Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 12:22
    elf-pavlik commented #315
  • 11:11
    csarven edited #315
  • 11:00
    csarven edited #315
  • 10:31
    csarven milestoned #315
  • 10:31
    csarven assigned #315
  • 10:31
    csarven labeled #315
  • 10:31
    csarven opened #315
  • 06:59

    csarven on main

    Add 2021-09-22 Editors meeting … (compare)

  • Sep 22 20:13
    kjetilk commented #220
  • Sep 22 20:13
    kjetilk milestoned #220
  • Sep 22 20:13
    kjetilk assigned #220
  • Sep 22 20:13
    kjetilk commented #125
  • Sep 22 20:12
    kjetilk milestoned #125
  • Sep 22 08:42
    csarven commented #311
  • Sep 22 08:41
    csarven commented #311
  • Sep 22 08:00
    csarven edited #311
  • Sep 22 06:47
    csarven milestoned #313
  • Sep 21 15:14
    csarven commented #313
  • Sep 21 14:12
    csarven unlabeled #313
  • Sep 21 14:12
    csarven labeled #313
Justin Bingham
@justinwb
i like 2 - simplest and most explicit
Aaron Coburn
@acoburn
no strong opinion
Sarven Capadisli
@csarven
OKie dokie. good enough for me. Let's go with bachelor/bachelorette number 2.
thanks all

WOW, I guess I don't remember anything... since we already had this text:

The quoted and unquoted values for <code>access-modes</code> are equivalent. Servers are recommended to use quoted values in the response. Clients' are recommended to be able to parse both quoted and unquoted values.

Going to remove that line and update ABNF
Pete Edwards
@edwardsph
#2 had my vote too
Sarven Capadisli
@csarven
Alain Bourgeois
@bourgeoa

Solid has the notion of containers to represent a collection of linked resources to help with resource discovery and lifecycle management.

Are there any reference in solid spec to the lifecycle management. Is it within the containement triples with dates or etags .... Is there a W3 spec ? NSS use dates.

Sarven Capadisli
@csarven

@bourgeoa In that context, "lifecycle" is as described in https://www.w3.org/TR/ldp/#dfn-containment . Happy to clarify this in the Protocol spec though. The intention is that a container gets to be aware of what happens to its resources eg. deleting a resource also entails that there is a cleanup task in which the containment statement is removed from the delete resource's container. There is also related requirements like disallowing a request to delete a non-empty container.

I'm curious to know what hinted at dates/etags for you though..

Alain Bourgeois
@bourgeoa

@csarven there where 2 questions : the first one came from solidos meeting where @timbl stated that in containement triples there should be date creation and date modified. I did not find any reference in solid spec. And the second was around the discussion in app-development chat around how to know that a resource has changed and where the first response was to check the body content.

If I may suggest that the solid specification give not only a global reference link but also to a paragraph link to the w3 specification.

Sarven Capadisli
@csarven

Suggestion noted, thanks. I'm aware of the date info consideration about container resources in the container description.. will come back to this. (It is currently not a requirement).

For resource changes, yes, well, if authorized, and if present, Last-Modified or ETags are good indicators on each resource. To detect those changes from the container, yes, resource description (but again, if it is available.. and right now it is not required).

Sarven Capadisli
@csarven

re exchange with the Credentials CG, can we perhaps commit to Feb 24 (Wednesday).. with two sessions? One of those will be the authz-panel's slot, and the other will be CG's slot later on. And lets see what works for them?
See https://gitter.im/solid/specification?at=6001ada781c55b09c70d2da8 for details from earlier. Everyone is welcome to attend. Make sure to be a member of at least one of the CGs.
Justin Bingham
@justinwb
@csarven confirming 24th would be for the Authorization Panel’s presentation specifically? if so we could reuse the authz panel session time slot since its same day (probably why you suggested that day)
Sarven Capadisli
@csarven
Right. Both groups have a meeting on that day so reusing both slots. We'll figure out the rest as we go.
Justin Bingham
@justinwb
:+1:
Sarven Capadisli
@csarven
Ours starts at 16:00 CET and theirs at 19:00 CET. So, it'd be good to give a confirmation at least from our end for those two times.
Justin Bingham
@justinwb
16:00 CET should be a safe bet since it overlaps the current time. i can make both slots :white_check_mark: can raise second slot w/ panel on weds unless we need answer sooner
Henry Story
@bblfish
Ok. that gives me 3 weeks to prepare some implementation of credentials parsing to be really up to scratch on what is going on there.
Sarven Capadisli
@csarven
@bourgeoa I don't quite understand your question or relevance in https://github.com/solid/specification/issues/227#issuecomment-773402869 . If that's a separate need, can we discuss here? Perhaps delete the comment?
Alain Bourgeois
@bourgeoa
@csarven May be I do not understand your process. Is containment triples not the object of your issue ?
These containment triples are produced out of information available somehow on the server. Some of these informations should be available because solid is following the server http specification. For these one there should be no real cost. This do not imply that they must be available in containment triples and other may be solid specific not available from existing spec.
It is just an information in the discussion.
If you still feel inappropriate I shall delete my comment.
Sarven Capadisli
@csarven
No, not containment triples. What information is available in a container representation? Containment triples are expected but what other information, if at all, should it include?
Alain Bourgeois
@bourgeoa
That is exactly my point. I suppose that my wording above then is bad.
Is container representation something different from a collection of triples ?
Where you to something different like .meta being included by NSS in the container representation.
Aaron Coburn
@acoburn

