Om World Wide Web Consortium


SICS är ett av de lokala W3C-kontoren i Europa, Afrika och Asien.

W3C:s huvudnoder ligger i USA, Frankrike och Japan.


[info om nyhetsbreven]


Nyhetsbrev november 1999


P3P does not infringe the Intermind Patent


Well that is the major story this month but you may say what is the Platform for Privacy Preferences (P3P). P3P is a W3C project aimed at allowing users to exercise preferences over what a Web site does with the information provided to it by them. At one level it is just an extension of HTTP 1.1 that allows structured data to be exchanged between you and a Web site but when you go down a level it is a way of describing the practices of the web site and the preferences of the user. It adds an extra stage to the dialogue when you first visit a site:

  1. Request a Page from the Web Site
  2. Web site sends back its privacy practices
  3. You say what your preferences are
  4. Negotiation takes place
  5. Eventually an agreement is reached and a unique token called a PUID (Pairwise Unique ID) is established
  6. You send the PUID to the site
  7. It sends back the requested content

On subsequent visits all you need to do is send the PUID and the site will recognise the terms and conditions under which the agreement has been reached and respond accordingly.

Does it sound a bit like cookies? Well the answer is Yes and No. Many Web sites currently use HTTP cookies to develop some relationship with you. When you visit their Web site they will send back a cookie and if you accept it then on a subsequent visit they will be able to identify you. the way most broswers currently work, you are probably unaware of the hundres of cookies sitting on your computer that have been put there by various web sites. With P3P you will have a lot more control over what is taking place.

As you would expect P3P is defined as an XML application based on RDF. Information about the user is divided into a number of classes such as physical contact information (address, phone number), online contact information (email address), demographic information (sex, age etc), preference data (likes Jazz and favourite colour is lime green) and financial information (your Visa number).

The site also needs a vocabulary to define its policy. For example RAL might have a policy:

  • collects clickstream data in our HTTP logs.
  • We keep your first name, age and gender to customise responses.
  • We do not distribute any information outside RAL.
  • We can provide you with access to the information we have collected about you but reading our policy statement at may be sufficient.
  • The Office of Science and Technology provides assurance that we have a Royal Charter to do research and give away the results!

Well all of this has to be put together into a set of RDF statements and they don't look too good. Here is a fragment:

<STATEMENT VOC:purp ="1" VOC:recpnt ="0" VOC:id ="0">
<DATA:REF name ="Web.Abstract.ClientClickStream"/>


All very daunting. This proposal relates to click stream information that is collected without your knowing. The XML nameset VOC is the P3P Harmonised Vocabulary and something like purp is the purpose that the site is going to do with the data and a value of 1 indicates that it will be used for web site administration. A value of 2 would have indicated that it was going to be used for customising the output that they sent you. The attribute recpnt says who else you are going to give the inforamtion to. luckily the value zero stands for just us. A value of 3 would have meant anybody in the world would be given it!

There will be a similar proposal about what they do with the information that you type in on request. Either with the initial request or subsequently you will also have been making the site aware of your preferences.

The Intermind Patent

So let us get back to the Patent. The Intermind Patent (U.S Patent No. 5,862,325) claims rights in certain techniques of controlling interactions between clients and servers, especially with respect to the exchange of personal information. Much of the Internet is based on such technologies and so the assertion of proprietary rights in this field had a chilling effect on the Web community in general and P3P in particular. So the last six months or so has been spent seeing if P3P did infringe this patent. The patent document is quite large and the language is not that easy to understand. The patent talks about communications objects used as control structures to direct client-server interactions. These control structures use object-oriented programming techniques to transfer both executable program instructions and associated metadata from client to server.

W3C's patent attorney Barry Rein concluded that P3P did not use control structures for the user profile file or the site proposal in the way defined in the patent. W3C also got over 100 responses from members giving information some with an indication that this idea had been around prior to Intermind's patent. When you get round to it, sending a Form back via HTTP and the name of the program to process it is pretty close to the Intermind patent. Similarly cookies were around before the Intermind patent (prior art is the term) and this is acknowledged by Intermind.

