- From: elf Pavlik <elf-pavlik@hackers4peace.net>
- Date: Tue, 24 Mar 2026 04:00:11 +0000
- To: "public-solid@w3.org" <public-solid@w3.org>
Hey Matthieu, On Monday, March 23rd, 2026 at 3:37 PM, Matthieu Bosquet <matthieubosquet@gmail.com> wrote: > I can’t help but notice that the authorisation panel has had nearly no activity since 2022. I just don’t think there has been much activity on authorisation in Solid lately. We moved away from splitting work into panels probably around 2 years ago. But yeah there weren't many changes to WAC in that time as well, mostly small corrections: https://github.com/solid/web-access-control-spec/pulls?q=is%3Apr+is%3Aclosed More than PRs we still had various discussions related to WAC, probably most over matrix and I think people had opportunity to have their questions answered. I never intended my email as a critique towards you, more giving credits where it's due to Sarven for being there when people needed clarifications on WAC. > I have been working on implementation, documentation and usage patterns in the background and the ACP resolution algorithm is well documented and easily implementable. > > The main missing piece for facilitating adoption at this stage is what I would call an ACP protocol spec. > > I would recommend resuming progress in that direction and comparing usage as a more viable approach to deciding whether or not a specific access control language should be mandated. > > I also think the work on access requests is relevant to this and should be considered. In my implementation work I use custom CSS policy engine which uses access grants and it does most of the heavy lifting. I also do use ACP for registry pods but this part has very limited requirements - mostly client constraints which thanks to Christoph initiative, with active engagement from Sarven, will most likely land in WAC as well at some point. https://github.com/solid/web-access-control-spec/pull/133 Looking at current trajectory I think WAC will very likely make it to Solid 26. I will not be able to switch to it until client restrictions get added but I'm not really in any rush to do it. To also give credits to you, I think one of the best efforts in Solid CG history was your collaboration with Henry on https://github.com/solid/authorization-panel/tree/main/proposals/evaluation It was one of inspirations for me when we started looking at improvements to our CG process with some early drafts in: https://github.com/w3c-cg/solid/blob/main/framework-for-proposals.md We didn't capture well the part about ongoing side by side evaluation of alternative proposals. I hope we will still learn from past mistakes and improve how we work in the future. I think it would be an interesting exercise, probably to late for Solid 26, to run a survey with just one question in lines: "Please explain technical similarities and differences between WAC and ACP, try to stay unbiased". TBH I would probably do a pretty poor job answering this question myself. For long term viability of Solid I see it less important, which specific details we end up including in Solid 26. I see it as just one step on still long way to go. Possibly a good opportunity for retrospective and to improve how we move forward. Best regards, elf Pavlik
Received on Tuesday, 24 March 2026 04:00:22 UTC