Time/Place

• Time: 2:30pm Eastern Time US
• Dial-in Number: (712) 775-7035
  • Participant Code: 479307#
  • International numbers: Conference Call Information
  • Web Access:  https://www.freeconferencecallhd.com/wp-content/themes/responsive/flashphone/flash-phone.php

Attendees

 (facilitator)
 (notetaker)

• Benjamin Armintor 
• Esmé Cowles 
• Daniel Lamb 
• Simeon Warner
• Andrew Woods

Agenda & Minutes

1. Revisit strictness of requirements for external content, recursive deletion, client-specified ACLs, etc.
   1. Specifically:

      1. 3.7.1 Depth Header 

         1. https://fcrepo.github.io/fcrepo-specification/#httpDELETEDepth

         2. Could possibly be removed entirely with an informative note (re: WebDAV) and expectations about OPTIONS when recursive not supported

      2. 3.8 External Binary Content 

         1. https://fcrepo.github.io/fcrepo-specification/#external-content

         2. Support for 'message/external-body'

2. External content issues:
   1. https://github.com/fcrepo/fcrepo-specification/issues/211: Clarify response when copying remote content
3. Notifications section:
   1. Esmé and Danny to review and create issues
      1. Passing mention of LDN - can it be removed? Probably not.
      2. Barring further feedback from Esmé, good enough for candidate impls? 
4. Fixity section:
   1. Simeon to review and create issues
   2. Simeon Warner's review: I do not see anything wrong with the fixity section. In its current form, support for fixity in any form is entirely optional, it simply points of out parts of the underlying HTTP Digest specification that might be relevant to systems that implement either transmission and/or persistence checks. If this is something that any part of the community relies upon then I think there will need to be an additional specification with a number of MUSTs, or it will end up being de-facto defined by a particular implementation.
   3. Note related issue just created: https://github.com/fcrepo/fcrepo-specification/issues/218 – although we can't use the suggested RFC SHOULD in the non-normative section, this seems like a sensible addition

Old business

1. Authorization issues
   
   1. issue-165: Removing support for acl:accessToClass?
      
      1. Wait on response to https://github.com/solid/web-access-control-spec/issues/22
      2. CLAW only uses ACLs for very basic partitioning of drupal instances
         1. Suggestion, add wording that indicates:
            1. implementations MUST do accessToClass
            2. explain what accessToClass does
            3. inference is a MAY 
   2. issue-166: Requiring WebIDs?
      1. PR: https://github.com/fcrepo/fcrepo-specification/pull/207 — needs review from Andrew, Ben, Danny, Simeon
   3. issue-168: Cross-domain Authorization?
      
      1. PR: https://github.com/fcrepo/fcrepo-specification/pull/208 — needs review from Andrew, Ben, Simeon
   4. issue-170: Require acl:Append and acl:Control
      1. PR: https://github.com/fcrepo/fcrepo-specification/pull/206 — needs review from Andrew, Ben
   5. issue-172: Clarify algorithm for finding authorizations
      1. Still pending clarification from Solid
   6. issue-176: ACL creation and linking -- be explicitly silent or specify?
      1. PR: https://github.com/fcrepo/fcrepo-specification/pull/214 — needs review from Andrew, Ben, Danny
2. Versioning issues:
   1. https://github.com/fcrepo/fcrepo-specification/issues/215 — clarifying creation of versions with PUT
   2. Other versioning questions from API Alignment sprint: Versioning - Authorization Design
3. External content issues:
   1. https://github.com/fcrepo/fcrepo-specification/issues/210: Clarify "expires" parameter
      1. Suggestions:
         1. Potentially remove the "expiration" header parameter
         2. Add "Content-Location" under PUT for ingest by reference
            
            1. If you wanted to add to repo, you would retrieve and upload
         3. Further discussion with Benjamin Armintor before taking action

Notes

1. Do we want to require specific values for Depth header or external-content access-type values?
   1. Depth: unless we can agree on at least one value to require support for, we should leave this alone
      1. Is there a response header to advertise which Depth values are supported?
      2. Alternative: Deletes are always recursive, if you can't do recursive deletes, then don't include DELETE in an OPTIONS response
         1. ACTION: Benjamin Armintor will open a PR
   2. User-supplied ACLs: lots of different options for implementation, maybe better to leave this alone
   3. External content: 
      1. Require access-type="URL"?
         1. ACTION: Esmé Cowles will open an issue for requring access-type="URL"

Action Items

1. ACTION: Need reviews:
   
   1. https://github.com/fcrepo/fcrepo-specification/pull/207 - Andrew Woods, Benjamin Armintor, Simeon Warner, Daniel Lamb
   2. https://github.com/fcrepo/fcrepo-specification/pull/208 - Andrew Woods, Benjamin Armintor, Simeon Warner
   3. https://github.com/fcrepo/fcrepo-specification/pull/206 - Andrew Woods, Benjamin Armintor
   4. https://github.com/fcrepo/fcrepo-specification/pull/214 - Andrew Woods, Benjamin Armintor,Daniel Lamb
2. ACTION:Andrew Woods to collect 4xx/mandatory topics from the spec for discussion next time
3. ACTION: Benjamin Armintor to talk about Expires with alignment sprinters
4. ACTION: Everyone weigh in on version API questions with alignment sprinters