Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 08:40
    kjetilk demilestoned #349
  • 08:40
    kjetilk milestoned #349
  • 08:40
    kjetilk commented #349
  • 08:33
    kjetilk review_requested #357
  • Nov 28 23:06
    csarven edited #357
  • Nov 28 23:06
    csarven commented #356
  • Nov 28 23:06
    csarven milestoned #357
  • Nov 28 23:06
    csarven labeled #357
  • Nov 28 23:06
    csarven labeled #357
  • Nov 28 23:06
    csarven labeled #357
  • Nov 28 23:06
    csarven opened #357
  • Nov 28 23:04

    csarven on remove-client-check-root-path

    Remove optional advisement rely… (compare)

  • Nov 26 23:33
    acoburn commented #356
  • Nov 26 21:53
    RubenVerborgh commented #356
  • Nov 26 21:49
    kjetilk commented #356
  • Nov 26 21:39
    csarven edited #356
  • Nov 26 21:29
    RubenVerborgh review_requested #349
  • Nov 26 19:47
    acoburn commented #356
  • Nov 26 18:50
    csarven edited #356
  • Nov 26 18:05
    csarven commented #355
Sarven Capadisli
@csarven
In case still unclear, YES, http://www.w3.org/ns/solid/terms is still in use by Solid servers and applications. It is also mentioned in the Solid ecosystem document: https://solid.github.io/specification/#namespaces and used in examples in the spec.
Happy to clarify that further.
Tom Gallivan
@sideshowtom
@csarven the question was if it was up to date with the spec work, and it looks to me like the answer is no. That's ok, I was just asking so that I could understand better. As for the rest of it, I think I characterized your answer reasonably. At some point I'll go through this thread again and maybe I'll see it differently. I know you have important work to do here and I don't want to get in the way. I am just a hobbyist here so it is not important anyway, but my motivations areg ood and constructive ones as I believe yours are too.
Tom Gallivan
@sideshowtom
/areg ood/are good/
Aaron Coburn
@acoburn
@csarven re: https://github.com/solid/specification/issues/121#issuecomment-646111470 that all looks fine to me. It would seem very odd to be able to change a resource’s type from RDF to Binary. OTOH, I see no problem with a binary resource (image, etc) being able to respond with RDF via content negotiation.
Sarven Capadisli
@csarven
@acoburn "change" is strange and not a good term to use in context of Solid. In order to do that, a server will need to track original payload's mediatype which would probably end up being similar to LDP server's promise with interaction models. Oops :) Alternatively, the Solid spec doesn't say anything and that would allow RDF and non-RDF representations to be available for the same resource, if so desired.
^ @namedgraph_twitter :)
Vincent
@Vinnl_gitlab

@namedgraph_twitter:

well, RDF representation of PNG is RDF, so you would get what you ask for

Exactly, that's why I don't want to ask for it :) I don't actually want content in a particular format, I want to know what type of content it is (i.e. RDF or not). But I guess this gets particularly problematic when parts of a Resource are RDF and parts aren't :/

Martynas Jusevicius
@namedgraph_twitter
you have to accept how HTTP works :)
Ghislain
@gatemezing

@gatemezing Did we already talk about LOV having an inbox to receive notifications about new vocabs or updates to existing ones. You can have a shape for the notification so that can work as a way to register vocabs in LOV

Not yet, but happy to start that discussion - TIA. We just use a "basic bot" for checking some metadata for updates in a vocab and email notification when someone submit a new vocab. BTW, it would be great to have more metadata in the Solid vocab.

