For how long can a user resubscribe after their initial subscription has expired? I'm curious if we can expect to receive INTERACTIVE_RENEWAL notifications years after their initial subscription expired or is it only weeks, months, etc?

I am attempting to validate a receipt in the sandbox environment (https://sandbox.itunes.apple.com/verifyReceipt). The response looks successful and it is showing me the LatestReceiptInfo and any InApp transactions. The part that is confusing me is that I am able to do it with an invalid secret as well. I am even able to verify with a receipt that was generated from a very different app. It appears as if validation is ignoring the shared secret entirely.I would expect a status code of 21003 for the valid receipt that wasn't created by my app. I would also expect a 21004 for the invalid secret. In both cases I get a status code of 0 and the receipt is available.There is something that I am not understanding about how verification works. Is this expected behavior for the sandbox? Below is the response body that i am sending to verify.{ "receipt-data": "MyReceiptData", "password": "FakePassword", "exclude-old-transactions": true }