Solid Authorization Panel

# Solid Authorization Panel October 7th, 2020 # Present - Justin B - Sarven C - elf Pavlik - Martynas J # Agenda - Admin - Switch to videoconf tool that doesn't require a host to start/be present: https://gitter.im/solid/authorization-panel?at=5f7dca8f65cb032060765492 - Survey - Pull Requests - Block Access to Bad Actors - https://github.com/solid/authorization-panel/pull/112 - Authorization by Payment - https://github.com/solid/authorization-panel/pull/113 - Limiting Control Access - https://github.com/solid/authorization-panel/pull/114 - Client Constraints - https://github.com/solid/authorization-panel/pull/117 - Issues - What permissions are required for delete - https://github.com/solid/specification/issues/197#issuecomment-700625490 # Minutes ### Consolidated Survey Branch - https://github.com/solid/authorization-panel/pull/118 JUSTIN B: Needs review and then can be merged JUSTIN B: Can close out the branches that were merged from this (individual pulls) ### Block Access to Bad Actors - https://github.com/solid/authorization-panel/pull/112 PAVLIK - Don't want people to think that this is our only approach to spam because it's not fully effective JUSTIN - Agree though I believe that it's still a valid use case and can be worthwhile to do perimeter blocking even if a malicious user can make new identities. In concert with trusted issuers this can be a bit stronger. PAVLIK - Also used in concert with trusted credentials can be a better approach than just maintaining list of trusted identity providers. Okay to merge. HENRY - Blocking is necessary and reasonable to do. Need to add another use case for blocking. If we can make the use cases more inter-company it would be more d-web. Need blocking by app, by user. ### Authorization by Payment - https://github.com/solid/authorization-panel/pull/113 SARVEN - How much of this is authorization directly Justin B: Main issue is that I believe we have other use cases in here that could be used to satisfy this one. Justin B: Action - Link to conditional access by action, or possesion of VC and merge ### Limiting Control Access - https://github.com/solid/authorization-panel/pull/114 # Action Items - Justin B: See if gotomeetings can be started before hosts join - Sarven C: Going to ask Hindia to join Solid CG so we can merge their survey results (DONE: https://github.com/solid/authorization-panel/pull/110#issuecomment-704968444 ) - Justin B: Add another use case for blocking (possibly multiple) - Sarven C: Consider creating a use case on policy/tos/license agreement as a condition to access.