A full analysis is given at:

It now looks as though progress will resume on P3P with a Recommendation due in the New Year.

XSLT and XPath

I am pleased to announce two new W3C Recommendations: XSL
Transforamtions (XSLT) and the XML Path Language (XPath). Both are now
available on the W3C site at:

XSLT is an XML namespace and a language for specifying transformations
of XML documents into other XML documents. It can be used to produce
HTML pages from XML data that have to be sent to HTML browsers. It's
also a key component for device-independence, as information stored in
XML can be delivered according to the capabilities of the client, after
the appropriate transformation. More generally, XSLT can be used
whenever an XML structure has to be transformed into another structure.

XSLT was developed by the XSL working group. As part of the XSL style
sheet language, XSLT was initially intended to transform an XML document
into another XML structure that combines formatting objects (FOs) to
specify the layout of the source document. The XSL formatting objects
are still under development and are described by a separate document
that will be submitted to the AC as a Proposed Recommendation in the
near future.

XPath is a language for addressing parts of an XML document. It gets its
name from its use of a path notation for navigating through the
hierarchical structure of an XML document. It is used by XSLT to
identify the elements in the source structure that have to be
transformed. It is also used by XPointer to specify a location in an XML
document. It was developed jointly by the XSL and XLink working groups.

The review of these specifications showed an unanimous support from the
AC. Not only all the comments were positive (except one absention),
buttwo third of the answers mentioned plans to implement the languages.
This is a confirmation of the study carried out by the WG in September,
showing that many implementations were in progress. For more details, see:

Some comments were received during the review period, proposing
improvements or clarifications to the specifications. The documents have
been updated to take these comments into account. You will find a
description of the changes made to the Proposed Recommendations at:

Releasing XSLT and XPath opens the door to a number of innovative
applications of XML. I would like to thank the XSL WG and the XML
Linking WG for their hard work and for their key contribution to the
development and deployment of XML architecture.

for Tim Berners-Lee:

Janet Daly, Head of Public Relations

Nya medlemmar

Antalet medlemmar är nu uppe i 363. Här följer en sammanställning på engelska över de senaste medlemmarna:

  • Digitext: this UK company has concentrated on HTML-based HELP facilities.
  • European Broadcasting Union (EBU): the EBU negotiates on behalf of its members for broadcasting rights for major sports events, organizes their programme exchanges, acts as catalyst for coproductions, and provides all the operational, commercial, technical, legal, and strategic services that make their collaboration possible.
  • :into providing personal portal technology.
  • Geotrust:Based In Portland, it provides tools, information and services that protect privacy while creating and leveraging trusted relationships between buyers and sellers on the web.
  • your guess is as good as mine. Visit the web site!
  • Idiom Technologies: based in Cambridge, Mass Idiom's flagship product, WorldServer, allows business to rapidly deploy and efficiently manage high-quality sites tailored to the language and geography of their customers.
  • Informix Software: one of the technology leaders in enterprise database-powered solutions.
  • Invisible Worlds: Invisible Worlds is developing a new protocol and class of distributed Internet servers, aimed at making information about information, or meta-information, easy to use and share.
  • J-Phone Tokyo Co: site is in Japanese!
  • OpenShop Internet Software: the company provides a number of online shopping solutions including OpenShop Auction which allows shop operators to offer products in online auctions.
  • SHARE: been around sine the 1950s providing standars and services in the IT industry.
  • SYSTEK Information Technology: a Hong Kong based company which offers expertise in Internet-intranet / client-server / legacy systems integration, technology consulting and business solutions in the Asia Pacific Region.
  • Tellme Networks: its products combines the telephone and the Internet to provide consumers with information. A start-up in Silicon Valley from ex-Netscape employees.
  • Unisys Corporation: We guess people have heard of them already!
  • ZOT Group: no response when we tried them.