Re: On The Safety of Publicly Open-Registration Solid Servers from Matthias Evering on 2023-10-02 (public-solid@w3.org from October 2023)

From: Matthias Evering <me@evering.eu>
Date: Mon, 02 Oct 2023 12:47:23 +0200
To: public-solid@w3.org
Message-ID: <op.2b6n8905ixbsmc@localhost>
Am 02.10.2023, 11:16 Uhr, schrieb Sarven Capadisli <info@csarven.ca>:

> Emelia, thanks for raising concerns that's part of the broader social  
> web, and ways in which we can improve work from our (CG and ecosystem)  
> end.
>
> I'd like us (the CG) to follow-up constructively. I don't want this  
> information to get lost in the emails (this mailing list is "used for  
> general discussions and announcements" [1]).
>
> It would at first glance may appear that your recommendations may not  
> specifically fit under the scope of the CG but it is not out of scope  
> either [2]. But, I do acknowledge that there are takeaways we can break  
> down and work on in the context of the CG and are in scope (and if not,  
> why not, right?). And, this work or information is not limited to the CG  
> and should be further developed as part of the Solid Project.
>
> Here are some suggestions:
>
> * Storage Terms of Service Template [3] that can be adopted by storage  
> providers, in addition to their local laws, in the spirit of the Solid  
> project.

Emelia, Melvin, Sarven and List/CG:

with interest I read about security concerns.
these seem to be well-profound.
as first action item for me I see the Terms of Service, which I will add  
to my/our production system.

> * Best Practises and Guidelines for storage providers, taking different  
> types of invitations, registrations, and data policy and rights (e.g.,  
> [4][5]) which also goes together with what's in scope as per "(meta)data  
> models.." [2]. And more broadly on hosting, infrastructure and systems  
> (e.g., part of Web Sustainability Guidelines [6]).
>
> * Further develop Use Cases and Requirements [7][8][9][10] (and other),  
> taking processing (e.g., generally [11] but with further considerations  
> towards ensuring trust, safety, and moderation).

I will follow closely and give my best efforts.

> May I ask you and others interested in this work to follow-up in one of  
> those space? It is not an exhaustive list and may not entirely address  
> the concerns you're raising so I can encourage everyone to take up this  
> work in one of the, or to be created, workspaces.

as next I will follow the citations.

> Lastly, some of this work is no entirely on the Solid project to solve,  
> so please also consider following-up with existing groups and  
> communities out there both in W3C and elsewhere. Hint: this would be a  
> good CG Task Force if we can distil the needs further.
>
> Huge thanks!

I hope we can address the Behavioural as well as the technical issues.
lastly let me assure that I feel welcomed in our diverse community I could  
not do the work without crowdhelp.

kr, @ewingson

> [1] https://www.w3.org/community/solid/charter/#communication
> [2] https://www.w3.org/community/solid/charter/#scope
> [3] https://github.com/solid/specification/discussions/577
>
> [4] https://www.w3.org/TR/odrl-model/
> [5] https://w3id.org/dpv
>
> [6] https://w3c.github.io/sustyweb/#hosting-infrastructure-and-systems
>
> [7] https://github.com/solid/user-stories
> [8] https://solid.github.io/authorization-panel/authorization-ucr/
> [9] https://solid.github.io/notifications-panel/notifications-ucr
> [10] https://github.com/solid/specification/issues/317
>
> [11] https://github.com/solid/specification/issues/394
>
> -Sarven
> https://csarven.ca/#i
>
>


-- 
Matthias (@ewingson)
Received on Monday, 2 October 2023 10:47:30 UTC