Justin Bingham
@justinwb
@csarven i’m a little tied up this am can we catch up a bit over gitter today / this weekend
gotta wrap up something before a session in a couple hours
Sarven Capadisli
@csarven
I'll have to review the data interop docs. If I can get to it by Monday, we could go over it in the panel.
Justin Bingham
@justinwb
cool - there will be a push at some point tonight or this weekend with updated vocab, shapes, and shape tree definitions
i’ll let you know when it goes up
Sarven Capadisli
@csarven
What's currently using acl:AuthenticatedAgent?
Implementations
namedgraph_twitter @namedgraph_twitter raises hand
Sarven Capadisli
@csarven
GOod! I was wondering if you are.
Sarven Capadisli
@csarven
@namedgraph_twitter What are the reasons for LDH to use that? For public reads, does the system require the user to be identified? Is there a setting to turn it on/off?
Martynas Jusevicius
@namedgraph_twitter
public access and authenticated access is different
Sarven Capadisli
@csarven
"public access" doesn't entail anonymous. I'm just trying to understand what the intentions were in your implementation.
Martynas Jusevicius
@namedgraph_twitter
i meant public == non-authenticated
e.g. we might want to make the SPARQL endpoint available to any authenticated agent
but not make it public, i.e. to allow unauthenticated access
you can find acl:AuthenticatedAgent used in authorizations here: https://github.com/AtomGraph/LinkedDataHub/blob/master/platform/datasets/admin.trig
Sarven Capadisli
@csarven
How do you use foaf:Agent? Does the system read the profile and check for foaf:Agent?
Martynas Jusevicius
@namedgraph_twitter
no
foaf:Agent is used if no WebID client cert is present

based on the WAC https://www.w3.org/wiki/WebAccessControl

Servers are required to recognize the class foaf:Agent as the class of all agents. This indicates that the given access is public. In some cases this will mean that authentication is therefore not required, and may be skipped. When a resource is being written, however, it may be necessary to associate the change with some kind of ID for accountability purposes.

Aaron Coburn
@acoburn
acl:AuthenticatedAgent makes sense if the server constrains the identity providers that are trusted. In traditional web applications with external identity providers, this tends to be a closed set (e.g. login with Google, FB and Twitter but not any arbitrary identity system), and there, acl:AuthenticatedAgent makes sense. If, however, identity in Solid is entirely decentralized and if resource servers need to be able to negotiate auth tokens from an open set of identity providers, then there is effectively no difference between an “authenticated” agent and an unauthenticated agent: I can create an ephemeral identity provider with an ephemeral WebID and call that an acl:AuthenticatedAgentwhich could get a higher level of access just because I have some scripts running this ephemeral infrastructure
Sarven Capadisli
@csarven
It seems that the current definition of acl:AuthenticatedAgent is more like IdentifiedAgent. For AuthenticatedAgent to be truly authenticated, server needs to be able to verify the authenticity of the identity claim.
Martynas Jusevicius
@namedgraph_twitter
well we only support WebID-TLS
so the presence of a valid WebID cert is the verification
i think the class name is appropriate
what’s the difference between “identification” and “authentication” really?
Sarven Capadisli
@csarven
Generally: claiming and verifying
Dmitri Zagidulin
@dmitrizagidulin
given how trivial it is to generate an ephemeral web id, I do think the AuthenticatedAgent term is useless.
Justin Bingham
@justinwb
+1
Martynas Jusevicius
@namedgraph_twitter
@csarven WebID-TLS does both
@dmitrizagidulin not sure what you mean
with WebID-TLS, you need to generate a certificate and host the WebID profile somewhere
that requires some effort at least
and you know which domain it is coming from
Martynas Jusevicius
@namedgraph_twitter

So W3C (Sir Tim, no less) turned down the opportunity to host the JS standard because they felt the web should be declarative-only. Imagine a declarative-only web today.

"Javascript: the first 20 years" https://buff.ly/30TpkPu (Brilliant article in a brilliant journal!)

https://twitter.com/technosophos/status/1273614442874445825?s=20

Sarven Capadisli
@csarven
Are they cases where either one (or both) would be preferable for servers to share request error details with clients: i) in response body ii) link relation using ldp:constrainedBy with target URI identifying the constraints?
Dmitri Zagidulin
@dmitrizagidulin
does ldp:constrainedBy have anything to do with errors?
Sarven Capadisli
@csarven
Server is supposed to include that header in 4xx responses.