Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Initial Editor’s Draft of the WAC specification #83

Merged
merged 310 commits into from
Jun 30, 2021
Merged
Changes from 1 commit
Commits
Show all changes
310 commits
Select commit Hold shift + click to select a range
b14338f
Add effective-acl-resource-alternatives
csarven May 7, 2021
e22bd91
Add permission-inheritance-extensions
csarven May 7, 2021
f2ad4c9
Add distinct-effective-acl-resource-extensions
csarven May 7, 2021
d631c12
Clean up extensions and nav
csarven May 10, 2021
4c839b9
Init authorization-policies
csarven May 10, 2021
141a0cc
Expand on accessTo and default
csarven May 10, 2021
6bf9d1e
Init authorization policy properties
csarven May 10, 2021
884ec8e
Add authorization-policies to nav
csarven May 10, 2021
8b0755c
Minor
csarven May 10, 2021
bf77f7e
Add requirement to reject non-conforming authorization policies
csarven May 11, 2021
da2e60a
Minor
csarven May 11, 2021
b686e1d
Add authorization-policy-conformance
csarven May 11, 2021
948533c
Clarify RDF of acl-resource-representation authorization-policies
csarven May 11, 2021
b9266a6
Move modes-of-access into authorization-policies
csarven May 11, 2021
434cca5
Add authorization-policy-conformance to nav
csarven May 11, 2021
9a73323
Add agent-class definition
csarven May 11, 2021
c5b99f5
Init authorization-policy-context
csarven May 11, 2021
973db23
Reorder authorization-policies section
csarven May 11, 2021
00eadc4
Init examples section
csarven May 11, 2021
3e2dd98
Minor
csarven May 11, 2021
6eb4bf1
Minor
csarven May 12, 2021
d55eb2a
Init authorizaiton-policy-principals
csarven May 12, 2021
a68e36e
Access to acl:agent
csarven May 12, 2021
e5420c7
Access to acl:agentClass
csarven May 12, 2021
9ec0666
Access to acl:agentGroup
csarven May 12, 2021
5ee3bd1
Init authorization-evaluation
csarven May 12, 2021
a0d02f8
Minor
csarven May 12, 2021
3980d42
Clarify acl:accessTo, acl:default when evaluating
csarven May 12, 2021
5575b6c
Minor
csarven May 12, 2021
60c893a
Minor
csarven May 13, 2021
8cc40c4
Minor
csarven May 14, 2021
3803c63
Add allow access for broader class
csarven May 14, 2021
484363e
Note Access Classes
csarven May 14, 2021
c2da0a6
Minor
csarven May 14, 2021
d0fe2ca
Revise authorization-evaluation intro
csarven May 14, 2021
0d38b76
Refer to authorization-policy
csarven May 14, 2021
6d77403
Init authorization-policy-matching
csarven May 14, 2021
8f89e46
Add match-accessto-agent-mode
csarven May 14, 2021
49eab9a
Add match-default-agentclass-mode
csarven May 14, 2021
088fcdb
Move effective-acl-resource under authorization
csarven May 15, 2021
7258f35
Move modes-of-access under acl-resources
csarven May 15, 2021
024c42f
Move authorization-policy-subjects under acl-resources
csarven May 15, 2021
b00137d
Move authorization-policy-context to access-objects under acl-resources
csarven May 15, 2021
bdce711
Move authorization-policy-subjects to access-subjects
csarven May 15, 2021
de99edc
Move modes-of-access to access-modes
csarven May 15, 2021
bd34421
Move access-objects modes subjects to authorization-policies
csarven May 15, 2021
74d379e
Update authorization-policies authorization intros
csarven May 15, 2021
de41ae3
Minor
csarven May 15, 2021
d13ff94
Clarify access-subjects
csarven May 16, 2021
ef34c22
Add specification-orthogonality
csarven May 16, 2021
b561688
Remove superfluous text
csarven May 16, 2021
57aa21f
Minor
csarven May 16, 2021
f733390
Add security-consideration about ACL resource provenance
csarven May 17, 2021
9484cd2
Minor
csarven May 17, 2021
30f9ddf
Link to effective-acl-resource from acl-resource-discovery
csarven May 17, 2021
dc09241
Move authentication recommendation to security-considerations
csarven May 17, 2021
758fb4d
Add match-accessto-agentgroup-mode
csarven May 17, 2021
75df4e3
Clarify input variable in example queries
csarven May 18, 2021
f04784c
Update match-accessto-agent-mode example
csarven May 18, 2021
57e7126
Mention PREFIX from here on
csarven May 18, 2021
3259c4a
Clarify why graph matching is unspecified
csarven May 18, 2021
d455b0c
update match-default-agentclass-mode
csarven May 18, 2021
94e3e5f
Update match-accessto-agentgroup-mode
csarven May 18, 2021
d4bf5e0
Reference INFRA boolean
csarven May 18, 2021
e9baf81
Minor
csarven May 18, 2021
a68489e
Init reading-writing-resources
csarven May 18, 2021
fa54415
Add reinstated-resource-permissions
csarven May 18, 2021
38554b0
Minor
csarven May 18, 2021
2283bb4
Add sparql11-query to references
csarven May 18, 2021
33c6a29
Revise authorization-policy-matching
csarven May 21, 2021
86d0ba4
Clarify reinstated-resource-permissions
csarven May 21, 2021
f6269b1
Minor
csarven May 21, 2021
dc5ab1a
Fix match-default-agentclass-mode
csarven May 21, 2021
9617c46
Minor
csarven May 21, 2021
30125cb
Clarify effective-acl-resource for servers and clients
csarven May 21, 2021
fd1cb06
Add requirement to create new resource
csarven May 21, 2021
84d27d7
Add requirement to delete resource
csarven May 21, 2021
5cd779a
Minor
csarven May 21, 2021
bba98ad
Generalise the context of requested operation
csarven May 22, 2021
98aeaaf
Add intro to WAC's set of operations
csarven May 22, 2021
a7d0af9
Add read, write, append, control operations
csarven May 22, 2021
edcb10b
Use access permission instead of right
csarven May 23, 2021
04693b3
Add security-consideration for POST Location for only Append
csarven May 23, 2021
d3cd8a2
Mention uri-ownership is outside the scope of WAC
csarven May 23, 2021
e48a558
Minor
csarven May 23, 2021
71c5df7
Add requirement for read operation
csarven May 23, 2021
71a6542
Add requirement for update operation
csarven May 23, 2021
5fefaa1
Add requirement for control operation
csarven May 23, 2021
e4b2099
Add acl-processor
csarven May 24, 2021
0b57963
Mention identification provided by system
csarven May 24, 2021
0cb9cf4
Update failures with wac-allow parsing
csarven May 24, 2021
08104b1
Replace acl-processor with consumer of authorization policies
csarven May 24, 2021
d435131
Move response to append request to privacy-considerations
csarven May 24, 2021
68d73da
Mention information disclosure through updates without read
csarven May 24, 2021
4822f6e
Intro to privacy-considerations on discrete access permissions
csarven May 24, 2021
f0763c6
Add origin to terminology
csarven May 31, 2021
d6d525a
Minor
csarven May 31, 2021
5f7b192
Init access-origins
csarven May 31, 2021
c886dd5
Add access-origins to nav
csarven May 31, 2021
69b95f4
Include acl:origin to authorization-policy-conformance
csarven May 31, 2021
f9e5db8
