Conversation
- Updated all instances of 'requestor' to 'requester' for consistency - Updated remaining references of (idJWT) to (orJWT) - Removed references to the 1st party ID - Updated descriptions of Request JWT, Acknowledgement JWT, identityType, and identityFormat for clarity - Updated descriptions to clarify the purpose and usage of the orJWT
Corrected version
Further expansion of result codes to address public comment feedback.
Fixed typo
Data Deletion Request Framework Updates
| <li> | ||
| <strong>Request JWT (rqJWT):</strong> | ||
| The rqJWT includes the idJWT as a claim, along with additional information for a discrete deletion request transaction between a requester and recipient. For each vendor requiring communication of a deletion request, the 1st party generates a distinct rqJWT. If a vendor needs to communicate the request to vendors they work with, they generate an additional rqJWT for each which includes a copy of the idJWT they received. </li> | ||
| The rqJWT includes the orJWT as a claim along with the identifier to which the deletion request applies and additional information needed to validate, authenticate and track the request. The originating 1st party will generate an rqJWT for each vendor they communicate a deletion request to. If vendors need to communicate the requests to partners they work with, they will generate an new rqJWT for each partner which includes a copy of the orJWT they received along with their identifier for the deletion request, which may be different from the identifier they received. </li> |
There was a problem hiding this comment.
The sentence starting
If vendors need to communicate the requests...
includes the phrase
...they will generate an new rqJWT...
should be
...they will generate a new rqJWT...
(a not an).
| <strong>Verification and Processing</strong>: </li> | ||
| <ol> | ||
| <li>Upon receiving the rqJWT, each recipient verifies the signature of the embedded idJWT using the public key published on the domain of the initial requester. This ensures that the request originated from a trusted source at the time indicated and has not been tampered with during transmission. </li> | ||
| <li>Upon receiving the rqJWT, each recipient verifies the signature of the embedded orJWT using the public key published on the domain of the 1st party from which the initial request was made. This ensures that the request originated from the claimed source at the time indicated and has not been tampered with during transmission. </li> |
There was a problem hiding this comment.
Instead of:
...published on the domain of the 1st party from which the initial request was made. This ensures...
...published on the domain of the 1st party which made the initial request. This verifies...
| <ol> | ||
| <li>Upon receiving the rqJWT, each recipient verifies the signature of the embedded idJWT using the public key published on the domain of the initial requester. This ensures that the request originated from a trusted source at the time indicated and has not been tampered with during transmission. </li> | ||
| <li>Upon receiving the rqJWT, each recipient verifies the signature of the embedded orJWT using the public key published on the domain of the 1st party from which the initial request was made. This ensures that the request originated from the claimed source at the time indicated and has not been tampered with during transmission. </li> | ||
| <li>Additionally, the recipient verifies the signature of the rqJWT, which may have been generated by the 1st party or an intermediary. Once the signatures are verified, the recipient processes the request based on the information contained within the rqJWT.</li> |
There was a problem hiding this comment.
Change:
Once the signatures are verified, the recipient processes the request based on the information contained within the rqJWT.
to:
Once the signatures are verified, the recipient generates and returns an acJWT, then proceeds with processing of the request based on the information contained within the rqJWT.
| <li>Should a downstream recipient need to further propagate a request, they generate a new rqJWT which includes the orJWT they received as well as any additional information specific to their relationship with the downstream recipient. </li> | ||
| </ol> | ||
| </ol> | ||
| <p>This approach allows each downstream recipient to verify the authenticity of the original request and assures the integrity of the data deletion process, while adding any necessary additional information to the request before passing it on.</p> |
There was a problem hiding this comment.
Change:
This approach allows each downstream recipient to verify the authenticity of the original request and assures the integrity of the data deletion process, while adding any necessary additional information to the request before passing it on.
to:
This approach allows each downstream recipient to verify the authenticity of the original request, ensuring the integrity of the data deletion process while allowing for partner relationship specific information to be included where necessary.
| <p>This approach allows each downstream recipient to verify the authenticity of the original request and assures the integrity of the data deletion process, while adding any necessary additional information to the request before passing it on.</p> | ||
| <h2>Deletion Request Data</h2> | ||
| <h2 id="request-data">Deletion Request Data</h2> | ||
| <p>Each request needs to be an atomic unit, which can be individually processed by the recipient. The deletion request JWTs will include the following values:</p> |
There was a problem hiding this comment.
