You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've some concerns with the outlined semantics of Extended Relations as defined in Section 6.1 [1].
For example, for Permissions and Prohibitions it reads as follows:
Permission
OR The related party may perform any (at least) one of the Actions
AND The related party MUST perform all of the Actions
XOR The related party MAY perform only one of the Actions
I would argue that by granting someone the permission to perform a certain action does NOT imply that respective party MUST actually perform permitted action. The Assignee is permitted to do it, but doesn't have to.
Prohibition
OR The related party MAY NOT perform at least one of the Actions
AND The related party MAY NOT perform all of the Actions
XOR The related party MAY NOT perform only one of the Actions
There is no definition of "MAY NOT" in RFC 2119 (afaik).
Apart from (1), "MAY NOT" doesn't reflect the intended semantics of, e.g., AND-ed Prohibitions (imho). E.g., if someone is prohibited to neither print nor display a certain asset, that person MUST NOT perform actions print AND display on a certain asset. (cf. SHOULD NOT)
Besides that, I'm actually wondering whether there's any use case that would motivate/require AND-/OR-/XOR-ing Permissions/Prohibitions?
I've some concerns with the outlined semantics of Extended Relations as defined in Section 6.1 [1].
For example, for Permissions and Prohibitions it reads as follows:
Permission
Prohibition
Besides that, I'm actually wondering whether there's any use case that would motivate/require AND-/OR-/XOR-ing Permissions/Prohibitions?
[1] https://w3c.github.io/poe/model/#extended-relations
[2] https://tools.ietf.org/html/rfc2119
The text was updated successfully, but these errors were encountered: