Web Access Control - Authorization condition with capability detection from Sarven Capadisli on 2026-03-24 (public-solid@w3.org from March 2026)

From: Sarven Capadisli <info@csarven.ca>
Date: Tue, 24 Mar 2026 13:27:19 +0100
To: public-solid@w3.org
Message-ID: <82ffadcf-7854-41f1-b445-b5cacbef0ea8@csarven.ca>

Ahoy hoy!

After much deliberation and popular demand, there is now a PR:

https://github.com/solid/web-access-control-spec/pull/134


proposing capability detection for extensible authorisation conditions 
in WAC. Servers can signal supported condition types, and clients can 
use them accordingly.

As anticipated in 
https://solidproject.org/TR/wac#authorization-extensions , this version 
adds initial condition types to the core spec, issuer and client 
identification. The design allows future types, e.g. time based 
conditions or ODRL policies.

Changes are backwards compatible. Servers without condition support are 
unaffected. Adoption can be incremental.

That said, we want to do this properly. This is also a call for 
implementers or a call for commitment to implement so that we can align 
the specification with real and open implementation experience before it 
advances further. Please chime in!

For those interested in technical writing, review of the PR would be 
much appreciated.

As usual, myself and others are available to support the community in 
understanding the proposed changes. Feel free to reach out in the chats, 
meetings, or catch me at in-person events where I am happy to convene an 
impromptu WAC-support Group.

-Sarven
https://csarven.ca/#i

Attachments

application/pgp-keys attachment: OpenPGP public key

Received on Tuesday, 24 March 2026 12:27:26 UTC