Init web-application-authorization
csarven May 31, 2021
edb2ffc
Add use of acl:origin and Origin header
csarven May 31, 2021
efa9144
Clarify why Origin is used
csarven May 31, 2021
1b48487
Minor
csarven May 31, 2021
ec725b8
Simplify requirement for acl:origin
csarven May 31, 2021
94afae5
Add note access-subject-origin-rejection-reason
csarven May 31, 2021
9447647
Update CSS for note, issue
csarven Jun 1, 2021
f0f90da
Clarify http-interaction
csarven Jun 1, 2021
1cfe3c2
Minor
csarven Jun 1, 2021
215129c
Use acl:Append acl:Write context for create update
csarven Jun 1, 2021
1b7eb6d
Add note http-method-access-mode-relation
csarven Jun 1, 2021
5b30dee
Mention PUT in http-method-access-mode-relation
csarven Jun 1, 2021
dcc981a
Rewrite http-method-access-mode-mapping , mention acl:Control
csarven Jun 2, 2021
392a1f7
Mention GET acl:Read mapping
csarven Jun 2, 2021
d1d39b8
Mention POST acl:Append acl:Write mapping
csarven Jun 2, 2021
e31ad6e
Mention PUT acl:Write mapping
csarven Jun 2, 2021
cf260fb
Mention DELETE acl:Write mapping
csarven Jun 2, 2021
ecc5b12
Mention PATCH acl:Append acl:Write mapping
csarven Jun 2, 2021
1420c4d
Move http-method-access-mode-mapping
csarven Jun 2, 2021
3c43925
Move what acl:Control doesn't imply
csarven Jun 2, 2021
316ab72
Remove examples section
csarven Jun 2, 2021
92bdc22
Minor
csarven Jun 2, 2021
315d75c
Clarify Origin acl:origin matching
csarven Jun 3, 2021
0849053
Mention ACAO ACAH in granted responses
csarven Jun 3, 2021
acab598
Add WAC-Allow to ACEH
csarven Jun 3, 2021
a745aec
Mention when acl:origin is relevant
csarven Jun 3, 2021
5d078d8
Minor
csarven Jun 8, 2021
07353c6
Add loss-of-control-mitigation
csarven Jun 8, 2021
44aeb1f
Reword to origin instead of Web application
csarven Jun 8, 2021
4c3d459
Add trusted-origins
csarven Jun 8, 2021
e4ab8fe
Move server requirement on wac-allow to web-application-authorization
csarven Jun 8, 2021
a841bd4
Link to WAC-Allow
csarven Jun 8, 2021
b871b92
Express ACEH in context of CORS
csarven Jun 8, 2021
a9dac5c
Minor
csarven Jun 8, 2021
eb5348a
Clarify deriving ACL resource URI from resource
csarven Jun 8, 2021
47dfb93
Require acl:Authorization in authorization-policy-conformance
csarven Jun 8, 2021
13cfc6d
Move access-origins into access-subjects
csarven Jun 8, 2021
7eae66c
Group acl:origin with other access subjects
csarven Jun 8, 2021
4af21d8
Clarify WAC-Allow requirement
csarven Jun 8, 2021
084f11b
Minor
csarven Jun 8, 2021
3f74eae
Add clients-discovering-access-privileges
csarven Jun 8, 2021
d4533ba
Include acl:Authorization in examples
csarven Jun 9, 2021
128e7b8
Minor
csarven Jun 9, 2021
5f2c31c
Split requirement for origin
csarven Jun 9, 2021
1cac605
Update authorization requirement for origin-based request
csarven Jun 9, 2021
01aa04d
Minor
csarven Jun 9, 2021
018b89b
Revise acl-resource definition
csarven Jun 10, 2021
b5980bb
Minor
csarven Jun 10, 2021
f59d200
Rename sectioning on authorization authorization-conformance authoriz…
csarven Jun 11, 2021
0f80fcf
Use dl for terminology
csarven Jun 11, 2021
134c4f1
Remove dfn-panel
csarven Jun 11, 2021
4b94ee1
Minor
csarven Jun 11, 2021
ef1a1b9
Use SKOS for terminology
csarven Jun 11, 2021
a9180fc
Expan on accessToClass issue
csarven Jun 11, 2021
7d061db
Rename to authorization authorization-rule
csarven Jun 11, 2021
8594ee8
Minor
csarven Jun 11, 2021
f1435b9
Limit to agent identification not being forgable
csarven Jun 11, 2021
dbb5061
Add subject-verification
csarven Jun 11, 2021
591edb3
Minor
csarven Jun 15, 2021
4d47df8
Add origin-considerations
csarven Jun 15, 2021
cd35af4
Add client-identification
csarven Jun 15, 2021
7e2a5b9
Minor
csarven Jun 15, 2021
858bd3a
Add some relations
csarven Jun 15, 2021
3454453
Minor
csarven Jun 15, 2021
c4f1417
Remove guard bit
csarven Jun 15, 2021
06f7e0a
Update origin-considerations
csarven Jun 15, 2021
227b6c4
Minor
csarven Jun 15, 2021
605772e
Clarify behaviour for foreign-namespaced access modes
csarven Jun 15, 2021
dc4460a
Move accessToClass to authorization-extensions
csarven Jun 15, 2021
0b6dc16
Use wac as shortname
csarven Jun 15, 2021
db84a21
Add more sources
csarven Jun 15, 2021
2ca3aec
Update source/advisement
csarven Jun 16, 2021
9ac5423
Add wac-allow-access-modes issue
csarven Jun 16, 2021
0cda462
Fix figure URIs
csarven Jun 16, 2021
4154316
Update audience
csarven Jun 16, 2021
ca8444f
Update reference relations
csarven Jun 16, 2021
096d982
Remove status-of-a-permission
csarven Jun 16, 2021
c6b898b
Remove unused namespaces
csarven Jun 16, 2021
599e0c4
Minor
csarven Jun 16, 2021
ffa9845
Add inlists motivation overview
csarven Jun 16, 2021
6125a3b
Add document-derived-from
csarven Jun 16, 2021
9983014
Add language license status policy
csarven Jun 16, 2021
a2b73f3
Add document-in-reply-to
csarven Jun 16, 2021
63cccb0
Include dokieli
csarven Jun 16, 2021
b2e3e15
Minor
csarven Jun 16, 2021
f67a89f
Link to Solid Origin
csarven Jun 16, 2021
00dc81d
Minor
csarven Jun 16, 2021
5b5770c
Add inbox
csarven Jun 16, 2021
3cfaa66
Minor
csarven Jun 16, 2021
231ce5e
Init bib-security-privacy-questionnaire
csarven Jun 17, 2021
a150dde
Add security-privacy-review-purpose
csarven Jun 17, 2021
6d0e8be
Add security-privacy-review-minimum-data
csarven Jun 17, 2021
5b2d77d
Add security-privacy-review-personal-data
csarven Jun 17, 2021
080bd87
Add security-privacy-review-sensitive-data
csarven Jun 17, 2021
618b967
Add security-privacy-review-persistent-origin-specific-state
csarven Jun 17, 2021
a8368bc
Add security-privacy-review-underlying-platform-data
csarven Jun 17, 2021
590b220
Add security-privacy-review-send-to-platform
csarven Jun 17, 2021
bee3bd7
Add security-privacy-review-sensor-data
csarven Jun 17, 2021
32ad562
Add security-privacy-review-other-data
csarven Jun 17, 2021
e5fcf1c
Add security-privacy-review-string-to-script
csarven Jun 17, 2021
f6c503b
Add security-privacy-review-remote-device
csarven Jun 17, 2021
0df341f
Add security-privacy-review-native-ui
csarven Jun 17, 2021
29d2f02
Add security-privacy-review-temporary-id
csarven Jun 17, 2021
b8c6267
Add security-privacy-review-first-third-party
csarven Jun 17, 2021
ae7e2ec
Add security-privacy-review-private-browsing
csarven Jun 17, 2021
54809b1
Add security-privacy-review-considerations
csarven Jun 17, 2021
0c59327
Add security-privacy-review-relaxed-sop
csarven Jun 17, 2021
a3adcb0
Minor
csarven Jun 17, 2021
9540095
Update README
csarven Jun 17, 2021
666308a
Fix example query
csarven Jun 18, 2021
2bef8a1
Minor
csarven Jun 18, 2021
db1dc81
Fix nav numbering
csarven Jun 18, 2021
74cbbdc
Reinclude rdf-schema in namespaces
