Closed awoie closed 9 months ago
The issue was discussed in a meeting on 2023-08-23
The issue was discussed in a meeting on 2023-09-06
@seabass-labrax I do not think anything more than something like this is required https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt-05#name-storage-of-signed-user-data)#name-storage-of-signed-user-data
sorry closed by mistake
The issue was discussed in a meeting on 2023-09-14
@seabass-labrax speaking as the PING reviewer for this issue, at the data model layer I think what @Sakurann is saying is suffice. However, what you're saying I think is absolutely a concern at the governance layer (hence wanting to mention here so we can reference it when people speak to policy makers) and needs to be able to normatively define at there. Unfortunately, the data model layer nor the protocol layer can handle this sense once the bits are sent there's no way to determine what the recipient does with them.
The issue was discussed in a meeting on 2023-09-15
The issue was discussed in a meeting on 2023-11-15
PR #1356 has been raised to address this issue. This issue will be closed once PR #1356 is merged.
PR #1356 has been merged, closing.
From PING review https://github.com/w3cping/privacy-request/issues/121#issuecomment-1638908803: