Permissions and Obligations Expression Working Group London F2F Day 1
18 May 2017
benws: welcomes everyone to the london f2f + remote meeting and points to the agenda https://www.w3.org/2016/poe/wiki/Meetings:London2017
renato: what do we expect an odrl processor to do - expression, validation, enforcement?
renato: this will determine what are the testing requirements
renato: without specifying the nature of the odrl processor, we can't test it
benws: the authors of the formal semantics should be able to speak to the requirements
simon we need to clarify constraints in odrl - should an odrl processor do constraint checking?
simonestey: we are in between - some constraints can be checked, others cannot be automatically evaluated
simonestey: we should directly state - odrl processor must be able to check constraints (or decide not)
simonestey: constraints in odrl are currently a more concise version of the natural language expression. however, we have changed some constraints so that they could be automatically checked - e.g. current date or time
<Zakim> phila:, you wanted to highlight https://w3c.github.io/poe/model/#dfn-odrl-processor
simonestey: the question is should we fully follow that route - should odrl processor be able to evaluate constraints?
<phila> ODRL Processor
phila: agress we should discuss what a processor should do. but we need to start with defining "what is an odrl processor?"
phila: we have a definition "A system that provides services that creates, manipulates, and validates ODRL Policy expressions"
phila: but we need to more fully specify the definition
michaelS: exactly how should the processor be defined - is it a list of features?
phila: yes, we should have a section in the document which lists all the things that a processor should do
michaelS: in the RightsML definition, yes we did believe that constraints should be evaluated
michaelS: but the tricky thing in resolving constraints is interpreting the left operand. some are implicitly normative, others are explicitly non normative
michaelS: we need to define the difference between normative and non normative more precisely
renato: the normative and non-normative terms was based on the survey of current ODRL usage. if two or more uses were found a term was declared normative
<victor> http://delicias.dia.fi.upm.es/~vrodriguez/static/odrl/semantics1.pdf
<benws> q b
victor: the editors of the formal semantics note met only once
victor: several possibilities were identified. SHACL was discussed, but maybe it doesn't cover everything?
victor: should we require conversions between formats - XML, JSON, RDF? conclusion, no
victor: should the processor validate profiles? also no
victor: other items were declared secondary. the main priority was to create a conformance validator
simonestey: rules in the information model - you are able to check your policy conforms to the specification, e.g. via SHACL
simonestey: odrl concepts all have shapes, which lets you confirm whether your policy conforms to the spec
simonestey: some constraints - e.g. absolute position - how can this be checked in a standardized way?
simonestey: we as a working group must define how to automatically evaluate each constraint
simonestey: some constraints are more straightforward, but many are too abstract to define in a standardized way
renato: it will be almost impossible to define constraint checking - too difficult to cover all cases
renato: we could validate that the expression is a valid ODRL policy, but it is out of scope to require that an ODRL processor can evaluate every constraint type
ivan: wondering whether it makes things too complicated to discuss "one" odrl processor
ivan: there are several different type of task - saying they are all the same thing. perhaps it is better to discuss them using different names
ivan: do we only have one odrl processor? no. we have a constraint processor (one kind) but several other kinds too
<Zakim> phila:, you wanted to distinguish between function and method
benws: in the standard we should discuss a processor which validates that the processor is syntactically correct
phila: agree that there should be a level beyond which we should not go
phila: should an odrl processor as defined by the group check for conformance to the odrl standard? or do we say that an odrl processor requires valid odrl as an input
phila: an odrl processor does need to be able evaluate constraints - "is the sky blue?" "all of those things must be jpegs" - those are not things that can be specified within turtle or XML, therefore they must be evaluated via the processor
simonstey: constraint checking is integral - e.g. a duty is not fulfilled unless all of the constraints are satisfied
simonstey: for formal semantics - we could say "either a constraint evaluation result is either true or false". but i'm not sure if we need to help users more than that?
victor: we should have a numbered list of features that a processor must support. but are some features automatic and some are not?
phila: there are different types of constraints - some which can be evaluated automatically, but some not. and we need to prove that we have different machines that will provide the correct and consistent results
renato: we do talk about constraints in the spec. but currently not any further details on how to evaluate the constraints
renato: should we have an odrl processor that validate syntax and something else (not called a "processor") which evaluates the constraints
<phila> +1 to Renato
<phila> RRSAgent:
benws: is there room for a different part of the processor which says "given that the constraint is satisfied" (even if we don't say how) "then this permission is actionable"
<phila> s/^renato /renato: /g
simonstey: we could say "if all of the constraints are satisfied then the action is actionable"
simonstey: we could say "if all of the constraints on a duty are satisfied then the action is actionable"
<victor> i can see an easy task to build an automated processor if "constraint validation" is a made as a "black box".
benws: if a constraint (a left operand) was strongly defined in a profile to have a meaning within the context then we could evaluate the permission
benws: perhaps we should require that all profiles meet that definition standard - that they must be precisely defined within a context
<renato> https://w3c.github.io/poe/vocab/#term-absoluteSpatialPosition
simonstey: an example of a constraint which cannot be checked in a general way is absolute position
victor: points out that some constraints could be manually checked
<simonstey> http://w3c.github.io/poe/vocab/#term-absoluteTemporalPosition
michaelS: example - advertising clip has to be between 1 minute and 1.30 minute of a stream. how could this be checked by an ODRL processor?
michaelS: how well do some left operands work? such as count of usages?
benws: there is only so far we can go in machine readable representation
davec: many of these constraints are not edge cases
benws: agreed
davec: some constraints can't be done programmatically, but are core to odrl
renato: we should take the black box approach for constraints. how else can we cover all the cases?
<victor> Side note: I find the word "processor" too broad. For example, I can conceive a service that given a ODRL expression, an automatically generated English expression is given. This would be a "processor", wouldn't it? I believe that this software would abide to the constraints we are discussing now --although not called "processor", but "validator"
renato: if we try to enforce constraints, then there is a risk that our group would be misunderstood in is intent
renato: we can have a processor which validates the odrl properties, but the actually checking of the constraints needs to be done by some external system
renato: POE has the word "expression" in the name, since that is the scope
phila: the notion of "actionable" is useful
<phila> smyles: I agree with where we seem to be getting
<phila> ... The thing I built that I call an ODRL processor, consults context
<phila> ... It asks "is this constraint satisfied" but doesn't ask how do you know
<benws> q
<phila> smyles: The separation is useful as is the black box concept
ivan: i agree but ...
ivan: the processor must be more than what, say, SHACL can do
ivan: this would then be a testable thing for our CR criteria
LindA: will the ODRL engine check whether the constraint has been processed?
ivan: do we need an engine, which depends on the true or false of the constraint evaluation and then acts upon it
ivan: if so, then this evaluation must be defined and testable
phila: each constraint needs to be evaluated via a "black box" which returns "true or false"
benws: the processor then makes decisions based on the true / false status of the constraints
renato: can the black box be a human?
everyone: yes!
phila: it is literally true or false coming back from the API
lindA: introduces herself to the team
<renato> https://www.linkedin.com/in/lindaburman/
davec: introduces himself to the team
<renato> https://www.linkedin.com/in/davecompton/
benws: asking whether formal semantics support the odrl processor we have just agreed?
victor: yes i think so
simonstey: yes, since something else will do the actual constraint evaluation
victor: if we do an implementation, will that count?
phila: yes
phila: stages. the concept of an odrl processor, then the
proposal: we define fully the concept of an odrl processor
<victor> ...
<victor> +1
phila: knowing that we therefore have to show independent implementations exist
phila: they don't have to be open source or commerical or public, but they must be shown to exist
<phila> +1
+1
<renato> +1
<davec> +1
<benws> +1
<ivan> +1
<CarolineB> +1
<simonstey> +1
<michaelS> +1
Resolved: we define fully the concept of an odrl processor
phila: what does the odrl do (and not do)?
phila: do we want validation of the odrl policy a part of the processor?
benws: it is better to split validation from processor
victor: we should have a validator and something else
victor: what should we call the "something else"
<renato> policy
linda: evaluation is not sufficient to determine whether something is actionable
michaelS: we should not forget about restrictions
benws: suggest - a validator and an evaluator
phila: the process of validation is seperate from evaluation
michaelS: validation could include structural items, such as duties can only be there for permissions not restrictions
simonstey: on the one side is syntactic validation and on the other semantic validation
simonstey: semantic validation could detect contradictory statements, for example
benws: three elements? syntactic validation, semantic validation and then evaluation
simonstey: no, just syntactic and semantic validation
benws: you also need to know whether the policy is actionable or not
simonstey: if you already know whether a policy is semantically correct then is there anything left for evaluation?
phila: structural ? validation tends to mean just whether a parser can read the file, so we are really talking about "semantic validation"
phila: can you write a syntactic and smenaticaly valid policy which is still nonsense? yes
simonstey: if two rules are not actionable at the same time, you need to evaluate them - such as for conflict detection
simonstey: structural validation - is this valid odrl?
benws: aggregations of policies is an issue, for later debate
benws: we should only discuss the processor
benws: structural validation for correct odrl
benws: given values (e.g. via an API) for constraints being true or false, then there is an evaluation step to determine whether the policy is actionable
davec: how do we handle contradictory constraints?
benws: this is beyond the scope of what we're talking about
benws: odrl validator and an evaluator
<renato> ODRL Validator = odrl policy meets IM requirements
proposal: an odrl validator checks the correctness of the policy
[debate about what does "correctness" mean]
<renato> conformance?
ivan: could we define correctness by the set of tests we define
victor: correctness has a specific meaning, will this be confusing
<renato> :-)
proposal: an odrl validator checks the conformance of the policy to the ODRL standard
<phila> +1
+1
<simonstey> +1
<michaelS> +1
<benws> +1
<davec> +1
<renato> +1
<CarolineB> +1
<ivan> +1
proposal: an odrl evaluator determines whether the policy is actionable, including with reference to external boolean returning processes
<victor> +1
Resolved: an odrl validator checks the conformance of the policy to the ODRL standard
proposal: an odrl evaluator determines whether the policy is actionable
simonstey: what does it mean for a policy to be actionable?
proposal: an odrl evaluator determines whether the permission is actionable
<renato> Rule?
proposal: an odrl evaluator determines whether the permissions and prohibitions of a policy are actionable
<phila> +1
<CarolineB> +1
<davec> +1
+1
<benws> +1
<simonstey> 0
<michaelS> +1
<ivan> 0
<victor> +0
<renato> +0.9
<victor> i dont think an external reader will understand the word actionable
simonstey: what does it mean to be "actionable" in this context
<victor> i woulud speak in terms of actions, not prohbitions and permissions
michaelS: we should be careful - actions are only parts of the permissions and prohibitions
benws: that is not the job of the evaluator
renato: the evaluator is really about evaluating constraints and duties
renato: the evaluator is mainly about checking whether the constraints are satisfied
phila: we are trying to determine what the evaluator does and what the black box does
michaelS: is the verb "applies" clearer?