csarven Jun 18, 2021
0b9b32d
Wrap prefixes with code
csarven Jun 18, 2021
9437c92
List only MUST and MUST NOT in Conformance
csarven Jun 18, 2021
42bbf5a
Clarify parsing algorithm for field-value
csarven Jun 18, 2021
510a5f1
Clarify Control operation including view
csarven Jun 18, 2021
09aa7db
Link to effective-acl-resource
csarven Jun 18, 2021
c970116
Remove 'see '
csarven Jun 18, 2021
d0c072a
Minor
csarven Jun 18, 2021
f87f9ec
Minor
csarven Jun 21, 2021
aa190b4
Update index.html
csarven Jun 21, 2021
a77b697
Update index.html
csarven Jun 21, 2021
6336a26
Update index.html
csarven Jun 21, 2021
16d1a62
Update index.html
csarven Jun 21, 2021
df5cdf3
Update index.html
csarven Jun 21, 2021
c919dd4
Update index.html
csarven Jun 21, 2021
db9cfe5
Update index.html
csarven Jun 21, 2021
e5b64c6
Update index.html
csarven Jun 21, 2021
71ea144
Suggestions from @TallTed but with BrE use
csarven Jun 21, 2021
b38e2c2
Good ol' commas after e.g. and i.e.
csarven Jun 22, 2021
b8be211
Add links to authorization-conformance authorization-evaluation
csarven Jun 22, 2021
b51c52d
Minor
csarven Jun 22, 2021
89cde2b
Clarify why clients need effective ACL resource
csarven Jun 22, 2021
d284d38
Minor
csarven Jun 22, 2021
2fd1533
Clarify client's reason to determine efective-acl-resource: control o…
csarven Jun 23, 2021
31fee9e
Link to web-application-authorization
csarven Jun 23, 2021
54118e7
Add container-permissions
csarven Jun 25, 2021
d431ef0
Rename to web-origin-authorization
csarven Jun 28, 2021
ee67b75
Minor
csarven Jun 28, 2021
2fc3955
Clarify web-origin-authorization
csarven Jun 28, 2021
bd4e505
Minor
csarven Jun 28, 2021
674f748
Add some ids
csarven Jun 28, 2021
9ad594d
Fix typo
csarven Jun 28, 2021
cad7a79
Apply suggestions from code review
csarven Jun 29, 2021
dd2c28f
Add access-privileges including WAC-Allow
csarven Jun 29, 2021
173654f
Editorial suggestions from @matthieubosquet with some updates
csarven Jun 29, 2021
ee96098
Update index.html
csarven Jun 30, 2021
6be5820
Minor
csarven Jun 30, 2021
7c61e0a
Use ED URLs for the ED version
csarven Jun 30, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add permission-inheritance-extensions
csarven committed May 7, 2021
commit e22bd9106341c2b578b6bc36f5170961ccc964d7
7 changes: 7 additions & 0 deletions index.html
Original file line number Diff line number Diff line change
@@ -614,6 +614,13 @@ <h3 property="schema:name">Access Mode Extensions</h3>
<p>Foreign-namespaced access modes are allowed in ACL resources, but no behaviour is defined by this specification.</p>
</div>
</section>

<section id="permission-inheritance-extensions" inlist="" rel="schema:hasPart" resource="#permission-inheritance-extensions">
<h3 property="schema:name">Permission Inheritance Extensions</h3>
<div datatype="rdf:HTML" property="schema:description">
<p>This specification describes permission inheritance based on determining the most significant <cite><a href="#effective-acl-resource" rel="rdfs:seeAlso">Effective ACL Resource</a></cite> of a resource. Alternative strategies such as cumulative permissions (union of all the permissions from each ACL resource inherited from the ancestors of a resource) are allowed, but no behaviour is defined by this specification.</p>
</div>
</section>
</div>
</section>