Time/Place

Attendees

(plus) (facilitator)
(star) (notetaker)

Agenda

  1. Update on contract developers: API Test Suite
  2. PRs to review
    1. pr-197: Explicitly stating implementation must create LDPCv
      1. No controversy on this one
    2. pr-198: Target of ACL Link header must be resolvable
    3. pr-199: Require IRIs for users and groups 
      1. not WebIDs, but IRIs
  3. Authorization issues
    1. issue-164: acl:default instead of acl:defaultForNew resolved (solid)
      1. acl:default is now in the acl ontology
      2. Maybe nothing is required if we adopt the solid usage 
    2. issue-165: Removing support for acl:accessToClass?
      1. Agreement to retain acl:accessToClass
    3. issue-166: Requiring WebIDs?
      1. resolved with pr-199
    4. issue-167: Requiring acl:agentGroup?
      1. trivial, just needs a PR
    5. issue-168: Cross-domain Authorization?
      1. Needs a PR
    6. issue-170: Require acl:Append and acl:Control
      1. Needs discussion on what this would mean in practice
    7. issue-172: Clarify algorithm for finding authorizations
      1. Pending clarification from Solid
    8. issue-175: Should we say default ACL MUST be resolvable?
      1. resolved with pr-198 - needs attention
    9. issue-176: ACL creation and linking -- be explicitly silent or specify?
      1. Needs attention
  4. Other issues:
    1. issue-149: Creating content from external resources
      1. Resolved?

Minutes

  1. https://github.com/fcrepo/fcrepo-specification/pull/198
    1. If the ACL is the effective ACL, then requiring it exist makes sense.  But if it's the resource's ACL, it might not exist, so requiring it to exist would make the inheritance algorithm pointless.
    2. The Link rel="acl" header is assumed to exist in SOLIDWAC, and the client can discover it.  If it's 404, then it doesn't exist.
    3. It would be nice to have a different link relation (e.g., "create-acl") for where to create an ACL, but we don't want to invent new things here
    4. We should be able to clarify what we can know:
      1. An implementation MUST send a Link rel="acl" header
        1. The ACL linked to doesn't have to exist, but a client should be able to create it
      2. A client MAY send a Link rel="acl" header in a PUT or POST
        1. If it can't use it, an implementation MUST send an appropriate error to the client
    5. The SOLID implementation seems like a decent way to disambiguate the SOLID spec
      1. Danny and Simeon will look at SOLID to see what it is doing
  2. https://github.com/fcrepo/fcrepo-specification/pull/199
    1. SOLID requires WebIDs for users, we agreed that we didn't really need WebIDs
      1. We only need URIs for users and groups, and groups must be dereferencable and use vcard:hasMember to link to members
      2. SOLID is somewhat vague, so we should clarify what we need
  3. Making progress over the next few weeks
    1. Andrew Woods is out for the next three weeks
    2. Daniel Lamb needs to be poked to keep engaged
    3. Assigning tickets to make progress
  4. Delta document
    1. Andrew Woods updated the delta document based on a close reading of the spec, and it should be mostly complete
      1. Lots of differences in versioning

Action Items


  • No labels

All content on the LYRASIS Wiki is licensed under the CC BY (Attribution) license, unless otherwise noted.