benws: applies to ... what?
benws: "in effect" captures the concept more precisely
proposal: an odrl evaluator determines whether the permissions and prohibitions of a policy are in effect
<phila> +1
<ivan> +1
<CarolineB> +1
<simonstey> +1
<benws> +1
+0
<victor> +1
<renato> +0.99999999
<michaelS> +1
<davec> +1
+1
Resolved: an odrl evaluator determines whether the permissions and prohibitions of a policy are in effect
<phila> RRSAgent:
<renato> Back in 20 mins
phila: does an evaluator specify whether a set of permissions and restrictions are in effect for a specific use
phila: does an evaluator specify whether a set of permissions and restrictions are in effect for a specific target
[coffee or tea break]
<renato> back
<michaelS> we too - slowly
<benws> We're back too
<smyles> phila: in re-reading the spec, i was looking at the discussion of "scope"
<renato> https://w3c.github.io/poe/model/#asset-scope
<smyles> phila: the target - where does the permission apply
<renato> https://w3c.github.io/poe/model/#party-scope
<smyles> phila: within that, you can add a "scope" - the value given was a URI
<simonstey> http://w3c.github.io/poe/model/#asset-scope
<smyles> phila: the URI given was meant - via some voodoo - "this is only applicable to e.g. JPEGs"
<smyles> benws: connection with processing?
<smyles> phila: there is a lot of processing going on there
<smyles> benws: the target can be one or more URIs
<smyles> benws: what those URIs mean is outside the scope of URI
<smyles> renato: what exactly is the problem with scope?
<smyles> renato: scope limits the application of that particular permission to URIs that match that additional scope URI
<smyles> renato: e.g. you refer to a catalogue, then you limit to to a subset of the catalogue that match the scope parameter
<smyles> benws: how is this different than a constraint?
renato: it could be handled by constraint in that particular example, but there is also a scope process for parties and assets
benws: is scope really just syntactic sugar? and so could it be eliminated?
benws: constraints could be applicable to the target
benws: is scope anything beyond what you can do with constraints?
renato: this was a requirement which was accepted by the working group, so we can eliminate it, but we did previously discuss and agree
phila: the processor needs to understand that..
benws: no, processors cannot understand constraints themselves
benws: processors use the results of constraint evaluation, the odrl engine does not in itself evaluation scope
phila: will be happy if the requirement can be satisfied via constraints and so eliminate scope as a different concept
<renato> http://w3c.github.io/poe/ucr/#POE.R.DM.08
ivan: I'm not sure this is still relevant... The way I would have read the example, the code was something like a media type
… That's probably not exactly what you meant
… The other possibility I was wondering about, was something like URI patterns
… They may express a set of targets
… But it seems it[s all going away based on your discussions
<simonstey> " The scope feature is useful is there is no ability to directly identify the target Asset with a uid identifier."
simonstey: If you read 3.2.2 the scope... the scope feature is useful is there is no way of identifying the target by UID.
<simonstey> https://github.com/w3c/poe/issues/111
simonstey: There's another issues where I was questioning whether every asset and party etc. must have an ID and not be bnode
… so maybe we have to remove that restriction
… if we can have blank nodes then you can add properties to that
benws: Rather than using a blank node, one could use a URI that points to an object that specifies a dataset and , say, jpegs only, a blank node is just an RDF way of doing that
… You're saying that by insisting on having UIDs, you're stopping me using RDF blank nodes
simonstey: It is an expressivity question. If you're not able to pinpoint the asset... ODRL says I need to identify the assets
… We don't have that requirement for Ps&Os, they can be bnodes,
… but maybe ai want to define the targets in terms of their properties
benws: I can always replace the blank node with an identifier
benws: I'm neutral on whether a target has to be identified or can be a bnode
michaelS: I think the legal context... does it make sense to ground the permission on something that is not uniquely defined
simonstey: We have this scope thing because we wanted to be able to define things without URIs
simonstey: Without a constraint language, you need to come up with a left operand...
benws: You can do that in a profile
simonstey: You can't punt everbthing to a profile
benws: Yes you can, all we need to know whether the constraint is satisfied or not.
smyles: I also would like to eliminate scope
<simonstey> https://github.com/w3c/poe/issues/174
smyles: For parties and assets where we can introduce scope. You give the group an identifier and then a scope
<benws> ?
smyles: For me the ... I don't see how ODRL can determine whether a target is or is not in the group
… I think scope is a concept that adds complication that won't be used
Linda: I think scope is too hard to define, it brings in too much complexity
michaelS: Regarding the scope - scope is also a constraint that applies to the asset, so it can easily be transferred there.
… But we should think that scope can be applied directly to an asset where a permission can apply to multiple assets
renato: Let me explain scope for parties. That was part of ODRL2.1
… The idea was the you go to identify a party and then say that the party was a group of individuals
… Then that permission could be exercised by individuas in the group
… SO it just gave us greater semantics
… There was more about parties but that was the original idea
<simonstey> http://w3c.github.io/poe/vocab/#term-Party
benws: I understand why we want scope, my question is whether it belongs in the ODRL standard or outside it. Does the work done by scope not be done by constraints
<ivan> http://www.rfc-editor.org/rfc/rfc6570.txt
ivan: I come back to what I said. It may be irrelevant...
ivan: That's the spec for URI templates
… target can be a URI, can be a URI template
… Any asset that matches this template is what we meant.
