W3C home > Mailing lists > Public > public-prov-wg@w3.org > April 2013

Review Prov-AQ

From: Sam Coppens Ugent <sam.coppens@ugent.be>
Date: Fri, 05 Apr 2013 10:34:12 +0200
Message-ID: <515E8C84.10803@ugent.be>
To: Provenance Working Group <public-prov-wg@w3.org>
Hello,

Here is my review of 
https://dvcs.w3.org/hg/prov/raw-file/fa9bac23203a/paq/prov-aq.html
It looks fine to me. I have no blocking issues.


1) Third Public Working Draft

This is the third public working.   --> This sentence needs to be updated.

2) 1.1 Concepts
This document uses the term URI for ... --> I would consider moving this 
paragraph above the concept definitions (Resource, etc.

3) 1.2 Provenance and Resource - Second paragraph
Yet we may still want ... --> Yet, we may still want ...

4) 3.1 Resource accessed by HTTP
may be indicated using an HTTP Link: header field --> may be indicated 
using an HTTP Link header field

5) 3.1 Resource accessed by HTTP
Example 1 and example 2: I would consider using different URIs for the 
provenance records (http://example.com/resource/provenance/), because 
often both the normal HTTP access (#has_provenance) and a query service 
(#has_query_service) will provided next to each other. One access 
protocol will not replace the other. Makes it more clear.

6) 3.1.1 Specifying Provenance Query Services
There may be multiple has_query_service link header fields... --> There 
MAY be multiple ...

7) 3.3 Resource represented as RDF
First paragraph: For this purpose the link relations introduced ... --> 
For this purpose, the link ...

8) 4.1 NOTE on service descriptions offered by LDP
They won't develop generic service descriptions, maybe specific service 
descriptions for their read/write interface, but nothing more.

9) 4.1.1 Direct HTTP query service description
  (level 2 or above) in which which the variable uri stands for the 
target-URI --> ... in which ...

10) 4.1.1 Direct HTTP query service description
Example 6: Consider using an entity uri containing # or & ...

11) 5 Provenance Pingback
I consider this section essential for more advanced provenance 
platforms/tools, e.g., discovery of the latest published version, even 
if in another domain. Thus, I am certainly in favor of keeping this section.

12) 5 Provenance Pingback
Consider using in the example using an anchor parameter to make things 
more clear.

13) 6 Security
CSRF can be a real thread: a user ,e.g. , follows a provenance link, but 
it links to a script that tries to do a bank transaction (under the 
consideration the user is logged in to its bank account)

Best,

Sam
Received on Friday, 5 April 2013 08:34:43 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:51:35 UTC