Permissions and Obligations Expression Working Group Teleconference

31 Oct 2016


See also: IRC log


renato, Sabrina, ivan, James, michaelS, victor, Brian_Ulicny, smyles, phila
Serena, Ben, Caroline


<scribe> agenda: https://www.w3.org/2016/poe/wiki/Meetings:Telecon20161031

<renato> https://www.w3.org/2016/10/24-poe-minutes.html

Approve last meeting's minutes

RESOLUTION: meeting notes of the last week's call have been approved

<renato> https://docs.google.com/document/d/15nbqGY20IIGbTQOzKxzw59TLzwfPpRZu-1KKA97phKg/edit

BISG use cases

POE.UC.32: Improve efficiency of foreign rights transactions (University Press)

renato: Requirement 3.1 is about being language-agnostic for international purposes
... URI's are neutral hence every language can be potentially supported
... this applies to 3.2 and 3.3 too

ivan: terms can also be numbers, and these be mapped to actual languages. This way the system is more neutral, as ODRL is English-oriented.

renato: W3C Internationalization Requeriments are the reference

ivan: what we do should be ok for these requirements

RESOLUTION: We considered UC32 as covered

POE.UC.33: Disambiguate access permission from copyright permission (University Press)

renato: four requirements are stated

victor: is "given platform covered"?

renato: we can specify the specific device

michaelS: is platform=device?

renato: it is also about access control

ivan: we can represent the right to access

<James> Authentication and Authorisation is out of scope I think.

renato: Marc says it deals with usage permission

michaelS: this is a general problem. Once accessed... are they allowed to read only? copy-paste?

<James> Authorisation may make use of a ODRL an agreement depending on internal business rules

ivan: perhaps by allowing the plug-in of external vocabularies would suffice

renato: any other comment?

Brian_Ulicny: the licensing environment must be considered

renato: perhaps we need more clarification

RESOLUTION: We ask for more clarification to University Press

topic. POE.UC.34: Library collection management and access

POE.UC.34: Library collection management and access

renato: (reads aloud the four requirements)
... we are already covering 34.1. There are other standards like ONIX for Books, JATS for journal articles, XMP or PLUS for images.

michaelS: this is much like composite photos

<michaelS> https://www.w3.org/TR/media-frags/

michaelS: if we have a composited asset, we can different policies for each of the regions of the asset
... should these independent policies be somehow grouped?

renato: i understand that different parts of the assets are identified with URIs following the media fragments recommendations...

requirement 3 is about providing standard info on the copyright holders


renato: requirement 4 is about different rightsholders in different geographical areas

michaelS: then we can simply have different policies, each applying to a region

<James> I agree with MichaelS

phila: there is a difference between geography and jurisdiction

michaelS: we use country codes as equivalent to jurisdiction

victor: (I had a small objection, but worthless to be discussed: we specify the country code tied to a restriction, not to an statement that is generally attributed to the party)

POE.UC.35: Rights licensing for custom textbook publishing (higher education publishers)

RESOLUTION UC.34 is already covered.

michaelS: 35.1 is already covered

Req. 35.2 is about "Permissions data may also be associated with a group of products"

ivan: we may want to remember POWDER...

renato: we can have more than 1 URI as the target. Can't we?

ivan: why not? a list of identifiers

James: this is like a problem we discussed: we may not want one policy pointing to 1000 assets, but 1000 assets pointing to one single policy.

smyles: a URI identifying a single thing is a very rare case. E.g. one video may have one URI. But it will have multiple renditions. E.g. a text item might be updated and have differently authored versions etc.

phila: There are several solutions. URI templates are very well stablished (braces), google uses wildcards
... are these UC important enough for this group to tackle them?

ivan: CSV on the Web used URI templates.

<ivan> https://tools.ietf.org/html/rfc6570

ivan: With that, we have something to start with.

phila: The "exceptions" are not perfectly handled (in POWDER they were better modeled) but it is just a detail

<phila> phila: I would say "A POWDER- like approach" rather than recommend it directly

renato: this should be no problem -- 35.3 Permissions and obligations must be able to be expressed for content locally authored, for example by a teacher, that is not licensed from a third party.
... We are not in control of "35.4 policies must be able to be persistent"

ivan: +1

renato: on 35.6, "The permissions and obligations associated with the coursepack may not align with the permissions and obligations associated with each of its components." we may consider there is a new resource.

<James> its UGC I think

renato: there may not be a perfect alignment, as conflicts may arise.

ivan: what can we do about it? we do not want to have checking mechanisms.

renato: at most, within the Semantics note.

POE U.C. 36: Users need to know the permissions and obligations associated with using a given publication.

renato: this may be part of the implementation details
... 36.2 is pretty much the same

phila: From an American lawyer's point of view, the fact that you publish a text does not imply that the user has read it

renato: so we take it as out of scope
... we are waiting from clarifications from XXX

ivan: There may be something more serious than URI pattern

renato: we need some narrative text in the spec.
... any other comment regarding BISG?

<renato> https://www.w3.org/2016/poe/wiki/Requirements#POE.R.V.16_Assertion_Policy_Type

Policy type to support PLUS data model

<James> It seems useful to me

RESOLUTION: we accept POE.R.V.16_Assertion_Policy_Type

renato: shall we come back to complex constraints? AOB? or shall we talk about virtual F2F?

Management of actions / issues on different locations

renato suggest using exclusively the W3C issue tracker (and NOT the github issues).

renato: github issues may be tied to the actual edition of the documents
... while W3C tracker can be used for actions imposed to actual people.

RESOLUTION: W3C actions to be used as "TODO" list for participants.

Virtual F2F meeting

renato: it has been announced as a "very long conference 4-6 hours"

phila: it is limited by timezones.
... there is no easy way.

<Sabrina> Depending on the start time - I might not be able to attend the whole Virtual F2F due to a parent teacher meeting

phila: 12.30 UTC is perhaps the best for most of us --but 22.30 for Renato(!). Alternatively, we may start much later so that Renato wakes up early and joins.

renato: I prefer in my night, possibly abanding the call earlier than the rest.

phila: s/abanding/abandoning

renato: I will propose a window of time; agenda is related to having WDs ready by mid December.
... AOB?

phila: What about real F2F?

renato: will be included in the next agenda

<scribe> ACTION: renato to write VirtualF2F agenda - due next week [recorded in http://www.w3.org/2016/10/31-poe-minutes.html#action01]

<trackbot> Created ACTION-35 - Write virtualf2f agenda [on Renato Iannella - due 2016-11-07].

Summary of Action Items

[NEW] ACTION: renato to write VirtualF2F agenda - due next week [recorded in http://www.w3.org/2016/10/31-poe-minutes.html#action01]

Summary of Resolutions

  1. meeting notes of the last week's call have been approved
  2. We considered UC32 as covered
  3. We ask for more clarification to University Press
  4. we accept POE.R.V.16_Assertion_Policy_Type
  5. W3C actions to be used as "TODO" list for participants.
[End of minutes]