Solid Interoperability Panel

# Solid Interoperability Panel February 2nd, 2021 ## Present - Justin B - Benoit A - Matthieu F - Henry S - Hannes - Davi - ericP - Josh C ## Agenda - Announcements - Review prior minutes - See [prior minutes](https://github.com/solid/data-interoperability-panel/pull/79) - Pull requests - [Public discovery use case](https://github.com/solid/data-interoperability-panel/pull/81) - Issues - [Agree on terminology to distinguish software agent from social agent](https://github.com/solid/data-interoperability-panel/issues/80) - Topic Items - Considerations for data discovery - Justin B ## Minutes Justin: leaving distinguishing software and user agents for next week when Pavlik joins ... issue also gets into identity for organizations. ... main topic: Discovery ... Pavlik submitted a public discovery use cases and I \[justin] added some use cases ... fed Matthiew's questions back into docs ... TimBL asked why we've not talked about TypeIndexes yet ... over the last few years, Solid docs talk about public and private TypeIndexes. ... the ecosystem allows you to following your nose but doesn't mean there isn't a reason to have separate indexes. ... if you follow your nose to the data in a registry, your complete but you're doing a table scan. ... will lead to performance issues ... the ecosystem is meant to coexist with indexes but able to work without. ... data (location) remains stable while query mechanisms evolve ... TypeIndexes point to public and private data. Benoit: what's the existing spec for TypeIndexes? Justin: never made it out of the proposals phase ... You'll see them in NodeSolidServer Henry Story: - spoke about one could start from the ideal security perspective, which is where apps would display data but not be able to fetch the data without going through a Guard (in browser perhaps) trusted by the user. From there we could work backwards to what is doable, and then point out what tech is missing to get to the ideal. For example there was research done a while ago on the subject of confinging JS to (e.g) just display content: [COWL: A Confinement System for the Web][http://cowl.ws] Some of it found its way into current standards, but not all of it (not sure what exactly). That is a bit behind the idea of the [LauncherApp](https://github.com/bblfish/LauncherApp) idea (though the Launcher Apps could still leak data with current technology): by passing requiests though that app others would not get access to key material or perhaps even tokens when connecting to remote servers, or indeed access to "app info" on the users Pod.