# Solid Authorization Panel September 30th, 2020 ## Present - Justin B - Henry S - elf Pavlik - Matthieu B - elf Pavlik # Agenda ### Payment PR: https://github.com/solid/authorization-panel/pull/113/files HENRY: A use case that presents a resource based on whether or not a payment has been made. Present the metadata to the public if they have not paid, and give the option to pay. If they have paid, give them access to the music. PAVLIK: Would like a bit more detail about how this would work specific to authorization? ### Deny bad actors - https://github.com/solid/authorization-panel/pull/112 From https://github.com/solid/authorization-panel/issues/111 JB: Does anyone have a fundamental issue with deny statements JACKSON: Issue with adding triples to subtract access? ERICP: Typically when doing ontologies you avoid anything non-monotonic. If you're making heavy use of inferencing that could make you subject to missing an inferred denial. Typical non-monotonic logic problem. In our case, the use of inference is very hard to justify in an ACL system. It makes more sense to say there is no inferencing - then you have no vulnerability to non monotonicity. HENRY: May be value to introduce inference, but something to study. ERICP: Isn't that you can't have inferencing, but you can have prescribed inferencing. ### https://github.com/solid/authorization-panel/pull/114 Similar to https://solid.github.io/authorization-panel/wac-ucr/#conditional-control, and JACKSON M's proposal to limit app's control boundaries