Change:
Each request needs to be an atomic unit, which can be individually processed by the recipient. The deletion request JWTs will include the following values:
to:
Each deletion request is a self-contained, atomic unit which can be processed independently by a recipient. The deletion request JWTs are defined as follows:
| @@ -242,15 +237,7 @@ | |||
| </a>" (issuer) claim identifies the principal that issued the JWT. It represents the eTLD+1 of the 1st party and can be used to locate their dsrdelete.json file.</td> | |||
There was a problem hiding this comment.
Change:
... (issuer) claim identifies the principal that issued the JWT. It represents the eTLD+1 of the 1st party and can be used to locate their dsrdelete.json file.
to:
... (issuer) claim contains the domain (eTLD+1) of the 1st party that created the orJWT. The domain is used both to indicate who originated the request and to enable downstream participates to locate the dsrdelete.json file of the originator.
| <tr> | ||
| <td>iat</td> | ||
| <td>NumericDate</td> | ||
| <td>The "iat" (issued at) claim identifies the time at which the JWT was issued, representing the timestamp of the deletion request.</td> |
There was a problem hiding this comment.
Change:
The "iat" (issued at) claim identifies the time at which the JWT was issued, representing the timestamp of the deletion request.
to:
The "iat" (issued at) claim contains the orJWT timestamp which should accurately reflect the creation time of the JWT and the transaction chain.
| <tr> | ||
| <td>version</td> | ||
| <td>string</td> | ||
| <td>Version of the data format.</td> |
There was a problem hiding this comment.
Do we have a definition for the version of the data format for the JWTs? I think we may have assumed it was the spec version, but I don't think that makes sense since the spec will likely be updated independently from the JWT definitions and each of the JWT definitions could change at different rates than the others. I suggest we include the version number in the version field description for each of the JWTs. I suggest we set the orJWT and rqJWT to version "2.0" since they've both been changed in this update and set the version of the acJWT to 1.0 since it has not been changed since version 1.0 of the spec.
If there are updates to any of the JWTs in the future, we should change the versions of the modified JWTs and also bump the spec version.
| <tr> | ||
| <td>version</td> | ||
| <td>string</td> | ||
| <td>Version of the data format.</td> |
There was a problem hiding this comment.
Per the comment above, define the version of the rqJWT as 2.0 since it has been updated in this release of the spec.
| <tr> | ||
| <td>iat</td> | ||
| <td>NumericDate</td> | ||
| <td>The "iat" (issued at) claim identifies the time at which the JWT was issued, representing the timestamp of the request transaction.</td> |
There was a problem hiding this comment.
Change:
The "iat" (issued at) claim identifies the time at which the JWT was issued, representing the timestamp of the request transaction.
to:
The "iat" (issued at) claim contains the rqJWT timestamp which should accurately reflect the creation time of the JWT and request transaction.
| <td>string</td> | ||
| <td>The "<a target="_blank" href="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1"> | ||
| <span style="color:rgb(17, 85, 204);">iss</span> | ||
| </a>" (issuer) claim identifies the principal that issued the JWT. It represents the eTLD+1 of the requester, which can be used to locate their dsrdelete.json file.</td> |
There was a problem hiding this comment.
Change:
(issuer) claim identifies the principal that issued the JWT. It represents the eTLD+1 of the requester, which can be used to locate their dsrdelete.json file.
to:
(issuer) claim contains the domain (eTLD+1) of the party that created the rqJWT. The domain is used both to indicate who made the request and to enable downstream participates to locate the dsrdelete.json file of the requester.
| <tr> | ||
| <td>identifierType</td> | ||
| <td>string</td> | ||
| <td>The type of identifier provided in the identifierValue field. The value in this field must match a type specified in the intended recipients' dsrdelete.json file.</td> |
There was a problem hiding this comment.
Change:
the intended recipients' dsrdelete.json file.
to:
the dsrdelete.json file of the recipient.
| <tr> | ||
| <td>identifierFormat</td> | ||
| <td>string</td> | ||
| <td>The format of the identifier provided in the identifierValue field. The value in this field must match a format specified in the intended recipients' dsrdelete.json file.</td> |
There was a problem hiding this comment.
Change:
the intended recipients' dsrdelete.json file.
to:
the dsrdelete.json file of the recipient.
| <tr> | ||
| <td>version</td> | ||
| <td>string</td> | ||
| <td>Version of the data format.</td> |
There was a problem hiding this comment.
Per comments above, define the version of the acJWT as 1.0 since it has not been updated in this release of the spec.
| <td>string</td> | ||
| <td>The "<a target="_blank" href="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1"> | ||
| <span style="color:rgb(17, 85, 204);">iss</span> | ||
| </a>" (issuer) claim identifies the principal that issued the JWT. It represents the eTLD+1 of the recipient, which can be used to locate their dsrdelete.json file. |
There was a problem hiding this comment.
Change:
(issuer) claim identifies the principal that issued the JWT. It represents the eTLD+1 of the recipient, which can be used to locate their dsrdelete.json file.
to:
(issuer) claim contains the domain (eTLD+1) of the party that created the acJWT. The domain is used both to indicate who acknowledged the request and to enable recipients of the acknowledgement to locate the dsrdelete.json file of the acknowledger.
| <tr> | ||
| <td>iat</td> | ||
| <td>NumericDate</td> | ||
| <td>The "iat" (issued at) claim identifies the time at which the JWT was issued, representing the timestamp of the acknowledgement transaction.</td> |
There was a problem hiding this comment.
Change:
The "iat" (issued at) claim identifies the time at which the JWT was issued, representing the timestamp of the acknowledgement transaction.
to:
The "iat" (issued at) claim contains the acJWT timestamp which should accurately reflect the creation time of the JWT and acknowledgement transaction.
| <td>required</td> | ||
| </tr> | ||
| <tr> | ||
| <td>raResultCode</td> |
There was a problem hiding this comment.
Do we need to make this "raResultCode" or could it just be "resultCode"?
| <tr> | ||
| <td>raResultCode</td> | ||
| <td>Numeric</td> | ||
| <td>A code indicating the request was successfully validated and accepted or identifying an error.</td> |
There was a problem hiding this comment.
Change:
A code indicating the request was successfully validated and accepted or identifying an error.
to:
A result code indicating the request was successfully received or identifying an error; see Result Codes, below.
I believe the link above needs to be updated for v2, I took it from v1.
| <h5>Example Request with required parameters:</h5> | ||
| <p> | ||
| <em>The following example includes a decoded idJWT to show the header & payload JSON.</em> | ||
| <em>The following example includes a decoded orJWT to show the header & payload JSON.</em> |
There was a problem hiding this comment.
Change:
The following example includes a decoded orJWT to show the header & payload JSON.
to:
The following is an example of an orJWT showing the header and payload JSON.
| @@ -420,7 +417,7 @@ | |||
| <p>A data deletion request is accomplished by sending a POST request to the data deletion request API, which returns a response in JSON format. This protocol is implemented via a standard API and request format with a defined JSON payload as a JWT. </p> | |||
There was a problem hiding this comment.
Change:
A data deletion request is accomplished by sending a POST request to the data deletion request API, which returns a response in JSON format. This protocol is implemented via a standard API and request format with a defined JSON payload as a JWT.
to:
A data deletion request is made by sending a POST request with an rqJWT to the API endpoint defined in the dsrdelete.json of the intended recipient who will respond with an acJWT.
The link above to the dsrdelete.json will need to be verified.
| @@ -420,7 +417,7 @@ | |||
| <p>A data deletion request is accomplished by sending a POST request to the data deletion request API, which returns a response in JSON format. This protocol is implemented via a standard API and request format with a defined JSON payload as a JWT. </p> | |||
| <h5>Example Request with required parameters:</h5> | |||
There was a problem hiding this comment.
