From 3553120a152dd050cf12db65fa7b865d344128d5 Mon Sep 17 00:00:00 2001
From: Atul Tulshibagwale <atultulshi@gmail.com>
Date: Fri, 29 Mar 2024 06:02:39 -0700
Subject: [PATCH] Addressed privacy changes identified by Yaron

---
 draft-ietf-oauth-transaction-tokens.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/draft-ietf-oauth-transaction-tokens.md b/draft-ietf-oauth-transaction-tokens.md
index b2ce5a6..1291c3a 100644
--- a/draft-ietf-oauth-transaction-tokens.md
+++ b/draft-ietf-oauth-transaction-tokens.md
@@ -535,7 +535,10 @@ How requesting clients authenticate to the Transaction Token Service is out of s
 Some `rctx` claims may be considered personal information in some jurisdictions
 and if so their values need to be obsfucated. For example, originating IP address
 (`req_ip`) is often considerd personal information and in that case must be
-protected through some obsfucation method (e.g. SHA256).
+protected through some obsfucation method (e.g. salted SHA256).
+
+## Logging
+Txn-Tokens SHOULD NOT be logged if they contain Personally Identifiable Information (PII). What constitutes PII depends upon the use case, but in some cases even an email address (which could be a `sub` value) can be protected PII, which should not be logged.
 
 # IANA Considerations {#IANA}