- From: elf Pavlik <elf-pavlik@hackers4peace.net>
- Date: Mon, 17 Nov 2025 17:34:18 -0600
- To: Linked Web Storage Working Group <public-lws-wg@w3.org>
Hello WG, I will be organizing a session for Solid Symposium 2026 https://easychair.org/cfp/SoSy2026 The session will focus on Authorizing Applications and related Security Considerations. I'm actively looking for collaborators/contributors. It looks like AuthN/AuthZ work is pretty active in WG, judging by GitHub PRs. I think it would be very important if a LWS WG member(s) could join this session, preferably in person, but could be done remotely, and represent this topic from the WG perspective. Besides reaching out to the WG here, I'm also reaching out directly to a few community members, who I know are working on this topic. From early discussions, we are considering focusing on a few specific topics and presenting ongoing works: * End-user managing application access policies, with emphasis on cases where the end-user and the resource owner are two distinct agents. * Delegation-based approaches, including SAI, MANDAT, and possibly others. * Different requirements in an open ecosystem context and semi-restricted contexts, like corporate and governmental. * UX and DX patterns when end users use their applications of choice responsibly and access data owned by multiple peers in their social graph (individuals and organizations), each of whom can host and share data from multiple storage/resource servers. Those are just a few examples, and the final session program will depend on collaborators/contributors. I'm also exploring examples of malicious applications in https://github.com/elf-pavlik/mallory I'll be presenting new ones regularly during Solid CG weekly meetings and hope to use them as a reference when we discuss how different represented approaches incorporate countermeasures to exemplified problems. Please consider joining this SoSy 2026 session! Best regards, elf Pavlik
Received on Monday, 17 November 2025 23:34:26 UTC