Change:
Example Request with required parameters:
to:
Example orJWT with required parameters:
| } | ||
| ``` | ||
|
|
||
| <h5>Example Request including optional parameters:</h5> |
There was a problem hiding this comment.
Change:
Example Request including optional parameters:
to:
Example rqJWT including required and optional parameters:
|
|
||
| <h5>Example Request including optional parameters:</h5> | ||
| <p> | ||
| <em>The following example includes a decoded rqJWT to show the header & payload JSON.</em> |
There was a problem hiding this comment.
Change:
The following example includes a decoded rqJWT to show the header & payload JSON.
to:
The following is an example of an rqJWT showing the header and payload JSON with including optional parameters.
| . | ||
| { | ||
| "version": "1.0", | ||
| "version": "2.0", |
There was a problem hiding this comment.
Per comments above, since the acJWT has not been modified in this update it should stay at version 1.0.
| <h2>Identifiers</h2> | ||
| <p>There are generally two classes of identifiers used in ad-interactions distinguished by access limitations: those which are directly accessible by 1st-parties and those which are only accessible to 3rd parties. The first class includes any identifiers available in the 1st-party context, including on web pages and 1st-party local storage. The second class includes identifiers maintained in protected 3rd-party storage, such as 3rd-party cookies. Probabilistic identifiers, which are based on constellations of data values, presumably may fall into the first, second or a combination of both classes, depending on how they are constructed.</p> | ||
| <h5>Identifier Communication</h5> | ||
| <p>The initial version of this proposal only provides support for identifiers a 1st-party has access to prior to initiating communication of the data deletion request. It is the responsibility of the 1st Party to determine what identifiers they must provide to which partners in deletion requests and to provide them in a form usable by those partners for satisfying the request. </p> |
There was a problem hiding this comment.
Change to:
In the current version, this standard only supports identifiers a 1st-party has access to prior to initiating communication of the data deletion request. It is the responsibility of 1st Parties to determine what identifiers must be provided to which partners in deletion requests and to provide them in a form those partners can use to execute the request. In general, data deletion requests should contain the same identifiers sent to partners in bid requests and data transactions.
| <p>There are generally two classes of identifiers used in ad-interactions distinguished by access limitations: those which are directly accessible by 1st-parties and those which are only accessible to 3rd parties. The first class includes any identifiers available in the 1st-party context, including on web pages and 1st-party local storage. The second class includes identifiers maintained in protected 3rd-party storage, such as 3rd-party cookies. Probabilistic identifiers, which are based on constellations of data values, presumably may fall into the first, second or a combination of both classes, depending on how they are constructed.</p> | ||
| <h5>Identifier Communication</h5> | ||
| <p>The initial version of this proposal only provides support for identifiers a 1st-party has access to prior to initiating communication of the data deletion request. It is the responsibility of the 1st Party to determine what identifiers they must provide to which partners in deletion requests and to provide them in a form usable by those partners for satisfying the request. </p> | ||
| <p>The details of what identifiers a participant can accept and what format they can accept them in are provided by each participant in the dsrdelete.json file on their domain. Data deletion requests should contain the same identifiers sent to partners in data transactions. The 1st Party will gather this information from a partners dsrdelete.json files so that each request only includes a supported identifier.</p> |
There was a problem hiding this comment.
Change to:
The details of what identifiers a participant can accept and in what format are provided by each participant in the dsrdelete.json file hosted on their domain. 1st Parties should ensure they are providing identifiers that are formatted appropriately for each partner based on the definitions in the partner dsrdelete.json files.
| <p>The initial version of this proposal only provides support for identifiers a 1st-party has access to prior to initiating communication of the data deletion request. It is the responsibility of the 1st Party to determine what identifiers they must provide to which partners in deletion requests and to provide them in a form usable by those partners for satisfying the request. </p> | ||
| <p>The details of what identifiers a participant can accept and what format they can accept them in are provided by each participant in the dsrdelete.json file on their domain. Data deletion requests should contain the same identifiers sent to partners in data transactions. The 1st Party will gather this information from a partners dsrdelete.json files so that each request only includes a supported identifier.</p> | ||
| <h2>Request/Response Signatures</h2> | ||
| <p>To ensure deletion requests are legitimate and unmodified, participants will cryptographically sign requests and responses with private keys. The corresponding public keys will be published in their JWKS (JSON Web Key Set) files so that other participants can use them to verify signatures.</p> |
There was a problem hiding this comment.
Change to:
To enable participants to verify requests and responses are authorized and unmodified, JWTs are cryptographically signed using participant private keys prior to communication. The corresponding public keys needed to verify signatures are published in publicly available JWKS (JSON Web Key Set) files which are located using the
jwksUridefined in the dsrdelete.json file hosted on the participant domain.
| <h5>Identifier Communication</h5> | ||
| <p>The initial version of this proposal only provides support for identifiers a 1st-party has access to prior to initiating communication of the data deletion request. It is the responsibility of the 1st Party to determine what identifiers they must provide to which partners in deletion requests and to provide them in a form usable by those partners for satisfying the request. </p> | ||
| <p>The details of what identifiers a participant can accept and what format they can accept them in are provided by each participant in the dsrdelete.json file on their domain. Data deletion requests should contain the same identifiers sent to partners in data transactions. The 1st Party will gather this information from a partners dsrdelete.json files so that each request only includes a supported identifier.</p> | ||
| <h2>Request/Response Signatures</h2> |
There was a problem hiding this comment.
Change:
Request/Response Signatures
to:
JWT Signatures
| <p>The details of what identifiers a participant can accept and what format they can accept them in are provided by each participant in the dsrdelete.json file on their domain. Data deletion requests should contain the same identifiers sent to partners in data transactions. The 1st Party will gather this information from a partners dsrdelete.json files so that each request only includes a supported identifier.</p> | ||
| <h2>Request/Response Signatures</h2> | ||
| <p>To ensure deletion requests are legitimate and unmodified, participants will cryptographically sign requests and responses with private keys. The corresponding public keys will be published in their JWKS (JSON Web Key Set) files so that other participants can use them to verify signatures.</p> | ||
| <h5>Cryptographic Keys</h5> |
| <h2>Request/Response Signatures</h2> | ||
| <p>To ensure deletion requests are legitimate and unmodified, participants will cryptographically sign requests and responses with private keys. The corresponding public keys will be published in their JWKS (JSON Web Key Set) files so that other participants can use them to verify signatures.</p> | ||
| <h5>Cryptographic Keys</h5> | ||
| <p>To accomplish this, this specification will use JSON Web Key Sets (JWKS). The JWKS standard (<a target="_blank" href="https://datatracker.ietf.org/doc/html/rfc7517"> |
There was a problem hiding this comment.
Change:
To accomplish this, this specification will use JSON Web Key Sets (JWKS). The
to:
JSON Web Key Sets (JWKS), defined in the
| <p>To accomplish this, this specification will use JSON Web Key Sets (JWKS). The JWKS standard (<a target="_blank" href="https://datatracker.ietf.org/doc/html/rfc7517"> | ||
| <span style="color:rgb(17, 85, 204);">RFC 7517</span> | ||
| </a>) establishes a way to store and manage cryptographic keys as a set of JSON objects. JWKS supports asymmetric signature with a public key and private key pair, supporting the discoverability design of the dsrdelete.json file and the signature requirements of the data deletion framework.</p> | ||
| </a>) establishes a way to store and manage cryptographic keys as a set of JSON objects. JWKS supports asymmetric signature with a public key and private key pair, supporting the discoverability design of the <code>dsrdelete.json</code> file and the signature requirements of the data deletion framework.</p> |
There was a problem hiding this comment.
Change:
establishes a way to store and manage cryptographic keys as a set of JSON objects. JWKS supports asymmetric signature with a public key and private key pair, supporting the discoverability design of the
dsrdelete.jsonfile and the signature requirements of the data deletion framework.
to:
enable participants to store and manage public keys as a set of JSON objects. Using JWKS provides industry standard support for asymmetric signatures based on public/private key pairs and supports the discoverability design of the
dsrdelete.jsonresource.
| <span style="color:rgb(17, 85, 204);">RFC 7517</span> | ||
| </a>) establishes a way to store and manage cryptographic keys as a set of JSON objects. JWKS supports asymmetric signature with a public key and private key pair, supporting the discoverability design of the dsrdelete.json file and the signature requirements of the data deletion framework.</p> | ||
| </a>) establishes a way to store and manage cryptographic keys as a set of JSON objects. JWKS supports asymmetric signature with a public key and private key pair, supporting the discoverability design of the <code>dsrdelete.json</code> file and the signature requirements of the data deletion framework.</p> | ||
| <p>Note that while <a href="https://datatracker.ietf.org/doc/html/rfc7517">RFC 7517</a> lists the <code>"alg"</code> and the <code>"kid"</code> parameters as optional, they are required in the context of this framework to ensure all participants can easily locate verification keys.</p> |
There was a problem hiding this comment.
Change:
participants can easily locate verification keys.
to:
participants can easily identify keys needed to verify specific JWTs.
| </li> | ||
| </ul> | ||
| <h2>Discovery</h2> | ||
| <p>This specification defines a standard method by which participants communicate what information they require to execute data deletion requests and resources needed by other participants when interacting with them, such as cryptographic keys. To achieve this, there will be two options of discovery for participants. Both options are available to support multiple use-cases for discovery. To achieve this, participants will be required to create a dsrdelete.json file, which will be considered the authoritative version of a participant's information.</p> |
There was a problem hiding this comment.
Change to:
To ensure participants are able to discover configuration information required to support this framework, all participants are required to maintain a publicly accessible file named dsrdelete.json in a "/.well-known/" directory (see RFC 8615: Well-Known Uniform Resource Identifiers (URIs)) on every domain that supports the framework. This file should contain well formed JSON and is the authoritative source of a participant information. Parties supporting this standard would be expected to periodically read the files published by their partners and assure they support what is required by those partners in order to honor requests.
| <h2>Discovery</h2> | ||
| <p>This specification defines a standard method by which participants communicate what information they require to execute data deletion requests and resources needed by other participants when interacting with them, such as cryptographic keys. To achieve this, there will be two options of discovery for participants. Both options are available to support multiple use-cases for discovery. To achieve this, participants will be required to create a dsrdelete.json file, which will be considered the authoritative version of a participant's information.</p> | ||
| <h4>dsrdelete.json resource</h4> | ||
| <p>For easy access and discovery, participants must provide a JSON file named dsrdelete.json in the root of their domain. Parties supporting this standard would be expected to periodically read the files published by their partners and assure they support what is required by those partners in order to honor requests. Having participants publish this information directly on their domains allows them to fully and directly manage it, allows partners to work directly with them to resolve issues, and eliminates the potential for a single point of failure to disable communications. </p> |
| <p>This specification defines a standard method by which participants communicate what information they require to execute data deletion requests and resources needed by other participants when interacting with them, such as cryptographic keys. To achieve this, there will be two options of discovery for participants. Both options are available to support multiple use-cases for discovery. To achieve this, participants will be required to create a dsrdelete.json file, which will be considered the authoritative version of a participant's information.</p> | ||
| <h4>dsrdelete.json resource</h4> | ||
| <p>For easy access and discovery, participants must provide a JSON file named dsrdelete.json in the root of their domain. Parties supporting this standard would be expected to periodically read the files published by their partners and assure they support what is required by those partners in order to honor requests. Having participants publish this information directly on their domains allows them to fully and directly manage it, allows partners to work directly with them to resolve issues, and eliminates the potential for a single point of failure to disable communications. </p> | ||
| <p>1st Parties should read the data provided in the well-known resource from the vendor. This resource should include the following:</p> |
There was a problem hiding this comment.
Change to:
The dsrdelete.json should be well formed JSON and containing the following elements:
| @@ -599,19 +695,31 @@ | |||
| <td>string</td> | |||
| <td>API endpoint for deletion requests.</td> | |||
There was a problem hiding this comment.
I think we may want to require endpoint to be webhooks that accept POST requests and maybe encourage participants to support versioned URL paths to facilitate version updates.
| <td>Required</td> | ||
| </tr> | ||
| <tr> | ||
| <td>pollFrequency</td> |
There was a problem hiding this comment.
