Describe how we interpret the spec where ambiguous

[michielbdejong]

Ahead of resolving all known spec ambiguities, which is starting to roll away further and further each time I try to put my foot on it, I'll just list here which specific choices this implementation makes, and then that can also serve as input to the spec discussion.

[michielbdejong]

issue	NSS	inrupt-pod-server	spec
webid-oidc client_id should be origin of redirect_uri	no	yes	solid/webid-oidc-spec#16
WAC-Allow headers	yes	(planned)	solid/solid-spec#178
Websockets-pubsubs access tickets	no	yes	solid/solid-spec#179
Refusing to delete non-empty containers	yes	(planned)	solid/solid-spec#177
trustedApp system	yes	yes	solid/web-access-control-spec#56
recursiveness of websockets-pubsub subscriptions	no	(planned)	solid/solid-spec#180
create/delete requires container write	yes	(planned)	solid/web-access-control-spec#48

[michielbdejong]

Considering solid/solid-spec#187 (comment), we should discuss that.

[michielbdejong]

Splitting this up, there IS still 1 spec PR left that I hope will finish bringing the spec in line with NSS, hopefully within the next 7 days (and then I think it would be a good time to bump the version tag from 0.7 to 0.8):

issue	NSS	IPS	spec
create/delete requires container write	yes	(planned)	solid/web-access-control-spec#48
409 on non-matching sparql-update	yes	(planned)	solid/solid-spec#193

And then there are 4 points where IPS intentionally diverges from NSS, so those should still be considered proposed spec changes, at least until the NSS team decides to implement them as well:

issue	NSS	IPS	spec
use PoP token issuer instead of Origin header	no	yes	solid/webid-oidc-spec#12 (comment)
Websockets-pubsubs access tickets	no	yes	solid/solid-spec#179
recursiveness of websockets-pubsub subscriptions	no	(planned)	solid/solid-spec#180
ACL docs show up as container members	no	yes	solid/solid-spec#187 (comment)

[michielbdejong]

updated list of proposed spec changes:

• on solid-spec
• on webid-oidc-spec

[michielbdejong]

Hopefully we can merge the one about sparql-update today.
the create/delete permissions discussion was moved to a proposed spec change, with solid/web-access-control-spec#60 for documenting the current situation more precisely. Apart from those two, i'm not currently aware of any ambiguities.

[michielbdejong]

we didn't get everything merged, but we got close enough to now stop working on this, and just stick to what we could call the “roughly 0.8" version of the Solid spec.

[michielbdejong]

Found a new one: solid/web-access-control-spec#70

[michielbdejong]

Another thing the current spec doesn't explicitly say, but that Solid app devs could be forgiven for assuming is that 'if you do a PUT and then a GET, you get what you put' , but note this may change in the December version of the spec to allow for master-slave and master-master replication inside a pod server.