Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Numbering of the new spec version #149

Open
michielbdejong opened this issue Sep 21, 2022 · 1 comment
Open

Numbering of the new spec version #149

michielbdejong opened this issue Sep 21, 2022 · 1 comment

Comments

@michielbdejong
Copy link
Collaborator

michielbdejong commented Sep 21, 2022
edited
Loading

In https://gitter.im/solid/test-suite?at=62c31be79a314a3ec429310a Tim said that "[t]he plan is that the next version 0.9.1 will have the Insecure WebSocket notifications deprecated and secure authenticated web socket notifications added."

As I understand it, that would be a breaking change for clients (old clients will stop being spec compliant because they can no longer rely on receiving Insecure WebSocket notifications from storage servers) and also for storage servers (old servers will stop being spec compliant because they don't implement the new protocol).

However, reading the text, there is are two sections,

The non-normative section seems to contradict the normative one. And note that this spec text has been published (on GitHub) but has not been released (with a version tag) yet by the spec-writing team, so the current version of Solid is "v0.9.0, moving towards v0.9.1".

So in this current phase, we should probably consider the old protocol as required and the new protocol as optional.
Once the spec-writing team tag and publish v0.9.1, we can maybe just switch those around, reporting on the new protocol as required and on the old one as optional.
@michielbdejong michielbdejong mentioned this issue Sep 28, 2022
Merged
@michielbdejong
Copy link
Collaborator Author

michielbdejong commented Oct 3, 2022
edited
Loading

Thinking about the following changes:

  • addition of secure websockets protocol
  • deprecation of insecure websockets protocol
  • start rejecting clients that don't send ath (see DPoP ath claim check #151)

We can categorise servers as:

  1. supporting 0.8 clients (don't enforce ath, accept insecure websockets, accept sparql-update PATCH)
  2. additionally supporting 0.9.0 (additionally accept text/n3 PATCH)
  3. additionally supporting 0.9.1 (additionally accept text/n3 PATCH and secure websockets)
  4. config option exists for rejecting 0.8.0 while still supporting 0.9.0 + 0.9.1 (enforce ath, no need to accept sparql-update PATCH anymore)
  5. config option exists for rejecting 0.8.0 + 0.9.0 while still supporting 0.9.1 (enforce ath, reject insecure websockets, no need to accept sparql-update PATCH anymore)

I think, off the top of my head, we have:

  • solid-nextcloud: 1, 2, 3
  • PSS: 1, 2
  • NSS: 1, 2
  • SCSS: 1, 2
  • TrinPod: 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@michielbdejong