-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Harmonise how a Duty with consequences should be evaluated #267
Comments
Hi @nitmws - can we turn this into two issues? One for the testing phase, and one as formal CR Review editorial feedback? (and they will be addressed separately) |
and what happens after round 2? |
Re @riannella : this issue should be considered first in the test phase of course. If we agree on the approach we will make it a formal CR Review feedback? I'm ok with that. |
Re @simonstey The ODRL Processor having evaluated the Duty has to draw its conclusions from the Duty's state Fulfilled or Not-Fulfilled. E.g. if the Duty is a duty of a Permission and the result is Not-Fulfilled then the Permission's state cannot be Allowed anymore. This applies also to Duties referenced by consequence or remedy; for an obligation-Duty the Processor returns the state to the system which has requested to evaluate the obligation. |
"cannot be Allowed anymore" as in never ever or until it's evaluated again? |
This happens inside the evaluation of a Permission, step by step:
|
I think there is a simple editorial solution. Simply add "also" to "...then all consequences must also be fulfilled..." The latter paragraph about consequence, makes it clear that is is an additional Duty (so current implementors must support that). See #275 for more comments... |
Sorry, I disagree. In #275 @simonstey demonstrates that if the "original Duty" has a temporal constraint this Duty cannot be fulfilled outside the time set by the temporal constraint, by the logic of constraints this is impossible. Therefore:
We may add as Note:
The first paragraph in 2.6.6 Consequence property with a Permission/Obligation Duty should be changed to:
|
I understands where the issue is - but the ODRL IM does not define any temporal constraints, only that the duty is satisfied or not. From a machine perspective this may be difficult with a hard-coded date. From a business perspective, it does work (ie you can still pay a bill after the due date in most companies ;-) So the IM, i think, is correct in the scope of the normative statements. As an example, the GDPR may say you have 60 days to remove my personal data, otherwise you are fined $EU10,000. After 61 days I pay the fine, but I don't remove the personal data since the 60 days has passed. This is not the intention of the consequence. |
So perhaps the editorial note should say:
|
Now things get complex as we reuse the same examples and associated assumptions too much:
|
@nitmws my response has been based on the current IM narrative that states that the original duty MUST also be satisfied if it triggers the consequence duty. I have asked @simonstey and @sabrina to verify/clarify that is the correct interpretation (as the consequence duty was introduced based on their requirements) #275 If it turns out to be true, then we need to address the satisfaction issue of the original duty. |
@riannella @simonstey and @sabrina let's have a look back at square 1 of this Issue: In the current IM we have this definition right under the heading 2.6.3 Duty Class - without any word about a requirement to fulfil of the "original Duty" to finally fulfil the Duty with consequences.
And we have in the current IM this language as narrative regarding the
Status of the issue at this point: the current IM has contradicting definitions - one of them must be selected for a final ODRL Recommendation. At the formal level of the CR none of these definitions has an explicit precedence. Next comes Issue #275: @simonstey demonstrates that it is possible to define an "original Duty" which is impossible to be fulfilled when a Duty is evaluated under the requirement to include the consequences. Status of the issue at this point: if the POE WG would select the To get out of this situation I suggest (again):
This solution would satisfy the requirement raised by Simon and Sabrina - it is possible to define "also the original Duty must be fulfilled" -, it avoids running into dead-end streets when processing a Duty, and the IM would not be changed, the definition at the top of 2.6.3 takes some precedence and the features of the |
related to that, what was the reason for requiring that ->
avoiding cyclic dependencies? |
As I recall from the discussion at a call it was avoiding infinitely nested consequences, and that makes sense. (We at IPTC had such nested structures and implementers told us: "this does now work in a reliable way in practice". Since then we avoid that.) To clarify this regarding my suggest wording of the consequence definition above: the re-expression of the "original Duty" as a consequence may require a few modifications: a) should the constraints be applied (again) (see #275), b) no consequences. See an example of that in #275 (comment) |
@nitmws I think we did miss the word "also" in the first para of 2.6.3 Duty Class. Perhaps what is needed is another failure sub-property? |
@riannella adding "also" to the first para does not help as #275 shows. Based on that issue ODRL MUST sort out a Duty (including constraints and refinements) which must be fulfilled in a first round of evaluation and a Duty with maybe less constraints etc in a second round of evaluation which checks all the consequences - and this modified Duty should be made one of the consequences. This does not change the IM, only how to deal with a specific business need - include the original Duty in the second round - is modified but the feature as such is left untouched. Re another failure sub-property: the ODRL WG must not change the IM anymore, inventing new things would go in this direction. And what should be the semantics of such a property - and how should it solve the problem? |
Resolution taken at the meeting of the group 2017-10-09: http://www.w3.org/2017/10/09-poe-irc#T13-43-24 |
Updated the IM. Included a "note" about relaxing the constraints. |
from @nitmws The first paragraph says: Error: the consequence property may refer “one, one or many” Duty instances, therefore the singular in “the consequence is an additional Duty” is wrong. The explanation of the consequence property in this section says: Error: same as above: the consequence property may refer to more than 1 Duties but the definition uses singulars only. Re NOTE: the language of this note builds on the assumption that the cannot-be-fulfilled state comes only from constraints. Example: many video makers contract streaming services to publish their videos – and expect a 24/7 service. Second issue with this NOTE re “In such cases, ODRL implementations SHOULD provide mechanisms to allow the original duty to be satisfiable.” |
Updated the plurality of consequences. We don't define how Policies are exchanged (only expressed) and we still have the "black-box" notion of evaluation of constraints. |
This is about the CR version of the IM, today (25 September) at https://w3c.github.io/poe/model
The Duty Class definition says about consequences:
Further down in this section the description of the
consequence
property says:These two statements are not aligned: the first one does not require to exercise the action of the Duty, the second one does.
I suggest - as minimal approach, see more below - to change the 1st paragraph of the Duty Class to:
This wording above defines in fact but not explicitly the need to run two evaluations of the same Duty instances:
This triggers:
(This should be reflected in the Truth Tables of the Evaluator page.)
To make this transparent it would help to integrate such a 2-rounds-evaluation in the definition. My suggestion, round 2 ;-)
The text was updated successfully, but these errors were encountered: