Child pages
  • 2016-11-03 Meeting Notes (CR)

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.






titleVoting participants

Participant Roster (2016) - Quorum is 4 of 7 as of 2016-10-06

Iain Henderson, Mary Hodder, Harri Honko, Mark Lizar, Jim Pasquale, John Wunderlich, Andrew Hughes

Discussion Items

10 mins
  • Roll call
  • Agenda bashing
Andrew Hughes

Meeting was quorate


25 minDavid Turner
        • Current version of CR
        • David is having trouble keeping the document internal tables in sync. Slowing down the editing.
        • Review cycles have been too short to make effective use of Word as a commenting tool - David will post up the Google Doc version for this last round of feedback
        • Consent Type field
          • There are too many variations to constrain this field at this time
          • We can include a list of suggested values and observe actual implementations
          • Mark originally saw this field as a boolean "explicit" y/n 
        • Purpose / Purpose Category field
          • Should leave these as-is for now
          • No easy way to reconcile what should go into these fields
        • Human readable / JSON examples
          • Use John's examples since they are already done
        • Simon Crossley - MyLife Digital
          • Very good technical design feedback on the JSON parts
          • Proposed some new fields
            • Issued-At-Time (distinguishes time the consent occurred versus the time the receipt was issued). IAT is a JSON reserved name.
            • Issued-By
            • State / Status
              • Not sure how to handle this - it's not really a point-in-time value which would be typical for a transactional receipt but rather a dynamic value
          • Rename "Consent Timestamp" field to Issued-At-Time
          • Suggested to make some of the fields Object types instead of Strings to allow more flexibility
        • For purpose termination field - could reference NIST SP 800-63-3 privacy metadata
        • PII Confidentiality
          • Is in the list of elements but is not in the Schema
          • Delete this because nobody is using it -> move to V1.1
        • NIST uses "Acceptable Primary Use" and "Acceptable Additional Use"


CR Spec publication schedule

Current: call for comments on draft spec commences