That's server-side (and dead). Cookie consent would primarily be client-side.

Otoh, we already have cookie-consent in browsers. Just don't accept cookies if you don't consent!

P3P also exposes a machine-readable semantics for privacy policies, which could be used by the browser to manage access to not just cookies but other problematic features as well. It's a lot more flexible than "just reject cookies" or the "DNT" header.

The issue is imho that the decision needs to happen server-side (so that a user with an incompatible client isn't slurped up by default), ergo the user-agent must declare the intentions of the user and the server needs to act on it.

P3P could be a hint for the the user-agent, but the user-agent would have to tell the server what level of tracking etc is acceptable to the user.