Time/Place

Attendees

(plus) (facilitator)
(star) (notetaker)

Agenda

  1. Open PRs  ...I believe they are all ready to go
  2. Targeting "all 5 sections covered by end of Aug"
    1. Resource Management
    2. Resource Versioning
    3. Resource Authorization (by week of July 24)
    4. Notifications
    5. Binary Resource Fixity
  3. Open Authorization issues
    1. Re: #168: Referencing ACLs/groups outside of the repository — we should add a non-normative note about this
      1. Maybe add an item to the security considerations section too?
    2. Re: #176:ACL creation and linking -- be explicitly silent or specify?
      1. Specifying the expected relationships 
        • acl:accessControl from protected resource, and
        • acl:accessTo or acl:accessToClass from ACL, and
        • Link: <some-acl>; rel="acl" from protected resource
    3. Re: #175: Should way say default ACL MUST be resolvable?
      1. Yes
    4. Re: #172: Clarify algorithm for finding authorizations
      1. Pending response from Solid
    5. Re: #170: Require acl:Append and acl:Control
      1. The suggestion is to be in line with the Solid spec on this point... therefore, Fedora spec requires no additional text.
    6. Re: #165: Removing support for acl:accessToClass?
      1. This is a very useful construct
    7. Re: #164: Requiring acl:defaultForNew?
      1. Pending response from Solid
    8. Re: #134: Restore ACL language to HTTP DELETE with Depth header
      1. To be resolved with: https://github.com/fcrepo/fcrepo-specification/pull/178
  4. Looking good on Deletion-related issues?
  5. Test suite contract is underway
    1. Should be able to close: Select language for development of Fedora API test suite
  6. Fedora API Delta Document in-progress

Minutes

  1. Daniel Lamb is to review #181, and #182 is ready to follow up afterwards.  #180 and #178 are waiting Benjamin Armintor
  2. Resource versioning has been identified as the next topic to tackle to help us meet our deadline of end of August, and Simeon Warner has volunteered to be point man on the topic.  Everyone has homework to read the Memento spec and respond to issues Simeon raises on Github.  Esmé Cowles will take a look at the fixity section in parallel.
  3. Open issues:
    1. Labeled as resolved-needs-pr for some non-normative language.
    2. Current thoughts are to allow a user to provide a link header with rel='acl' to point to an already existing access control policy on PUT or POST.  If the header is not preset, default behavior is left to the implemntor and can be either 'do nothing' or 'create a new policy'.
    3. Yes, we feel making it resolvable is appropriate.
    4. Still pending a response from SOLID
    5. It could be challenging to filter through PATCHes or deltas on PUTs, but it could be navigated.  Possibly we could require it for PATCH only, and leave PUT unsecified.  Agreement on what we mean by 'append' would be useful to include in the specification (e.g. no PUT, no DELETE, no PATCH with DELETE statements).
    6. Consensus seems to be around removing it, and it's something that can be highlighted for people's consideration if anyone actually needs it.
    7. The SOLID team will be adding 'default' to the vocabulary.
    8. No concerns have been raised and the deletion issues should be wrapped up soon.
  4. Looking good.

Action Items