… Moustache is the processor that does that already
… Just removing the scope might be the simplest thing to do.
benws: That sounds like a good idea. Good if we can find semantics outside our own standard.
<simonstey> https://github.com/w3c/poe/issues/174
simonstey: I come back to my blank node issues...
<renato> Is a URI Template an IRI ?
simonstey: That's the issue about having UIDs
… I replace the assigner with a bnode that has a feature of foaf:name:Bob
… For an evaluator, this means that a certain rule is applicable for a certain assigner if the assigner has these properties.
benws: On the surface, I'm comfortable with that. but... wwe also have an XML serialisation?
<renato> <xml>
smyles: It would be difficult for me to say it's an RDF-only standard
renato: You're saying that every party with foaf:name Bob
renato: It's saying any JPEG within this context is in scope
phila: (no it doesn't)
simonstey: Just because I have a URI, doesn't mean I can resolve it.
renato: When I looked at your example, I thought there was one individual that had foaf:name Bob, but no, it's all Bobs
simonstey: The scope we have now defines the general stuff and then restrictions.
… Could be every party must belong to...
benws: Can this example be expressed as a constraint
renato: No, because constraints can't apply to parties
simonstey: It's not clear to which party the constraint applies
benws: We need to reduce the hidden semantics... maybe rely on the constraint. Use of bnodes seems to introduce stray semantics
renato: So would the proposal be to remove scope?
benws: And then that we don't allow bnodes
renato: That's a serialisation issue
benws: I'm not sure whether the original use case demands the scope notion
<ivan> +1 to ben with regard to scopes
benws: This would mean that our evaluation engine wouldn't need to define it.
<renato> http://w3c.github.io/poe/ucr/#POE.UC.17
smyles: I think it's hard for the ODRL engine to evaluate - I'd like that to be one of the black box actions
<renato> POWDER :-)
<smyles> phila: i struggled for 18 months with this same problem
<smyles> phila: in ODRL you point from the policy to the asset
<smyles> benws: in realistic implementations, assets will point to policies
<smyles> phila: so, should we remove the concept of target?
<smyles> benws: you need bi-directional relationships
<smyles> phila: given that (assets point to policies) then why point to targets at all?
<renato> for all the other real examples
phila: If you always go from an asset to a policy, why do we ever need odrl:target?
michaelS: nextPolicy is important
<victor> I wrote an example of the that here https://www.w3.org/2016/poe/wiki/Best_Practices#5._How_to_declare_externally_the_asset
<renato> https://w3c.github.io/poe/model/#asset
ivan: I've just realised that... an asset can be a uid or a URI template. It can be that now.
… That's missing from the discussion
phila: Recites UC17
benws: But I think his case can be expressed as a constraint
… It can't be a URI template
… e.g. we have info on 500 companies and you can by 20 of them, that's a constraint. not a URI template
davec: Going to the RightsML... using a document that described what the restrictions were
Linda: I was wondering why the prohibition of not applying a constraint on parties was there?
[No answer]
<ivan> +1
<benws> +1
PROPOSED: That we remove the concept of scope but allow constraints to be applied to parties and assets
<ivan> +1
victor: If I want to declare a constraint for adult content, the left operand can be age.
benws: That constraint might have a specific type of 'partyConstraint'
benws: I think it's clearer to have a constraint type to indicate what is being constrained
<renato> doh ;-)
phila: I prefer links. This constraint -> constrains -> That
renato: We don't have any constraint types for the others
<simonstey> The leftOperand MUST clearly be defined to indicate the subject of the constraint, and MAY include how the value for comparison has to be retrieved or generated. For example, the count constraint applies to the action and the language constraint applies to the asset.
renato: That means that the definition of the leftOperand, you have to specifically state what the subject is.
… So you'd need to point to the thing being constrained
benws: This is additional semantics - might be nice to make it explicit
renato: Wwhen we said define in that context, we mean define in a metadata sense. You're defining the left operand in a human readable manner
benws: All we're saying is that this constraint is a constraint on {x}
michaelS: I recall that we have discussed this at the time
… When we were designing the left operands
… if we constrain an asset - which asset?
benws: If it's an asset constraint then it's applicable to all those targets
… If you want to apply it to some of the assets, then you split the list of targets and define 2 permissions
michaelS: Couldn't that be the solution for this?
benws: No, because if we're saying age greater than 18, we don't know whether it's about the content or the user.
michaelS: We can create a constraint that says this is the age of the party
… Let the subject of the left operand define the thing being constrained.
benws: That's starting to hide the semantics
michaelS: It would be good to have an explicit property - where to put the ID of the asset
<renato> file:///Users/renato/users/odrl/W3C-POE/GIT-POE/model/index.html#constraint
benws: Yes, that's where we're coming to I think - and it's not new
<renato> https://w3c.github.io/poe/model/#constraint
renato: If you look at the example
… no. 14
… There are 2 constraints in eg14
… The first is a property of the permission
renato: The constraints explicitly apply to the permission and the duty
… We had some explicit declaration of what the constraint applied to. But if we're now applying it to assigner etc. then...
<ivan> "assigner" : [ "uid" : "http....", "constraint": [{....}]]
renato: That's it, thanks Ivan
benws: It does the work that we want it to do.
ivan: And it's coherent with the rest
ivan: I don't see a problem
smyles: It's a breaking change for the JSON but we're breaking that anyway
<victor> I just wrote a proposal here https://www.w3.org/2016/poe/wiki/Best_Practices#8._How_to_constrain_assets_and_parties
smyles: I can't remember the XML off hand
renato: Just a quick look at the XML... we'll probably have to break out the party and put a constraint in the middle.
benws: Can we take this set of proposals
PROPOSED: That we remove the concept of scope and allow constraints on parties and assets.
<ivan> +1
simonstey: In RDF you'd need to define a new party
… then link to...
<CarolineB> +1
benws: Please vote on the proposal
<benws> +1
+1
<michaelS> +1
<renato> +1
<victor> +1
<davec> +1
<simonstey> -0.5
<Linda> +1
<smyles> +1
simonstey: I am happy to remove scope. But I think we're making it open to greater complexity
benws: Is there a simpler way?
simonstey: Currently there is no difference... we have a constraint that says age ge 18, there's no difference with that and a human readable doc
renato: It is different. We can pass off to a black box that can do age verification and pass back the flag
renato: We can't say how the constraints will be processed.
simonstey: I agree with you, but the problem is, to understand the left operand, you need to read the description.
renato: Is foaf:age any better?
simonstey: It gets better
phila: (+1 to renato)
renato: If age is important to an implementation then they'll implement it
renato: The group seems to want to use the same constraint mechanism for parties and assets.
Resolved: That we remove the concept of scope and allow constraints on parties and assets.
ivan: In 3.2 of the model, I think we can safely remove the reference to URI templates
ivan: If you can have a URI or a URI template at that place, then any processor has to be able to handle URI templates.
… It is not necessarily valid RDF due to syntax
benws: If these are a MAY, does that change your view, Ivan
ivan: The media fragments URI - that sentence is wrong, fragments in a URI can identify a section of an audio or video. It's not necessary since it's already true
… Whether we mention URI templates. If it's not syntactically a URI then it breaks RDF
<victor> I have updated the choices at https://www.w3.org/2016/poe/wiki/Best_Practices#8._How_to_constrain_assets_and_parties
<victor> now 5 choices, including URI templates. Did I understand it correctly?
<simonstey> If an error occurs, the result returned might not be a valid URI reference; it will be an incompletely expanded template string that is only intended for diagnostic use.
phila: This one looks dodgy http://example.com/search{?q,lang} for example
benws: I don't think we have a single use case for URI templates so why not drop it
<simonstey> URI Templates are not URIs: they do not identify an abstract or physical resource, they are not parsed as URIs, and they should not be used in places where a URI would be expected unless the template expressions will be expanded by a template processor prior to use.
<simonstey> https://tools.ietf.org/html/rfc6570
PROPOSED: To remove the mention of URI templates in section 3.2 (for simplification) and media frags because it's unnecessary
<Zakim> ivan, you wanted to comment on one more Occam's razor thing...
<simonstey> +1
<renato> "assigner": {
<renato> "@type": [ "Party", "vcard:Organization" ],
<renato> "uid": "http://example.com/org/sony-music",
<renato> "constraint": [{
<renato> "leftOperand": "foaf:age",
<renato> "operator": "gt",
<renato> "rightOperand": "18"
<renato> }],
<renato> }
benws: That's a suggestion for how we might implement a cosnstraint on parties and assets
<renato> +1
<ivan> +1
PROPOSED: To remove the mention of URI templates in section 3.2 (for simplification) and media frags because it's unnecessary
<smyles> +1
<ivan> +1
+1
<benws> +1
<simonstey> +1
<Linda> +1
<davec> +1
<victor> +1 (might be left as an implementation example)
<CarolineB> +1
<michaelS> +1
Resolved: To remove the mention of URI templates in section 3.2 (for simplification) and media frags because it's unnecessary
<renato> Will put example in the IM - in JSON-LD
benws: Renato has made a suggestion for how we might express these constraints on parties
victor: I've done 5 examples
<victor> https://www.w3.org/2016/poe/wiki/Best_Practices#8._How_to_constrain_assets_and_parties
simonstey: Just wondering... how do we know that it isn't Sony Music that must be over 18?
renato: It's a bad example, that's why
<renato> "assigner": {
<renato> "@type": [ "Party", "vcard:Individual" ],
<renato> "uid": "http://example.com/person/fred",
<renato> "constraint": [{
<renato> "leftOperand": "foaf:age",
<renato> "operator": "gt",
<renato> "rightOperand": "18"
<renato> }],
<renato> }
<benws> Renato, I just got to step out for 5mins. Can you chair?// Renato, I just got to step out for 5mins. Can you chair?
<renato> yes
simonstey: That says that Fred must be over 18
renato: So we need to say it's for a group of people
smyles: The group could be all over the users of this website
[Some general discussion of the examples]
victor: Talks about his examples
<ivan> +1 to Phil
<renato> "target": {
<renato> "@type": "Asset",
<renato> "uid": "http://example.com/asset/content",
<renato> "constraint": [{
<renato> "leftOperand": "mm:runingTime",
<renato> "operator": "gt",
<renato> "rightOperand": "2hr"
<renato> }],
<renato> }
[Phil bangs on about WebArch, one resource per URI]
<simonstey> +1
ivan: That would not be in line with WebArch
ivan: Taking that example and saying any content on the asset site with a running time of > 2 hr is not semantically correct
smyles: These sort of constraints being applied to assets is difficult
simonstey: We have the same issue - not all the exampleconstraints make sense
victor: Alternatively, we may define terms that define any asset in terms of its properties
ivan: I would receive one thing back from that URI
… I'm supposed to be able to put that in a browser and get something back.
