Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 12:49
    csarven edited #456
  • 12:46
    csarven locked #456
  • 12:45
    csarven opened #456
  • Sep 23 13:41
    elf-pavlik commented #455
  • Sep 23 13:41
    csarven commented #455
  • Sep 23 13:28
    elf-pavlik commented #455
  • Sep 23 13:18
    elf-pavlik commented #454
  • Sep 23 13:16
    elf-pavlik commented #454
  • Sep 23 11:13
    RubenVerborgh commented #454
  • Sep 23 10:51
    rubensworks commented #455
  • Sep 23 10:19
    csarven commented #455
  • Sep 23 10:13
    csarven commented #455
  • Sep 23 10:13
    matthieubosquet commented #455
  • Sep 23 07:00
    rubensworks commented #455
  • Sep 23 06:50
    csarven commented #455
  • Sep 23 06:50
    csarven commented #455
  • Sep 23 06:33
    rubensworks commented #455
  • Sep 23 06:33
    rubensworks commented #455
  • Sep 23 06:32
    rubensworks commented #455
  • Sep 22 15:23
    matthieubosquet commented #455
Fred Gibson
@gibsonf1
But that said, this spec is fantastic https://www.w3.org/TR/activitystreams-core/
Fred Gibson
@gibsonf1
Actually, I've solved the hierarchy issue in our ontology by defining all as:Object, as:Activity and as:Link as conditions, so they don't interfere with our core ontology. That is, these types are conditional based on, for example, use of them with as predicates etc and thus don't interfere with the core definitions for an Object and Event, etc
Fred Gibson
@gibsonf1
and then added a class to which both as:Object and as:Link are subclasses to avoid the complex range definition: : as:Object rdfs:subClassOf neo:s_activitystream-class. as:Link rdfs:subClassOf neo:s_activitystream-class .
so then it would be just rdfs:range neo:s_activitystream-class
Would be great if the ontology could be updated to do something similar and treating these items as conditions
Fred Gibson
@gibsonf1
This also allows integration of as:Activity as both a subClassOf event:Event and s_activitystream-class, so the Activity can be inferred as an event (where event:Event is the neo core definition for an actual event in the world)
Fred Gibson
@gibsonf1
Also just noticed: IntransitiveActivity Inherits all properties from Activity except object. Which actually means that Activity should be a subclass of IntransitiveActivity
Fred Gibson
@gibsonf1
Actually I'm strugging to understand or find an example of an IntransitiveActivity, that is an activity for which there is no object. Does anyone have ideas?
For example, this is the example used:
{
  "@context": "https://www.w3.org/ns/activitystreams",
  "type": "Travel",
  "summary": "Sally went to work",
  "actor": {
    "type": "Person",
    "name": "Sally"
  },
  "target": {
    "type": "Place",
    "name": "Work"
  }
}
However, Sally is the object of this activity, there is nothing intransitive about it
So maybe the idea here is to leave the object off if the actor and object are the same?
Fred Gibson
@gibsonf1
That is, the event in which Sally performed a move of herself "went" changed her input state "location:somewhere not at work" to her output state "location:work"
Aaron Coburn
@acoburn
Sally is the subject. Grammatically, there is no direct object. I would reccomend looking up "transitive verbs" for more examples
*intransitive verbs, that is
Sarven Capadisli
@csarven
@gibsonf1 AS ontology - I assume you're looking at the Turtle - may not be accurate. It was not finalised.
Jeff Zucker
@jeff-zucker
interop folks - how is the exclusivity of an AuthorizationAgent enforced? If I have an old-style app with write perms on the whole pod, what is to prevent me from writing stuff only the AuthAgent should write to? Does the AuthAgent, the first time it is invoked go through and create .acls for itself?
What's then to prevent an app with Control from re-writing those?
elf Pavlik
@elf-pavlik

We are still polishing details. I see it in the following way:

  1. Authorization Agent creates Access Consents and based on them generates Access Grants
  2. Authorization Server (associated with given Resource Server) can access Data Grants applicable to given RS and based on them sets ACRs/ACPs/YouNameIt-s

In that case Authorization Server associated with Resource Server (RS would advertise it via as_uri in WWW-Authenticate would be the exclusive party to create ACRs/ACLs/...

This doesn't require anything like acl:Control access mode at all, the association between AS and RS is pre-established.

With this approach, Access Consents would be the single source of truth, Access Grants are derived from those by AA, and ACRs/ACLs/... are derived from Data Grants by corresponding Authorization Servers.

Introducing another source of truth can lead to various issues, policies set directly in ACRs/ACLs could be easily overwritten.

I think we could have different approaches coexisting but preferably in different storages, solid/specification#377 could possibly address it as well, where one storage type would be AS managed and another could allow raw ACP/WAC/YouNameIt policies.
We have been diving into that during Wednesday AuthZ calls and I expect we will continue working things out during next weeks.

The approach discussed above has the advantage of only AS and RS needing to agree on ACP/WAC/YouNameIT, clients (apps) only need to understand Data Grants (read-only), and Access Needs. Authorization Agent stays responsible for dealing with most interop nuances and it would rely on AS to set policies on RS based on Data Grants (also read-only for AS)
Jeff Zucker
@jeff-zucker
So basically there would be old-style storages and new-style storages and never the twain shall meet ? Only old-style apps can access the former and only new-style can access the latter? That does not seem workable to me.
I would like to come to your meetings but am really swamped for the next few weeks.
elf Pavlik
@elf-pavlik

What's then to prevent an app with Control from re-writing those?

I see many problems with letting clients (apps) set policies. User should be able to manage all policies from one place they have full confidence with, in interop it's their Authorization Agent

Regular clients (apps) shouldn't force people to set any access policies with them, instead, they should initiate flow with AA and let user do those very specific and security-critical access decisions there.
Jeff Zucker
@jeff-zucker
That's fine for new-style apps, is your suggestion that the entire existing ecosystem of apps just go away?
Jeff Zucker
@jeff-zucker
I agree that Control should only be granted to one or a very few apps (e.g. SolidOS and Penny in the existing system)
elf Pavlik
@elf-pavlik
We have related issue: solid/data-interoperability-panel#237
Fred Gibson
@gibsonf1
A quick slightly unrelated question: any request that comes into a solid server with an ip-address as server name is almost guaranteed a hacker, and its in the nature of solid that DNS is always required, so I was just trying to think what would be the best code to throw at an ip address, 404, 403?
Sarven Capadisli
@csarven
Personally, I would only block (403) IP addresses that I know or well-known to be acting outside of the terms of my service.
Fred Gibson
@gibsonf1
This is in the sense of a request coming into the server using an ip address instead of a DNS request (not the origin), like 5.161.48.158/profile/card instead of https://frederick.trinpod.us/profile/card
Feb 15 20:04:36 make trinity[842703]: 103.203.57.25 - [15/Feb/2022:20:04:36 +00:00] "GET 5.161.48.158:/ HTTP/1.1" 200 2528 "-" "HTTP Banner Detection (https://security.ipip.net)"
I guess something like this scanning / with ip could be ok, but this is for sure a hacker:
Feb 15 20:03:17 make trinity[842703]: 45.146.165.37 - [15/Feb/2022:20:03:17 +00:00] "POST 5.161.48.158:/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 404 683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
So maybe the rule would be any non / request by an ip address should get 40?
Fred Gibson
@gibsonf1
But good point, 404 unless it for sure is violating TOS
Jeff Zucker
@jeff-zucker
Also for a hacker 404 is "try the next thing" and 403 is "what can I do to get that"
Fred Gibson
@gibsonf1
Ahh yes, people want what they cant get. I was also trying, for true hackers, to send no reply or something like that
But then I would have to reserve a thread for hackers where the request is sent to die and timeout the other side
Sarven Capadisli
@csarven
A request can be forbidden (403) for any reason.
Kjetil Kjernsmo
@kjetilk
Feb 15 20:03:17 make trinity[842703]: 45.146.165.37 - [15/Feb/2022:20:03:17 +00:00] "POST 5.161.48.158:/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 404 683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
Those are cute... I see lots and lots of them impinging on my servers too. That's why I think it is important to have a processing step ahead of anything heavy that can reject stuff like that
Fred Gibson
@gibsonf1
:thumbsup:
I added this function at the top of all routes:
(defmethod reject-ip-request ()
  (when *request*
    (let ((server (request-server-name *request*))
      (path (request-uri *request*)))
      (when (or (not (stringp server))
        (not (stringp path))
        (and (?ip-address server)(not (string= path "/"))))
    (throw-code 404)))))
So if an IP request comes in for anyting other than /, 404
Sarven Capadisli
@csarven
@kjetilk , welcome to the W3C Solid CG! Here are some issues...
Sarven Capadisli
@csarven
Mathlouthi Khaled
@odaper
Hello, I'm joining the SOLID community and I'll contribute to this great idea, but I still have some questions: if my company will have its own POD that will hold all confidential data of its employees, the risk of cyberattack is higher than before right? because today my company have multiple databases by application like HRPortal, Intranet...etc if they will be moved to one place I think that the risk will be higher, what do you think?
sjoertrix
@sjoertrix:utwente.io
[m]
Interesting question. When you have stuff with 10 suppliers, the risk of getting hacked might be 10x. And you don't have much control about security, country or policies.
With Solid it is easier to be in control of your data, you decide where you leave your data. You could choose to leave some HRdata with a different Solid supplier, but you have the option to store your data where you choose.
1 reply
This question might be more appopriate in the general solid chat.
Mathlouthi Khaled
@odaper
Hello, why the RDF/XML should be used to read/write data in the POD instead of JSON-LD? our Stateless apps today are using JSON so I think that moving to RDF via REST API may create a breaking change in the existing web apps and migrating to SOLID PODS will be complicated. I support the idea of SOLID and I'll contribute to this great project but for now I'm trying to understand and identify the problems that we may face in the future. Many thanks for your answers
Sarven Capadisli
@csarven
@odaper RDF/XML is not required by the Solid Protocol. Where did you come across that information?
9 replies
Sarven Capadisli
@csarven
:bell: Daylight saving time changes up ahead... everyone get abacuses out.