Meeting minutes
Introductions & Announcements
ericP: new introductions
Luke: I am new and I am from IBM
CRUD & Metadata PR #37
ericP: we have a PR that has been here for a while
eBremer: this has been there for a while but people asked for more time on it
… we could swap some sections and other edits
… and then other things could be done with other PRs
pchampin: I think reversing sec. 7 & 8 would be an improvement
… I have a few remarks but don't want to stand in the way so let us go ahead
… it would have been better to split this PR into pieces
… so we could discuss things separately and it would have been easier
… in the future, let us work on smaller PRs
<ericP> PROPOSED: merge PR#37 after eBremer has swapped sections 7 and 8
<gb> Issue 37 not found
<ericP> PROPOSED: merge PR#37 after eBremer has swapped sections 7 and 8
<gb> Issue 37 not found
<pchampin> w3c/
<gb> Pull Request 37 Initial CRUD with proposed metadata handling (by ebremer)
<AZ> +0 (I don't know enough about the PR)
<eBremer> +1
<acoburn> +1
<Luke> +1
<gibsonf1> +1
<ericP> +1
<pchampin> +0.5
<ryey> +1
<ericP> APPROVED: merge PR#37 after eBremer has swapped sections 7 and 8
eBremer: I'll do the changes tomorrow and merge
Storage Description Resource PR #53
acoburn: it is about describing capabilities of storages, and endpoints that extend capabilities
… discovery mechanisms fit into this PR
… we can go ahead and vote on accepting the PR
<Zakim> gibsonf, you wanted to ask about uri
gibsonf1: there is the issue of semantic URI for the storage itself different from the root container of the storage
acoburn: I think it is an important issue but it is orthogonal
pchampin: agree it is orthogonal
… with caveat that the example uses certain URIs and we need to make them better to avoid confusion
acoburn: I can record an issue for the identification issue of storage vs root container
ACTION: acoburn to add root-vs-subject issue to text merged from #53
<gb> Created action #54
<ericP> PROPOSED: merge PR#53 - Storage Description Resource
<gb> Issue 53 not found
<pchampin> +1
<eBremer> +1
<gibsonf1> +1
<acoburn> +1
<ericP> +1
<AZ> +0.5
<Luke> +1
<ericP> APPROVED: merge PR#53 - Storage Description Resource
<ryey> +0.5
"End User Credential" terminology
acoburn: will work on it this week
[acoburn shows the draft for LWS Protocol on his screen]
<gibsonf1> Agent?
acoburn: I would like to propose changing the terminology on user credential
acoburn: I'd like to call it "Authentication credential"
… I thought about alternatives: "Agent credential" but may evoke AI Agents
<eBremer> +1 "Authentication Credential"
<gibsonf1> +1 on "Authentication Credential"
<pchampin> +1
acoburn: if there is further discussion, we can have it in the PR request
Other open PRs
acoburn: the 2 issues that begin with "consolidate" related auth and ident have been open for a while
… they are more editorial than the previous 2 we takled about
… the last one is about terminology
… to clarify what we mean when we say URI
… if you have objections, please comment otherwise it will be merged by the editors
<Zakim> elf-pavlik, you wanted to ask about EUC naming
elf-pavlik: in the doc I provide above, there is something about identity and authorization, do we have the same?
acoburn: the intention is that something like this would be supported
acoburn: we could say this is identity assertion (where we say "end-suer credential" in hte draft)
elf-pavlik: [something related to the webid group]
dmitriz: the term "identify assertion" would prevent us from using zcap
acoburn: going back to the credential discussion of previous PRs
… we have different options
… we could go for identity assertion
… but could include other things
<gibsonf1> +1 on including more detail in discussion of "Authentication Credential"
elf-pavlik: we use "token" and we should be cautious
… if it's focused on authentication, then authentication credition is good
<eBremer> +1 to more detail
acoburn: I will use authentical credential and I will add more details
ericP: back to the pending PRs
elf-pavlik: related to PR31, we have a planning roadmap for SEG(?)
… this is related to access control policiies
… there are different approaches taken one related to delegation
… there is a use case related to autonoumous groups
<Zakim> gibsonf, you wanted to ask about Membership with WAC
gibsonf1: the issue that CSS(?) has is not being able to tell access
… on twinpot(?) we do ??? [something related to access control on triples]
dmitriz: a confusion is coming up often and we need to fix it
gibsonf1: single triple has its own URI, metadata, etc
… if you make a group private, what happens?
<elf-pavlik> this conversation is following up discussion about this PR w3c/
<gb> Pull Request 31 prior-art: group based access policies (by elf-pavlik)
dmitriz: if you make a URI private (ie you don't give right to access the URI)
<elf-pavlik> can't perform LWS Read operation, would that be clear?
gibsonf1: server delivers data in funciton of access right, but it must access the data to know about access rights
dmitriz: there are two separate servers, for data and authorization
[acoburn drawing a diagram on screen shared to explain the issue]
gibsonf1: how can you separate these things? how would this work?
acoburn: the issue is, there are two server models, a 1-server model and a 2-server model
<Zakim> elf-pavlik, you wanted to ask about twinpod and to mention MANDAT requirements
acoburn: a 2-server model can be specificied but it must implementable
elf-pavlik: there are cases in prior work where there are different needs on disclosing info
… in the CG group (fedid?) we plan to do a workshop to discuss cases
<elf-pavlik> Solid CG
gibsonf1: how would you do search in that scenario?
… ie if there is a different server for auth
… it would be very slow
<elf-pavlik> w3c-cg/
<gb> Issue 60 [Proposed Work Item]: Organization, Group, Team, Role support in Solid (by elf-pavlik)
gibsonf1: who has a 2-server model?
acoburn: in ACP we chose to have an ACP matcher act as a group
… but it enforces all the ACP and auth rules to be in one place
<Zakim> elf-pavlik, you wanted to discuss SAI teams/roles
elf-pavlik: depending if you have something where you can use delegation
<ericP> ADJOURNED
<elf-pavlik> use case w3c/
<gb> Issue 104 [UC] Access delegation by autonomous groups/organizations (by elf-pavlik) [triage] [usecase]
<gb> Pull Request 37 Initial CRUD with proposed metadata handling (by ebremer)