Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jun 08 14:01
    matthieubosquet closed #305
  • Jun 08 14:01

    matthieubosquet on minutes-2022-05-18

    (compare)

  • Jun 08 14:01

    matthieubosquet on main

    Minutes 2022-05-18 (#305) * Mi… (compare)

  • Jun 08 14:00
    matthieubosquet synchronize #305
  • Jun 08 14:00

    matthieubosquet on minutes-2022-05-18

    Apply suggestions from code rev… (compare)

  • May 26 10:26

    github-actions[bot] on gh-pages

    deploy: 1e4d9b731fda12baa1fe496… (compare)

  • May 26 10:25

    matthieubosquet on main

    ACP: Preferred namespace prefix… (compare)

  • May 23 12:29
    justinwb opened #306
  • May 23 12:29
    justinwb labeled #306
  • May 19 14:46
    matthieubosquet opened #305
  • May 19 14:45

    matthieubosquet on minutes-2022-05-18

    Minutes 2022-05-18 (compare)

  • May 19 14:43

    github-actions[bot] on gh-pages

    deploy: c802c6b8e7f771da5accc83… (compare)

  • May 19 14:43

    matthieubosquet on main

    Minutes 2022-05-11 (#301) * Mi… (compare)

  • May 19 14:43

    matthieubosquet on minutes-2022-05-11

    (compare)

  • May 19 14:43
    matthieubosquet closed #301
  • May 18 10:06

    github-actions[bot] on gh-pages

    deploy: 7d040c2a732cc4b680ccde4… (compare)

  • May 18 10:05

    matthieubosquet on main

    ACP ontology fix comment (compare)

  • May 18 10:00

    github-actions[bot] on gh-pages

    deploy: a6973a62fa2f6e227d43ba0… (compare)

  • May 18 09:59

    matthieubosquet on main

    ACP: Ontology missing comma. (compare)

  • May 18 09:56

    github-actions[bot] on gh-pages

    deploy: cf381741ff31a670e90c704… (compare)

Jasper
@jasp3rb
Oh I see, that wouldn't be very safe then. Thanks for clearing that up!
Sarven Capadisli
@csarven

@jasp3rb
The Origin header warns the server that a possibly untrusted Web application is being used.

Again, there needs to be an authorization rule including one of acl:agent, acl:agentClass, acl:agentGroup. If access to resource is public to any agent (acl:agentClass foaf:Agent), then full stop. The presence of acl:origin (on the same authorization rule or another) doesn't further constrain to an origin. It is already public.

Wouter Termont
@woutermont
Do we already have agenda points for today?
Martynas Jusevicius
@namedgraph_twitter
These queries won't be able to handle PUT requests (assuming Solid allows them) that create new documents, because such resources do not exist in the dataspace yet
Sarven Capadisli
@csarven
Thanks @namedgraph_twitter . You're right that those example queries won't be sufficient to determine whether a resource can be created based on the request semantics of PUT. The examples non-normatively shows atomic inquiries, e.g., "ASK query matching an Authorization given inputs resource, agent and mode."
elf Pavlik
@elf-pavlik

Do we already have agenda points for today?

I don't think so, we still have it empty on https://hackmd.io/CweKTJzmQqSEgKtLsUK2ww

