CHECK THE RECORDING FOR THE ANSWERS



16:08:31 From Konstantinos Samaras-Tsakiris to Everyone : how do we identify users? trusting an external identity provider?
16:09:57 From Jan Schill to Everyone : I will answer this happily in after the presentation
16:17:27 From Hannah Short to Everyone : So in this second case, the registration form data is stored in Indico, right? Indico doesn’t keep a reference to the profile card?
16:18:36 From Vincent Brillault to Everyone : A lot of browser extension protect against security threats and privacy leaks by forbidding 3rd party requests. AFAIU, this client-side JavaScript fetching data from pod will need to do a lot of 3rd party requests. How to protect against *fake* pods tracking user activity (who fetches what comments & from where)?
16:23:16 From Hannah Short to Everyone : I’m struggling to think of a use case where the cost of fetching multiple users’ data is low enough for solid pods to be worth it. Are there any examples?
16:32:09 From Konstantinos Samaras-Tsakiris to Everyone : thanks
16:33:42 From Vincent Brillault to Everyone : Thanks :)
16:33:51 From Ishank Arora to Everyone : A question on similar lines as Vincent's. Can you always trust the data you get from the pod? You'd probably need sanitisation mechanisms which most servers don't have for data stored usually on the server side.
16:36:15 From Adrian Monnich to Everyone : @ishank: what i suggested there is that an application could store a signature for the data and discard data that was modified inside the pod
16:37:09 From Hannah Short to Everyone : Thanks, Maria
16:43:20 From Ishank Arora to Everyone : Thanks Adrian. That works for data the application has seen before, but might fail in the example of auto-completing profile data
16:43:31 From Pedro Ferreira to Everyone : I have to leave now, thanks a lot Maria and Jan! Well done!
16:43:57 From Adrian Monnich to Everyone : them it's just user input: ie untrusted data that needs the same level of validation that's done for any other user input as well
16:44:02 From Adrian Monnich to Everyone : *then
16:44:31 From Ishank Arora to Everyone : Okay yes, makes sense