csarven on server-link-auxiliary-type
Apply suggestions from code rev… (compare)
csarven on main
Add missing subsections (compare)
csarven on main
foaf:Agentis used if no WebID client cert is present
based on the WAC https://www.w3.org/wiki/WebAccessControl
Servers are required to recognize the class
foaf:Agentas the class of all agents. This indicates that the given access is public. In some cases this will mean that authentication is therefore not required, and may be skipped. When a resource is being written, however, it may be necessary to associate the change with some kind of ID for accountability purposes.
acl:AuthenticatedAgentmakes sense if the server constrains the identity providers that are trusted. In traditional web applications with external identity providers, this tends to be a closed set (e.g. login with Google, FB and Twitter but not any arbitrary identity system), and there,
acl:AuthenticatedAgentmakes sense. If, however, identity in Solid is entirely decentralized and if resource servers need to be able to negotiate auth tokens from an open set of identity providers, then there is effectively no difference between an “authenticated” agent and an unauthenticated agent: I can create an ephemeral identity provider with an ephemeral WebID and call that an
acl:AuthenticatedAgentwhich could get a higher level of access just because I have some scripts running this ephemeral infrastructure
So W3C (Sir Tim, no less) turned down the opportunity to host the JS standard because they felt the web should be declarative-only. Imagine a declarative-only web today.