Think we should change this to "minRefresh".
| <tr> | ||
| <td>pollFrequency</td> | ||
| <td>number </td> | ||
| <td>Polling frequency, in seconds</td> |
There was a problem hiding this comment.
Change to:
Minimum time in seconds to wait after a successful fetch before initiating the next fetch.
| <tr> | ||
| <td>identifiers</td> | ||
| <td>Array of object</td> | ||
| <td>List of supported identifiers.</td> |
There was a problem hiding this comment.
Change to:
List of supported identifier types.
We don't describe what identifier types are or how they're defined or used anywhere in the document, I think we need to add a section for it.
| <td>Key format follows the IETF JSON Web Keys (JWK) Standard https://datatracker.ietf.org/doc/html/rfc7517 - reference the standard for key format.</td> | ||
| <td>jwksUri</td> | ||
| <td>string</td> | ||
| <td>Location of the JSON Web Key Set (JWKS) endpoint which contains the JWKS used to sign all issued JSON Web Tokens (JWTs).</td> |
There was a problem hiding this comment.
Change to:
The URI for the participant JSON Web Key Set (JWKS) (see RFC 7517: JSON Web Key (JWK)). The standard location is: https://{your-domain}/.well-known/jwks.json.
| <td>Required</td> | ||
| </tr> | ||
| <tr> | ||
| <td>publishedJwksUri</td> |
There was a problem hiding this comment.
We don't talk about this anywhere else in the document, I think we need a section to properly define it and describe how it is used. I think we should also consider making it required so that folks can easily determine if a key they have is expired or never existed.
| <tr> | ||
| <td>publishedJwksUri</td> | ||
| <td>string</td> | ||
| <td>Location of the endpoint which contains prior JWK sets that include previously active signing keys, to facilitate signature verification of tokens issued before key rotation.</td> |
There was a problem hiding this comment.
I think that in addition to having a file of expired keys we should consider allowing folks to indicate expired keys in their JWKS files, perhaps by replacing the actual key with "expired" and including an "expired" attribute which is a timestamp indicating when the key was expired.
| <td>Required</td> | ||
| </tr> | ||
| <tr> | ||
| <td>vendorScript</td> |
There was a problem hiding this comment.
I think we need to provide a better explanation for what vendor scripts are and and how they're used.
| @@ -624,38 +732,77 @@ | |||
| <td>Optional field for vendors to publish a HTML code (e.g. a <script>) if this is needed to gather an identifier for a deletion request.</td> | |||
There was a problem hiding this comment.
This should be required if vendorScriptRequirement is true. We also need better requirements for the scripts and to think about what damage they could do given that they're JavaScript we're asking websites to execute.
| <tr> | ||
| <td>dsrdeleteJsonUri</td> | ||
| <td>string</td> | ||
| <td>Optional field for partners with multiple domains who only wish for one to host the complete file.</td> |
There was a problem hiding this comment.
I think we should clarify that if this attribute exists, it should be the only one in the file and if this is the primary dsrdelete.json, it should not include this attribute.
| https://www.publisher1.com/dsrdelete.json | ||
|
|
||
| { | ||
| "endpoint": "https://www.publisher1.com/api/delete/", |
There was a problem hiding this comment.
suggest we add "ddrf" to the example URL and standardize on "example.com" instead of "publisher1.com":
"endpoint": "https://www.example.com/ddrf/delete/"
|
|
||
| { | ||
| "endpoint": "https://www.publisher1.com/api/delete/", | ||
| "pollFrequency": "259200", // 30 days |
There was a problem hiding this comment.
Per comments elsewhere, a 30 day pollFrequency without an indication of when the resource is going to be updated could be problematic. Either the example poll frequency should be hours or last updated information should be included in the resource.
| { "id": 2, "type": "idfa", "format": "hash" } | ||
| ], | ||
| "publicKey": [ | ||
| "jwksUri": "https://example.com/.well-known/iabtl/jwks.json", |
There was a problem hiding this comment.