I'm available to join. I'm interested in picking up a conversation from the last call where we discussed running authorization engines (eg. ACP) on the Authorization Server rather than on the Resource Server.
elf Pavlik
@elf-pavlik
@matthieubosquet are you planning to join the meeting today? Finally, the EU and US are both on DST (I still have 1 more week of DST limbo here in Mexico)
Matthieu Bosquet
@matthieubosquet
We're on @woutermont (no specific agenda)
Matthieu Bosquet
@matthieubosquet
Especially combined with evaluating policies on AS (rather than on RS)
elf-pavlik @elf-pavlik is getting ready to join the meeting in 1 hour :alarm_clock:
elf Pavlik
@elf-pavlik
I would also like to discuss PRing an inline issue to https://solidproject.org/TR/protocol#authorization signaling that there will be more to AuthZ than just WAC
elf Pavlik
@elf-pavlik
@/all please give heads up if you want/can join meeting next week, some people will be on holidays ...
Matthieu Bosquet
@matthieubosquet
I'll be off next week, apologies.
HackMD for next week/meeting: https://hackmd.io/5CxfrzzQReSGWRAe6J92jA
elf Pavlik
@elf-pavlik
I'll also skip the call today, see you all next week!
Wouter Termont
@woutermont
Anyone joining? Otherwise we can just postpone
elf Pavlik
@elf-pavlik
I think it makes sense to just postpone the meeting
Wouter Termont
@woutermont
Fine with me :thumbsup:
elf Pavlik
@elf-pavlik
who is going to join in 20 min ?
Wouter Termont
@woutermont
I can make it, but if we have nothing specific to discuss, I could also use the time
Matthieu Bosquet
@matthieubosquet
I have a conflict on Wednesday for the authz panel. I will need to skip this week, apologies.
elf Pavlik
@elf-pavlik
I will also skip this week. We had some really good discussions yesterday during the interop panel. I'm going to include some of it in the notes I'm preparing for the next meeting.
elf Pavlik
@elf-pavlik
I know that @laurensdeb might want to discuss access modes today, based on his implementation experience of CSS Authorizer for Interop Access Grants laurensdeb/interoperability#42
If we get a chance I would also like to follow up on our conversation from the last panel meeting, 2 weeks ago: https://github.com/solid/authorization-panel/discussions/296

the original https://solid.mit.edu/ states:

Solid (derived from "social linked data")

The authorization approach in Interop accommodates both social graphs and the trust end-user has in specific clients/applications. It also accommodates smooth discovery, where client used by end-user can follow its nose to all the data it can access ,both owned by the end-user and owned by other social agents in end-user's social graph.

Laurens Debackere
@laurensdeb
Apologies, @elf-pavlik, I wasn't able to join today due to some planning conflicts.
I've blocked next week's slot in my calendar, and will make sure I can join.
elf Pavlik
@elf-pavlik
No worries, we ended up postponing the meeting until next week, see you then!
elf Pavlik
@elf-pavlik

I know that @laurensdeb might want to discuss access modes today, based on his implementation experience of CSS Authorizer for Interop Access Grants laurensdeb/interoperability#42
If we get a chance I would also like to follow up on our conversation from the last panel meeting, 2 weeks ago: https://github.com/solid/authorization-panel/discussions/296

Should we pick those two today?

justinwb @justinwb brt
Matthieu Bosquet
@matthieubosquet
Justin Bingham
@justinwb
Laurens Debackere
@laurensdeb
Justin Bingham
@justinwb
Consider proposals to add more granular access modes to Solid access control system specifications (i.e. WAC, ACP) and to the ACL vocabulary. These modes must maintain backwards compatibility with existing modes and rules, while allowing for more precise definition of authorization rules moving forward. Specifically, provide acl:Create, acl:Delete, acl:Update as alternatives to what is currently provided by one mode; acl:Write.
Matthieu Bosquet
@matthieubosquet
Matthieu Bosquet
@matthieubosquet
Of interest, there is an open PR to add ACP to the solid specification: solid/specification#408.
It is in sync with the current ACP spec as seen on the panel's GitHub pages: https://solid.github.io/authorization-panel/acp-specification/.
Sarven Capadisli
@csarven
There is an issue in the test suite panel to "specify criteria for assessing tests and results": solid/test-suite-panel#7 that's of interest to authors/editors . Please chime in.
elf Pavlik
@elf-pavlik
I may be unable to join the call today
Matthieu Bosquet
@matthieubosquet
Let's skip this week if everyone is ok with this.
Sarven Capadisli
@csarven
Matthieu Bosquet
@matthieubosquet
I am sorry, I will not able to make it this week.