You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Could acl:accessTo become optional for authorizations? This would allow reuse of permission sets. A document could reference any permission set with rel="acl" and all the authorizations which don't have explicit acl:accessTo would apply to the document which referenced it with rel="acl". Authorizations with statements using acl:accessTo would only apply to resources used as object in those statements, it could come helpful for adding authorizations on ACL resource itself.
Closing this issue as consensus is deemed to be captured in WAC Editor's Draft: https://solid.github.io/web-access-control-spec/ . See #acl-resource-discovery #authorization-conformance #authorization-matching . Servers may associate an ACL resource with different resources but an Authorization must include accessTo.
Could
acl:accessTo
become optional for authorizations? This would allow reuse of permission sets. A document could reference any permission set withrel="acl"
and all the authorizations which don't have explicitacl:accessTo
would apply to the document which referenced it withrel="acl"
. Authorizations with statements usingacl:accessTo
would only apply to resources used as object in those statements, it could come helpful for adding authorizations on ACL resource itself.For example
dataset.alice.example
would apply two authorizations above to any document which it serves withLink: </acl/public-read>; rel="acl"
The text was updated successfully, but these errors were encountered: