Open anarosa-es opened 5 years ago
Dear @anarosa-es ,
Many thanks for your input. First of all, let me reassure you that you should not worry about the complexities that a flexible model like the current RPaM proposal may introduce. Here you have some arguments to defend why:
During the coming PoC, we will propose at least one RPaM-AP for the European Public Adminstrations where. This "Application Profile" will be a set of rules to establish and validate that one Mandate has only one Mandator, several powers, and only one mandatee. This profile could even be stricter and limit the powers to just one (but that could be a different "profile"). The technical solution will be SHACL for transactions based on RDF, and SCHEMATRON for transactions based on UBL-2.3 XML;
We already admitted that we do not know any use case, for the time being, but need to keep open to the needs of the market. If someone in the market needs the full-flexible model, the possibility you highlight (having different subsets of powers assinged to different mandatees in one single mandate) does not introduce inconsistency, just some apparent complexity, as you point out. However this complexity is only apparent under the perspective of the UC1 (cross-border eAuthorisation), as the Service Provider gets always one mandate where the user (one of the mandatees) has been granted the power it needs to get authorised.
Finally, the possibility of assigning different powers to different mandatees in one single mandate can also be seen as an administrative burden-reduction from the viewpoint of the creator of the mandate.
According to the mandate model, one mandate can have several empowerments and at least one. Each empowerment has (I suppose) one and only one mandatee. So, based on this model, the mandator R1 can grant the mandate M1 with power P1 and power P2 (as empowerments); then, power P1 can have E1 as mandatee and P2 can have E2 as mandatee:
This modelling allows to grant sets of powers to different mandatees in one only mandate, which is complex to manage and difficult to justify with a real use case (at least by me). I think that this can be better modelled as two different mandates M1 & M2 (equivalent meaning and simpler management):
Could you please describe a real use case when the first model is required and it cannot be replaced for the simpler model of only 1 mandatee per mandate??
Thank you very much.