For this next module the goal is for people registrering with an Indico conference to be able to store some personal data (passport and credit card info) in their own pod and not in Indico.
A few issues Adrian identified and Jan recorded below:
- Indico itself needs to access some of the data for processing, archival etc. this data is probably best kept in Indico (name, email address and much more).
- Modification deadline on fields: what stops the user to modify data from the pod?
- What data can we then really save in a pod?
- How does Indico proactively reach out to conference attendees, eg. do you want to participate in next year’s conference? (Solid Notifications)
A solution to mitigate data changes on the pod: Adrian came up with the signature of the complete JSON blob (that is being sent to the pod) with a secret key to invalidate the data if crucial, structure data is modified on the pod.
During the meeting we concluded Indico and the storage of (personal) conference registration data in a Solid pod is not viable at this point.
We have therefore concluded that as a second proof of concept implementation Jan will build a plugin to pre-fill the conference registration form with data from a pod/WebID profile document. This includes data such as name, email, and other sensible data.