csarven on minutes-template
Init minutes template (compare)
This is definitely something to clarify at the spec level, since different servers behave differently in this regard. Requiring child descriptions in the container listing, however, is problematic.
Consider a structure such as
</container/> ldp:contains <a>, <b>, <c> .
In order to view that data, an agent needs read access to
/container/, but may not necessarily have read access to a, b or c. Including descriptions of a, b and c in that container listing, however, will mean that the server will need to perform access checks on each of those child resources. In this simple case, that means 4 authZ checks.
Containers, however, can include an arbitrary number of child resources, and once that number grows, that means that every GET request to a large container could, potentially, be its own DoS attack.
One can achieve the same goals by using a query endpoint without the scalability issues
curl -H'Accept: text/turtle' http://www.w3.org/ns/ldp
:inbox a rdf:Property; rdfs:comment "Links a resource to a container where notifications for the resource can be created and discovered."; vs:term_status "stable"; rdfs:isDefinedBy <https://www.w3.org/TR/ldn/>; rdfs:label "inbox"; dcterms:issued "2016-09-29"^^xsd:date; dcterms:creator <http://csarven.ca/#i>, <https://rhiaro.co.uk/#me>.