What should runtimes do with `writeOnly` in a definition?

[itowlson]

From the CNAB bundle spec: writeOnly: Indicates that the value of the parameter is sensitive and cannot be viewed once set or updated.

• On a parameter, does this mean it must/should not be stored in the claim? If so it might be good to call this out in the Claims spec (which currently just offers the blanket opt-out of "implementations MAY choose not to store [parameters] for security or portability reasons".
• On an output does it make any sense at all? Is there any point to an output that nobody is allowed to read the value of?

(For context the canonical usage in JSON Schema is for the asymmetric REST scenario again, e.g. a User resource has a Password attribute but you only want to send that in PUT not in GET.)

[carolynvs]

Porter's plan is to treat parameters and outputs with writeOnly as sensitive, which should not be printed to the console. We *** it out. It is still written to the claim and the outputs.

@ryanmoran gave us a good link to what writeOnly means a while back when we were trying to figure out what it meant here: #164 (comment).

As for the security of putting it into claims, long term we don't want to be writing claims in plaintext to the filesystem. Other features (sorry don't have the links on me) are looking into how we can store them more securely elsewhere, such as in a key vault, database, etc.