Closed osantolalla closed 4 years ago
I tend to assume that receipts are immutable, or at least potentially stored in unknown or otherwise inaccessible locations. How might a service provider who's issuing a new receipt get access to (or even locate) the old ones in order to update the status? If this field were implemented, even optionally, I think there needs to be an indication of when that status was last known to be true; but my more general concern would be that it breaks the "receipt" model by introducing a requirement for liveness.
Yes I had been thinking about this again. The status is for the consent, not for the receipt. The problem to solve is determining what is the latest consent receipt. https://github.com/KantaraInitiative/consent-receipt-v-next/issues/13 also addresses this problem.
Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Put in evidence during latest demo (Privacy Control Panel / Shoebox API), there is no field in consent receipts that tells if the receipt is currently valid, paused or revoked. Such status field is needed when the individual exercises her rights via privacy control panel.
Describe the solution you'd like A clear and concise description of what you want to happen.
Add a "Status" field. There would be a fixed set of values to choose from (valid, paused, revoked, ...).
Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.
Additional context
The field should be required.