This is definitely something to clarify at the spec level, since different servers behave differently in this regard. Requiring child descriptions in the container listing, however, is problematic.

Consider a structure such as </container/> ldp:contains <a>, <b>, <c> .

In order to view that data, an agent needs read access to /container/, but may not necessarily have read access to a, b or c. Including descriptions of a, b and c in that container listing, however, will mean that the server will need to perform access checks on each of those child resources. In this simple case, that means 4 authZ checks.

Containers, however, can include an arbitrary number of child resources, and once that number grows, that means that every GET request to a large container could, potentially, be its own DoS attack.

One can achieve the same goals by using a query endpoint without the scalability issues

An alternative (don’t enforce authZ checks on child descriptions) will leak data and is problematic from a privacy perspective
Sarven Capadisli
@csarven
@bourgeoa A container is a resource like any other resource.. it has some expectations of course (which are not worth repeating here). So, yes, it can have other information besides containment triples. Container's own label for example. Description resources (via describedby) are intended for something else.
Fred Gibson
@gibsonf1
What we're doing in the case of a container is including all the child container ldp:contains triples as well (if user has permissions to see them) so that a files application will know which containers can be expanded without having to load all the child containers separately
We tried it with loading all child containers separately first, but the performance is just too slow that way
namedgraph_twitter @namedgraph_twitter remembers why we decided never to use LDP...
Sarven Capadisli
@csarven
@acoburn I do ack. Trying to see what can be reconciled. Something has to deal with the burden. We do need the applications to have basic capabilities evenly and not be a hit-and-miss depending on the server they are talking to. Querying is certainly a way out of this but then we are then requiring both servers and applications support it.
@gibsonf1 Sounds like your container hides containment triples about contained resources that the requester is not granted to access?
Fred Gibson
@gibsonf1
We have triple level permissions, so if a user did not have permission to that they wouldnt see it
Sarven Capadisli
@csarven
@namedgraph_twitter Does your system have the notion of graphs , collections, containers, members, isPartOf/hasPart etc? Say you have a resource of sorts that it tracking (in the general sense of the word) many resources.. what kind of additional information does it provide (if at all) about those resources?
eg. GET /photos/ --- expecting the representation to include statements to 1000000000000000 photos URLs.
Justin Bingham
@justinwb
whether the permissions are triple level or resource level - the performance penalty @acoburn is referencing would still apply - determining whether someone can see something implies an access check no?
Martynas Jusevicius
@namedgraph_twitter
@csarven LinkedDataHub has
  • named graphs (resources descriptions with the same subject URI grouped into one named graph)
  • client-side containers that use SPARQL query (building) to retrieve child resource descriptions
we had server-side containers but have since remove them because they were not flexible enough
it's like one predefined projection over a dataset, while using query building we can have them dynamic
Fred Gibson
@gibsonf1
The access check is incredibly fast (hard to measure) on the server side, so that isn't an issue. But for us, every request is a node in the graph, and we have pure graph structures like "card" such that that node contains other nodes (the genus concept of ldp:contains = m_contains) so we automatically serve all the contained (non-ldp) nodes when the request is for a parent
So /profile/card is not a file, is just a node, but it m_contains the person's node
Sarven Capadisli
@csarven
@namedgraph_twitter @gibsonf1 may I ask you to respond in solid/specification#227 about your implementations. See the use cases and perhaps chime in on the concerns raised there/here..
Fred Gibson
@gibsonf1
We will do the same for documents such that there is a parent node for the overall document, then a hierarchy of m_contains nodes below that
Will do @csarven
Sarven Capadisli
@csarven
@namedgraph_twitter I want to understand better.. could you simplify with an example along the lines of GET /photos/ or maybe pick one or two of the use cases mentioned in that issue?
@justinwb true that.
Martynas Jusevicius
@namedgraph_twitter
1 reply
Aaron Coburn
@acoburn
@csarven if a query endpoint is a not possible, then I would strongly advocate for a consistent paging mechanism across servers
Once you have paging, you can support sorting as well, which is something I consistently hear as a feature request