Specify logic regarding Clear-Site-Data.

[abhi61918]

Will PST have a functionality similar to Sec-Trust-Token-Clear-Data in Trust tokens? I don't see any such functionality in the PST API. If not, is there a way for issuer to clear tokens for a client?

[dvorak42]

For Sec-Trust-Token-Clear-Data, we ended up removing it as part of #130 due to some of the potential attacks/privacy challenges with the feature and the fact that a malicious actor could just ignore the Clear-Data header, which makes it difficult to provide any guarantees on how it is used in the ecosystem. Issuers are encouraged to issue smaller batches of tokens .

This issue is for the Clear-Site-Data behavior when the user/client deletes all site data from a site (which for an issuer would delete the tokens/records stored there).