Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Separate Application Registration Discovery #286

Closed
woutermont opened this issue Oct 29, 2022 · 2 comments
Closed

Separate Application Registration Discovery #286

woutermont opened this issue Oct 29, 2022 · 2 comments

Comments

@woutermont
Copy link
Contributor

woutermont commented Oct 29, 2022
edited
Loading

I'm going out on a limb here, but I would like to suggest severing the ideas about Agent Registrations (ARs) and part of Authorization Agent (AA) Discovery from the main SAI proposal into a separate specification. The main reason I propose this is that these ideas are not only about interoperability, but can be of interest in other contexts as well.

When discovering information about, and possible ways of interaction with, an Entity (e.g. a User), Agents can use certain Initial Points of Interaction (which on gitter I have sometimes called Entry Points), such as the Entity's Identifier (e.g. WebID) and its corresponding Identifier Document (e.g. WebID Document). What an Agent Registration, with its specified way of discovery, provides, is that these Entry Points do not have to be the same for each Agent, while also guarding the privacy of each Agent (and therefore the Entity), without resorting to badly performing trial-and-error (e.g. current private Type Indexes). In other words, these parts of the current SAI draft enable Agent-specific Points of Entry.

Such APEs (pun intended) can be useful for far more than (Solid) Application Interoperability alone. One could, for example, store Agent-specific Type Indexes in it. The kind of data it contains should not necessary be the same. Some classes of Agents could adhere to different additional specifications, using very specific data stored in their APE. Nor does it necessarily have to be read-only: one could easily envision apps that store their user-specific settings in this way. I'm not saying these should all become best practices; to the contrary. But they indicate the broader possibilities of such Agent-specific discovery.

Because of these considerations, I'd suggest proposing this mechanism (a Discovery Hub, or Interaction Agent, for lack of a better term, pointing Agents to their own specific document) as a separate micro-spec, on which SAI can then build further. At the very least (if not accepted), I would very much like to see this role of the ARs and AA be separated from their role in access-control, since both tasks could just as well be done by different mechanisms without influencing the resulting interoperability.

Looking forward to your thoughts!
@justinwb
Copy link
Member

@woutermont Can't speak for anyone else but if you're willing to propose a draft I'd be happy to look it over.

@woutermont
Copy link
Contributor Author

Now concretely proposed in #289

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@justinwb @woutermont