renato: Then I think we should review this resolution
ivan: It depends on the use case
ivan: If I have a movie, and it runs less than 2 hours, then the policy doesn't apply. That's a valid outcome
renato: Phil said that URI is one thing, one movie
ivan: Yes, so if that one movie runs 1 hour, then the Evaluator should return saying that the policy doesn't apply to the target
… I don't know if that's valid use case
ivan: You can define a URI that refers to a collection. But its' getting from the items in the collection that's tricky
[More discussion about collections]
smyles: In my view... this URI identifies a collection, then asked whether an asset was in that collection or not.
smyles: If the assignee is Fred... is the user of this Fred... in my view the black box needs to know whether it is Fred or Fred's device
… the black box has to identify whether the thing identified is the same as the real world
<renato> https://tools.ietf.org/html/rfc3986
renato: I've looked at RFC3986 on URIs and it says that a URI identifies a Resource.
… Then it gives an example of a resource that is a collection of resources.
<renato> and a collection of other resources.
ivan: That's fine. But the constraint you have there is a constraint against the collection, not the members of the collection.
ivan: My feeling is that we're at the point where we hit the limits of what you can express
… We won't solve this issue. Maybe we need explicit hooks for a black box to process
<simonstey> make it a blank node and define the constraint for that blank node
michaelS: In RightsML, we even had an example going along this group of assets. The thinking was - a news feed delivers new items, and each news items might have a link to a policy
… But having in mind that a policy must have a target, it's not possible to update the enumerated list in real time. Therefore, this policy must point to a resource that says 'this resource covers all the news items in this feed.'
michaelS: Even there, having an enumerated list would be hard.
… we need to be able to say it applies everywhere where X is true.
<benws> Simon - we'll break before two
<simonstey> http://w3c.github.io/poe/vocab/#term-Group
<renato> "assignee": [{
<renato> "uid": "http://example.com/user44/friends",
<renato> "scope": [ "Group"]
<renato> }]
<simonstey> odrl:memberOf
phila: Repeats what Ivan said
<renato> odrl:targetAll ?
smyles: If I distribute a photo, as it travels it gets a new URI, and so does it apply
… You end up with multiple sets of bits with multiple copies
benws: I suggest we do nothing
victor: Suggest using targetReference
… This matches MPEG, for example
… Is the resource a single resource or a service
smyles: If I have a local copy, doe the constraints still apply?
[mini discussion]
phila: No.
michaelS: That's why Guids are good, they travel with the asset
smyles: The other thing is... is it going to be too difficult to implement? Will it be too confusing.
<renato> Break 50 mins
<ivan> phil, are you still there?
<renato> back now
<renato> Everyone back there?
<simonstey> yes
renato: the current issue of adding constraints to parties and assets is still open
subtopic: how to add constraints to general parties and assets without breaking the WebArch
renato: shall we remove scope? shall they be replaced?
phila: I would not go back to scope. But the semantics of what we say must match the semantics of what we mean: what has to do with "collection" has to be treated carefully
phila: my suggestion is that where we say that if odrl:target refers to a specific resource, no constraint can be defined
… whereas if the odrl:target is pointing to a collection, then constraints can apply.
renato: Possible wording "if the target asset is a collection, then you may use constraints"
<simonstey> doesnt work for xml
stuart: are we speaking about having a target and a targetRef distinct? -- this is more complicated than having a URI and can deter people from using ODRL.
stuart: the current semantics of target identify an individual thing, not an "individual of a collection"
<simonstey> http://w3c.github.io/poe/model/#relation
simonstey: do not forget the XML legacy, which has a target as a subproperty of another element.
simonstey: can we get rid of relation/function?
[webex interruption]
<renato> We have lost audio?
<smyles> we did
<michaelS> Webex got disconnected ...
[webex recovered]
CarolineB: collections happens in life and we should make their use clear.
Linda: can we have concrete examples?
CarolineB: let's imagine I have a set of photos arranged in a collage.
… I may want to refer to each of the photos individually or to the whole collage.
michaelS: who has to write the black box for resolving the target? the receiver? this cannot be a business of the assignee alone.
smyles: the provider of the policy may give hints to the recepients to determing which the target/asset is.
benws: in order to declare a policy on a fragment of a dataset, we definitely need constraints for targets.
renato: I understand both options, using or not constraints on assets.
benws: is this the solution then?
<michaelS> ack
smyles: setting aside constraints... can we get a solution on target / targetRef ?
smyles: it does not make any sense constraining a single thing
benws: well, consider the case of datasets with dynamic queries
… the constraint applies to the whole dataset.
renato: recalling what philA said (IN THIS VERY MOMENT ABSENT FROM THE ROOM) if the URI clearly identifies a collection, then constraints are possible
davec: we aer referring to dynamic collections
renato: so we only need to update the semantics of target
<simonstey> http://w3c.github.io/poe/vocab/#term-fileFormat what does that imply for already existing leftoperands?
