(all in one file)
===9dec2021===
Review CR 1.1
Consent lifecycle What and How
===2dec2021===
tbd
===25nov2021===
- CRWeb’s specification and companion docs – CRWeb-ToC-20211125.pdf shows an outline
- CRWeb will also deliver a proof-of-concept to demonstrate the concepts. A kick-off proposal for the architecture is in the attachment as well
- Browser add-on listens to events
- HTML contains metadata (e.g., Controller info) in JSON-LD
- JSON-LD contains the name of the html artefact associated with the receipt event
- A discussion on the protocol itself, considering authenticity and accountability: how to authoritatively architect the transactions?
- Andrew to circulate a doc with ideas
- VJ’s paper on that: “Web of receipts”: https://ieeexplore.ieee.org/document/8974193
- Next week we’ll take some time to advance this particular aspect
- Event id, with provable order, will need nonces, timestamps, UUIDs, versioning, etc.
- This will further support the notion of a Consent Lifecycle
- Decentralised approaches of high interest to the group – they should be seamlessly supported as a use-case (including to facilitate auditability)
- Receipts should be aligned with what is expected from ISO 27560 (and ideally feed into it)
- VJ to send an early schema of a receipt to get started. CR1.1+datafund extension should be a starting point.
Actions
- VJ to kick-off the schema
- AH to share doc on 5 (?) ways to keep accountable (?) data controllers
- TF to send schema used by DF