Solid Use Cases

TODO

Pick a small pool of diverse names for the fictional characters reference.
Incorporate the use cases requested by the practicioners
Decide the future of Use Cases and Requirements for Authorization in Solid & Authorization Use Cases Survey
Decide the future of Solid Notifications Use Cases and Requirements
Decide the future of User Stories for Solid
Agree on precise terminology to use when defining use cases
Define categories for use cases (use lables?), e.g. 'ops', 'apps', 'sec', 'privacy'
Ontologies and shapes

As a user, I want to move a Pod from one Solid Server to another.
I want all this to happen in a transparent way to applications that use the data

proposed by: elf Pavlik

As a user of project management application
I want to authorize that app to access all the project boards and tasks on those boards
Without sharing with that app contacts who don't share project boards with me
Still, when one of my contacts starts sharing some project boards with me
I want my app to discover it and start showing it to me automatically

proposed by: elf Pavlik

As a person collaborating with various individuals and organizations
Given that some of my contacts are yet to get WebID
I want to be able to pre-authorize their access to some of my data
So that when they get WebID and get on board with solid, they can access that data.

proposed by: elf Pavlik

As an admin of an organization
I want to authorize specific individuals to access certain data of the organization
In a way that they can independently authorize others to the extent of the access they received
And ensure that once I revoke access for one of the people I granted it to, anyone that they authorized will also lose access

proposed by: elf Pavlik

As a user
I want to be able to organize my data into collections
I want to manage access on the collection level, so it applies to all the members
I want to be able to 'move' my data between collections wihout breaking any incoming links

Application - CAN be identified; autonomous or not
Agent - CAN act - individual, entity or bot(application)
User - is an agent; individual user acting for herself or on behalf of an entity; CAN be authenticated
Org - CANNOT act; community/group/enterprise/team/etc (social agent) that controls data, but actions are taken by an authorized person or bot on behalf of Entity; CANNOT be authenticated
ServiceProvider - IdP Provider, Pod Provider etc.
Issuing a credential
- from the outside org issues a credential
- from the inside some org member (individual)
  - possibly bot as a side effect of something else

Social Entity vs. Application

Applications always act on behalf of social entities (or just individuals?)
every contract needs to be signed by a person, not an organization - audit trail
all sites have cert signed by a CA,

Outside vs Inside perspective

Personal Data Store / Collective Data Store
Organization has its own WebID but can't authenticate
distinction between groups and organizations, groups can be looser
conforming with ActivityPub we have applications (bots), for example when max number of attendees in event the bot will close subscriptions.
group vs organization
one can just join the group, possibly some moderation, organization can have more formal roles

ACTION: Hadrian to reach out and see how we could collaborate