<benws> this is a different case - it's not the target but the output (...after exercising the Action)
proposed: to update the definition of target to include collections
smyles: what about assigners? does the same apply to assigners?
simonstey: again, what about the movie whose parts have to be referred?
simonstey; if the asset is a collection, the description has to say "this applies to all the assets in the collection"
simonstey: the current definition speaks about Assets, not about Collections.
smyles: the current definition is not precise enough
renato: the radical view would be "let us not have scope nor constraints". What this be unacceptable?
smyles: +1
benws: this is a basic use case for us
benws: for example, the FTSE Index is made out of the market value of the shares of 100 companies in the stockmarket
… the FTSE is calculated in a complex manner, and it is a complex dataset with high value. We woule like to refer to the individual information ("segmentaion") rather than the aggregated data.
rename: what about a constraint on the action?
benws: constraints are on the assets, that you are limiting. not on the actions.
benws: what we want to express about collections/members/parts is simple and it is an actual need
benws: we may want to specify "content type = index constituents". the problem is left to the processing engine.
<renato> "target": {
<renato> "@type": "Asset",
<renato> "uid": "http://tr.com/asset/ftse100",
<renato> "constraint": [{
<renato> "leftOperand": "tr:content-type",
<renato> "operator": "eg",
<renato> "rightOperand": "index-constiutents"
<renato> }],
<renato> }
simonstey: there may be ambiguities
renato: please see the example above
<renato> "target": {
<renato> "@type": "Asset",
<renato> "uid": "http://tr.com/asset/ftse100",
<renato> "constraint": [{
<renato> "leftOperand": "tr:content-type",
<renato> "operator": "eg",
<renato> "rightOperand": "index-constiutents"
<renato> }],
benws: yeah.
<renato> }
renato: maybe we should have AssetCollection. the target would point either to an Asset or to an AssetCollection
benaws: that is clean
benws: Collection even as a subclass of Asset?
benws: another classic constraint on the asset is the "real time", also for the FTSE 100 index. We want to have a 10 seconds of delay at least.
… we need to constraint the asset (realtime, delay or embargo)
smyles: what we are proposing (Asset/AssetCollection) is also in line with phila prescriptions
<renato> Why don't implementors read specs ;-(
smyles: then we would accept constraints, as long as the AssetCollection is there instead of Asset. This is better than having target/targetRef
renato: would then we have "PartyCollection" in the same manner??
simonsteys: yes, with the same properties.
<benws> +1
<smyles> in xml it is like this <o:asset id="as1" uid="http://example.com/music:1234908" relation="http://www.w3.org/ns/odrl/2/target"/>
michaelS: we have in XML two manners to declare relations: as a property or through a relation mechanism. In JSON we have assinger and assingees as properties instead.
simonstey: this has been one of the hottest topics on github.
simonstey: the current spec still reflects features because of the times when XML Schema was used.
<simonstey> http://w3c.github.io/poe/model/#party
<smyles> example XML <o:party id= "p2" uid="http://example.com/billie:888" function="http://www.w3.org/ns/odrl/2/assignee"/>
benws: this issue with functions was not clear to me.
+1
<simonstey> A Party MUST have a function indicating the role undertaken by the Party.
renato: we have to move forward.
proposed: to add a PartyCollection and a AssetCollection
<benws> +1
<ivan> 0
<CarolineB> +1
+1
should it read: "to add a PartyCollection and an AssetCollection, where constraints are allowed on Collections but not on Assets or Parties alone"?
<smyles> i believe simonstey's proposal was to stick with Asset as a type and then add AssetCollection and AssetIndividual as subtypes of Asset
<simonstey> yes
<Sabrina> +1 to SImons proposal
michaelS: consistent terminology should be used.
<michaelS> yack michaelS
proposed: Let Asset be a type and then add AssetCollection and AssetIndividual as subtypes of Asset.
smyles: the proposal introduces small changes in the XML version
<Sabrina> does the proposal include having constraints on the asset?
<michaelS> re Sabrina : yes
proposed: Let Asset be a type and then add AssetCollection and AssetIndividual as subtypes of Asset. The same for Parties.
<davec> small change to XML, but needs additional attribute
re Sabrina: no
<Sabrina> q
proposed: Add AssetCollection and AssetIndividual as subtypes of Asset. The same for Parties.
<smyles> "keep it simple"...
<CarolineB> +1
<smyles> +1
+1
<benws> +1
<ivan> +1
<davec> +1
<renato> +_1
<michaelS> +1 on the design
<Sabrina> +1
<simonstey> +1 (and allow constraints for both indiv. and collections)
Resolved: Add AssetCollection and AssetIndividual as subtypes of Asset. Do the same for Parties
(and allow constraints for both indiv. and collections)
me PartyCollection
<renato> https://www.w3.org/2016/poe/wiki/Meetings:London2017
<simonstey> https://github.com/w3c/poe/issues
renato: we had different WG Wide and Horizontal review feedback
renato: one of the topics is "profiles", another one is "normative vs non-normative".
subtopic: ODRL Profiles
<ivan> issue https://github.com/w3c/poe/issues/172
<michaelS> q
simonstey: I am not against adding profiles, but they should not violate semantics and structural features.
simonstey: some things cannot be "deprecated" nor given a different meaning.
<smyles> https://www.w3.org/2017/dxwg/wiki/Main_Page
michaelS: Phil is not in the room and he should tell us about other W3C Working Groups' works.
subtopic Normative vs Non-normative features.
subtopic: Normative vs Non-normative features
ivan: given a certain feature, if at the end of the CR period has not been implemented, it will fall to non-normative
benws: a radical suggestion, let us make the core model standard, and the vocabulary terms out of the standard; provided by different profiles.
<simonstey> https://github.com/w3c/poe/issues/159 related to that
benws: let us make the actions like display to live in a profile
michaelS: I concede that having a smaller specification is easier to agree with. But, from a pragmatic point of view it is easier to have them in the main track
smyles: odrl 2.0 was a model, and a common vocabulary, in different URLs. when we moved to 2.1, ontologies appeared and everything was merged into a single HTML document
<renato> Community group reports: https://www.w3.org/community/odrl/
smyles: should we have different namespaces for each?
<smyles> victor: mpeg21 REL a similar thing (though only in XML) three namespace - "core", then "s" (for standard) and then "multimedia"
<renato> https://github.com/w3c/poe/issues/182
<renato> Another, more radical approach :-0 would be to just to only have the IM as the normative spec (have all the formal IM-only vocab terms in an appendix there) and the all the Common terms go into a NOTE, and the 3 encodings can also go into another NOTE
<michaelS> [Phil is back in the F2F room]
ivan: we should distinguish the editorial way to implement this and the concept itself
ivan: perhaps we are saying the same thing
benws: having profiles with a common vocabulary (in a Note or not) fundamentally supports the idea of profiles
<simonstey> what about xml? O:
ivan: do we agree that the only normative part is the core? is there agreement about that?
ivan: fundamental question is "what is normative, what is not"
<simonstey> https://github.com/w3c/poe/issues/159 "Do you know which standard Action we could attach it to? To encourage best practices, we'd like to show how to mint a new action by extending existing ones, following the approach I've mentioned at #160."
renato: as of now, in the information model we have actions (but not specific actions, other than "use")
benws: yes, i understand we have "model" and "vocab", but the current "vocab" is not in a profile.
benws: what would be your simplest profile be?
benws: the 5-6 top level terms
renato: i hope we dont go too far taking away everything.
renato: because otherwise we will not be able to create a ODRL expression without using a profile
michaelS: test cases need having actions
benws: no problem, they can be taken from the profiles.
<Linda> q
<simonstey> https://github.com/w3c/poe/issues/159 "Do you know which standard Action we could attach it to? To encourage best practices, we'd like to show how to mint a new action by extending existing ones, following the approach I've mentioned at #160."
simonstey: we need to provide a toolset to relate actions to each others. if we have already some actions, we favour interoperability.
<simonstey> ack smyles
<davec> fyi - for RightsML we used display, play etc from ODRl as semantics matched the news domain, but overrode archive, copy, distribute for the news profile. So the core set would be small imho.
smyles: We, as RightsML, are happy to get full support to the vocabulary we use, not only half-fledged
phila: Discussion about profiles in other W3C about content negotiation: there is no clear definition of profile
phila: you dont want to be dependent on other group.
benws: the W3C may even stamp a seal of approval on profies developed by others.
linda: the only way for different content providers to operate is having a clear reference.
linda: the examples stemming from real life (for examples those from IPTC) are absolutely necessary
phila: we dont want to be a registry of profiles
benws: if i belong to the book industry, i hardly find the URL to IPTC's webpage, and then I find hard to recognize the relation with ODRL.
renato: it would be possible for RightsML to become a W3C Note.
benws: great idea!
michaelS: what will happen when this POE group gets disbanded?
<renato> ODRL Community Group ???
phil: even if the ODRL Community Group survives... ...it won't live forever.
phil: is it possible to stablish a liaison with IPTC and jointly publish the spec? (as long as no copyright and other laws are breached)
phila: we should have a default profile
phila: further, the RightsML might be the default profile.
benws: no.
<Zakim> phila, you wanted to talk about RightsML
<simonstey> a note isn't normative / standardized
benws: let us a create a small "default profile"
benws: in the main Rec.
phila: why?
ivan: we are jousting about different things
ivan: when the WG closes down, then we assign another existing/new group the responsibility of maintenance.
ivan: that committee group can take the responsibility of publishing profiles as w3c notes.
<renato> Dec 2017
ivan: this group has not much life ahead!
ivan: having the core profile as a note as part of the Rec. is not that important
Linda: having a W3C Note together with another organization is the best of the possibilities. There are 5 IPTC members here today!
Linda: I perceive a need in the industry about rights. This is a very good opportunity to cover this gap.
michaelS: how many actions should be in the spec?
<simonstey> +1 what phil said
smyles: every action is subclass of use
davec: i would require that the meaning of given terms cannot be overriden
<renato> no...transfer is a top-level
<simonstey> but we introduce means for relating actions defined in profiles with odrl:use
renato: use and transfer are the two top level actions
CarolineB__: what if we have 59 profiles? what about their integration?
benws: we are trying to persuade companies/sectors to use machine readable rights. i feel this can only be achieved if they can use their own vocabulary.
benws: hence, the core should be as small as possible.
CarolineB__: it should be prepared to grow, as well.
q
phila: they W3C does not do anything. the members do.
Linda: there are many commonalities between news and other sectors. there is legal stuff behind, which is not different. we should be happy to have mappings, and we would expect W3C to support this.
phila: this is a job for the community. the W3C is not funded to do that. W3C provides the mechanism to create and maintain Community Groups.
phila: once something is in the w3c/TR\/namespace, it is difficult to change.
<Sabrina> sorry gotta run.... back tomorrow
<renato> no, I am
[discussion on the namespaces/profiles]
proposed: (1) move top level actions to the information model: use and transfer (2) let us create a core profile, mirroring the current spec
simonstey: can new profiles include new concepts like "remedies", etc.?
<phila> victor: Would left operands be part of the core?
<phila> all: no, not part of the core
<phila> benws: We'll create a core profile
we decide to postpone the discussions.
<phila> [Adjourned]