support Trig serialization of Access Control Resources

Question

Opened this issue 3 years ago · 0 comments

On proposal

WAC & ACP

Trig or other Dataset formats such as N3, allow one resource to return content for multiple other resources.

A server could indicate this capability by adding a Link header with an application/trig mime type hint pointing to the Access Control Resource (ACR). So a response to a request on </foo/bar/baz/x> could return:

Link: </foo/bar/baz/x.acr>; rel="acl"; type="application/trig"

The server on receiving a request with application/trig at a higher priority than other rdf formats, would be able to return the relevant graphs that the client can use to access the data.

This is using DataSets to partition data, as described in Towards supporting multiple semantics of named graphs using N3 rules. It would not alter the logic the client and the server must follow to determine access. They would just receive more information in one request.

Use cases:

This can help dramatically reduce the time to find the default ACL in WAC when following the inheritance procedure as described in #244 (see full formatted version)
It could also be very useful when an ACR contains an inheritance chain such as when using :imports as proposed in comment of issue 210
In ACP it could be useful for returning the linked ACLs.

What actions are needed to resolve this issue? (checklist)

Work out the various consequences of allow this
Build up a list of other use cases
Build up a list of problems (and how to overcome them)
Compare with other approaches such as using HTTP/2.0 Server Push (which Google seems to want to remove though).
Add implementations

Note: Reactive Solid has an initial implementation of returning Trig graphs.