Time/Place

This meeting is a hybrid teleconference and IRC chat. Anyone is welcome to join...here's the info:

• Time: 11:00am Eastern Daylight Time US (UTC-4)
• Google Hangouts: https://plus.google.com/hangouts/_/event/ccnv0ba94h3fb2je3gscunqc49g
• IRC:
  
  • Join the #duraspace-ff chat room via Freenode Web IRC (enter a unique nick)
  • Or point your IRC client to #duraspace-ff on irc.freenode.net

Attendees

• Andrew Woods
• Greg Jansen
• Osman Din
• Yuqing Jiang
• Benjamin Armintor
• A. Soroka
• Chris Beer
• Ed Fugikawa
• Jon Gibson
• Michael Durbin

Agenda

• Fedora 3.7 Status
• Reminder: CLAs
• Fedora 4 Updates
  
  • AuthN/Z
  • Policy-driven storage
  • OAI-PMH initiative
• Fedora 4 General
  
  • Async Storage API... strawpeople?
  • Modeling deletes

Minutes

3.7 Release Status

1. Ben is wrapping up issues
2. Working on library upgrades
3. Working on connection management
   • Trying to fix connection mgmt and modernizing IT a bit
4. Branch - uniform http
   • https://github.com/fcrepo/fcrepo/tree/uniformhttp
5. Release candidate - timing dependent on current clean-up

CLAs

1. Turn them in, contributors!

AuthN/AuthZ Work

1. Design: https://wiki.duraspace.org/display/FF/Authentication+and+Authorization
2. Questions
   1. Policies concerned with API (actions) or object structure (nodes mgmt)
   2. More at the link
   3. Going forward with JBoss’s OSS XACML implementation
   4. Possible dependency on MODE-1920 if authZ pushed into the JCR level
   5. Possible to use MODE’s Changeset API as the evaluation point?
   6. Figuring out relationship of OAuth tokens, roles, etc. to the PDP/enforcement framework
      • Tokens are related to a few things:
        • User
        • Scopes - tend to be broader than resources
        • Client working on behalf of the user
   7. Could we get a Hydra institution to sponsor an alternative “PDP” impl around RightsMetadata?
      • Contact Hydra steering team
   8. Greg Jansen is pretty familiar with XACML syntax
   9. How insulated is xacml from fedora4?
      • Create policies around object model - helps keep xacml separate
   10. Would be good if demo on oxford would use an external oauth provider (google...)

Policy Driven Storage

1. Design/implementation in-progress for updating policy configuration via HTTP
2. Would like to be able to make storage decision based on any type of property

Asynchronous Storage

1. References
   • http://www.day.com/specs/jcr/1.0/6.6.2_XPath_and_SQL.html
   • http://www.infoq.com/news/2009/07/AsynchronousRest
   • http://www.tbray.org/ongoing/When/200x/2009/07/02/Slow-REST
2. Regarding async HTTP-API
   • "For any and all PUT/POST/DELETE operations, we return “202 In progress” and a new “Status” resource, which contains a 0-to-100 progress indicator, a target_uri for whatever’s being operated on, an op to identify the operation, and, when progress reaches 100, status and message fields to tell how the operation came out.
   • The idea is that this is designed to give a hook that implementors can make cheap to poll.
   • However, since most of the clients with which we are concerned will be machines and not browsers, we could use webhooks for the purpose.
3. JAX-RS-2.0 has the async notion built into its Client spec
   • Jersey reference implementation: https://jersey.java.net/documentation/latest/async.html