justinwb
commented
1 year ago @woutermont Can't speak for anyone else but if you're willing to propose a draft I'd be happy to look it over.
Closed woutermont closed 1 year ago
justinwb
commented
1 year ago @woutermont Can't speak for anyone else but if you're willing to propose a draft I'd be happy to look it over.
woutermont
commented
1 year ago Now concretely proposed in https://github.com/solid/data-interoperability-panel/issues/289
I'm going out on a limb here, but I would like to suggest severing the ideas about Agent Registrations (ARs) and part of Authorization Agent (AA) Discovery from the main SAI proposal into a separate specification. The main reason I propose this is that these ideas are not only about interoperability, but can be of interest in other contexts as well.
When discovering information about, and possible ways of interaction with, an Entity (e.g. a User), Agents can use certain Initial Points of Interaction (which on gitter I have sometimes called Entry Points), such as the Entity's Identifier (e.g. WebID) and its corresponding Identifier Document (e.g. WebID Document). What an Agent Registration, with its specified way of discovery, provides, is that these Entry Points do not have to be the same for each Agent, while also guarding the privacy of each Agent (and therefore the Entity), without resorting to badly performing trial-and-error (e.g. current private Type Indexes). In other words, these parts of the current SAI draft enable Agent-specific Points of Entry.
Such APEs (pun intended) can be useful for far more than (Solid) Application Interoperability alone. One could, for example, store Agent-specific Type Indexes in it. The kind of data it contains should not necessary be the same. Some classes of Agents could adhere to different additional specifications, using very specific data stored in their APE. Nor does it necessarily have to be read-only: one could easily envision apps that store their user-specific settings in this way. I'm not saying these should all become best practices; to the contrary. But they indicate the broader possibilities of such Agent-specific discovery.
Because of these considerations, I'd suggest proposing this mechanism (a Discovery Hub, or Interaction Agent, for lack of a better term, pointing Agents to their own specific document) as a separate micro-spec, on which SAI can then build further. At the very least (if not accepted), I would very much like to see this role of the ARs and AA be separated from their role in access-control, since both tasks could just as well be done by different mechanisms without influencing the resulting interoperability.
Looking forward to your thoughts!