Describe how we interpret the spec where ambiguous
michielbdejong opened this issue · 8 comments
Ahead of resolving all known spec ambiguities, which is starting to roll away further and further each time I try to put my foot on it, I'll just list here which specific choices this implementation makes, and then that can also serve as input to the spec discussion.
| issue | NSS | inrupt-pod-server | spec |
|---|---|---|---|
| webid-oidc client_id should be origin of redirect_uri | no | yes | solid/webid-oidc-spec#16 |
| WAC-Allow headers | yes | (planned) | solid/solid-spec#178 |
| Websockets-pubsubs access tickets | no | yes | solid/solid-spec#179 |
| Refusing to delete non-empty containers | yes | (planned) | solid/solid-spec#177 |
| trustedApp system | yes | yes | solid/web-access-control-spec#56 |
| recursiveness of websockets-pubsub subscriptions | no | (planned) | solid/solid-spec#180 |
| create/delete requires container write | yes | (planned) | solid/web-access-control-spec#48 |
Considering solid/solid-spec#187 (comment), we should discuss that.
Splitting this up, there IS still 1 spec PR left that I hope will finish bringing the spec in line with NSS, hopefully within the next 7 days (and then I think it would be a good time to bump the version tag from 0.7 to 0.8):
| issue | NSS | IPS | spec |
|---|---|---|---|
| create/delete requires container write | yes | (planned) | solid/web-access-control-spec#48 |
| 409 on non-matching sparql-update | yes | (planned) | solid/solid-spec#193 |
And then there are 4 points where IPS intentionally diverges from NSS, so those should still be considered proposed spec changes, at least until the NSS team decides to implement them as well:
| issue | NSS | IPS | spec |
|---|---|---|---|
| use PoP token issuer instead of Origin header | no | yes | solid/webid-oidc-spec#12 (comment) |
| Websockets-pubsubs access tickets | no | yes | solid/solid-spec#179 |
| recursiveness of websockets-pubsub subscriptions | no | (planned) | solid/solid-spec#180 |
| ACL docs show up as container members | no | yes | solid/solid-spec#187 (comment) |
updated list of proposed spec changes:
Hopefully we can merge the one about sparql-update today.
the create/delete permissions discussion was moved to a proposed spec change, with solid/web-access-control-spec#60 for documenting the current situation more precisely. Apart from those two, i'm not currently aware of any ambiguities.
we didn't get everything merged, but we got close enough to now stop working on this, and just stick to what we could call the “roughly 0.8" version of the Solid spec.
Found a new one: solid/web-access-control-spec#70
Another thing the current spec doesn't explicitly say, but that Solid app devs could be forgiven for assuming is that 'if you do a PUT and then a GET, you get what you put' , but note this may change in the December version of the spec to allow for master-slave and master-master replication inside a pod server.