Change to make it match existing standard practice of putting it in /.well-known/:
"jwksUri": "https://example.com/.well-known/jwks.json"
|
|
||
| ``` | ||
| https://www.publisher1.com/dsrdelete.json | ||
|
|
There was a problem hiding this comment.
Think this should be removed. It it is kept I suggest we standardize on "example.com" instead of "publisher1.com" and it should be in .well-known:
| { | ||
| "endpoint": "https://www.publisher1.com/api/delete/", | ||
| "pollFrequency": "259200", // 30 days | ||
| "identifiers": [ |
There was a problem hiding this comment.
Per comments elsewhere, we don't really define "identifiers" anywhere or define requirements and describe how they are used.
| </table> | ||
| </div> | ||
| <h4>Example Resource for dsrdelete.json:</h4> | ||
| <h4>Example Resource for example.com/.well-known/iabtl/dsrdelete.json:</h4> |
There was a problem hiding this comment.
Suggest we remove iabtl or include it in all the URLs.
example.com/.well-known/dsrdelete.json
|
|
||
| ``` | ||
| { | ||
| "pollFrequency": "604800", // 7 days |
There was a problem hiding this comment.
Per other comments, this should be hours or we should include an updated time in the JWKS resource.
| ``` | ||
|
|
||
|
|
||
| <h4>Implementing Script-based deletion requests</h4> |
There was a problem hiding this comment.
I think we need to take another pass on this, too little information for what could be very risky to support.
| <strong>Note</strong>: Please note that supporting only script based deletion requests will limit the ability to receive deletion requests where requests are chained via endpoints.</p> | ||
| <h4>Directory</h4> | ||
| <p>An optional discovery method will be available via access to a directory provided by the Tech Lab. The directory would live in the Tech Lab tools portal and provide participants with the location of each dsrdelete.json resource. To create the directory entries, Tech Lab will crawl dsrdelete.json resources and automatically create entries–similar to ads.txt. The results would appear in the Tools Portal and in an API. Participants might use the directory to look up primary domains for companies that operate across multiple domains, validate a vendor has adopted the standard with the established request format, or to simplify a bulk lookup of endpoints from participants. All endpoints can be looked up, but not all endpoints need to be used.</p> | ||
| <p>An optional discovery method will be available via access to a directory provided by the Tech Lab. The directory is available in the <a href="https://tools.iabtechlab.com/transparencycenter/explorer/business/datadeletionregistry">Tech Lab tools portal</a> and provide participants with the location of each dsrdelete.json resource. To create the directory entries, Tech Lab will crawl dsrdelete.json resources and automatically create entries–similar to ads.txt. The results would appear in the Tools Portal and in an API. Participants might use the directory to look up primary domains for companies that operate across multiple domains, validate a vendor has adopted the standard with the established request format, or to simplify a bulk lookup of endpoints from participants. All endpoints can be looked up, but not all endpoints need to be used.</p> |
There was a problem hiding this comment.
Change:
and provide participants with the location of each dsrdelete.json resource. To create the directory entries, Tech Lab will crawl dsrdelete.json resources and automatically create entries–similar to ads.txt. The results would appear in the Tools Portal and in an API. Participants might use the directory to look up primary domains for companies that operate across multiple domains, validate a vendor has adopted the standard with the established request format, or to simplify a bulk lookup of endpoints from participants. All endpoints can be looked up, but not all endpoints need to be used.
to:
and provides participants with the URLs of dsrdelete.json resources listed by domain. Participants can use the directory to look up primary domains for companies that operate across multiple domains, determine if a vendor has adopted the standard or facilitate a bulk lookup of participants endpoints.
2 participants
Version 2.0
rqJWT.suband theidJWT.subclaim formats to provide additional clarity on these formats. Additionally, renamed theidJWTtoorJWT.publicKeywithjwksUrialgandkidparameters are requiredpollFrequencyto both thedsrdelete.jsonfile and thejwks.jsonfilesdsrdelete.jsonfileoptionalParametersto dsrdelete.json to support extensibilitydsrdeleteJsonUrifor partners with multiple domains who only wish for one to host the complete filepublishedJwksUrito encourage key rotation