identity management

(independent of other efforts, little interest)

16. Outreach

- to be covered by POWG

Recommendations

A variety of areas of future work were identified for both the short-term and long-term. The consensus was that the immediate next steps should be to charter a working group with a duration of approximately one year to work on the short-term priorities that can be addressed quickly and may impact adoption, and to coordinate with other efforts. This working group would aim to produce a P3P version 1.1 that is backwards compatible with P3P 1.0, perhaps by using the existing extension mechanism. Workshop participants will be supplying short proposals for work in the coming weeks. These will be added to this report and they are received and evaluated.

Further discussions are needed about longer term work. We expect to hold a second workshop in Summer 2003 to discuss longer term issues and make recommendations about how to proceed in addressing them.

Last update $Date: 2003/03/14 19:53:14 $ by $Author: rigo $