Specifications' and Implementations' investigation in the CERN-Solid project

Europe/Zurich
Jan Schill (itu.de), Maria Dimou (CERN), Michiel de Jong
Description

This meeting is a fact-checking between:

Michiel de Jong - Solid developer

Jan Schill - MSc student

Maria Dimou -CERN-Solid collaboration manager

discussing conclusions after:

  1. studying and reviewing  the Solid specifications,
  2. evaluating the first Solid implementations,

for Jan's research project .

Jan's final report was delivered to the University on December 15th 2020 and is attached to this event.

Organised by

Maria Dimou

Random notes from a discussion between Jan, Maria and Michiel about:

1. How complete and stable are the Solid specifications
2. Which implementations to take as examples for the Indico extensions as a Solid PoC.

The test suite gets a lot of updates in the recent weeks https://github.com/solid/test-suite
The server-side validation cannot be done for the whole suite and for all the servers. Because some server implementations, e.g. the inrupt Enterprise Solid Server (ESS) don't support Web Sockets (which allow live updates). ESS uses HTTP/2 instead, which also offers live updates.

Hence the test suite will show that ESS is 100% compatible with 80% of the specs, to be able to exclude Web Sockets.

Different  implementations have different requirements. E.g. the ones of the UK  National Health System (NHS) can't accept the W3C Web Access Control (WAC), because it gives all end-users, including  non-experts, root access to their pods.  WAC can also show scaling problems, when access is given to over 10K users. This is why Access Control Policies (ACP) are now under development at inrupt, expected to be finalised in about 3 years from now.
Today, all Solid servers have WAC. Community Solid Server (CSS) and ESS have also ACPs.

The php Solid Server (php-SS) [9] development is advancing fast.

SolidOS is software that makes use of the data you have on your pod by giving you a bundle of programs that can interact with the data. This architecture overview shows it quite well. It is meant to come with a pod just like an operating system comes with the purchase of a computer.

Solid OS is the stack for Solid applications, php solid server is a server. Solid apps are separate from Solid servers, although some servers ship with a built-in file-explorer app. For instance, node-solid-server ships with the full Solid OS stack.

Solid OS [10] (under development by Michiel, TimBL and very few others) and has a plugin for Nextcloud, which could, probably easily, be ported to ownCloud, the CERNBox solution.

Linked Data is a notion, on which Tim Berners-Lee works for several years. It is based on the concept that the web of data can be linked to each other, like the web of documents.

The Solid principle is to split data storage from applications, in a new web concept. Applications can't exchange user data behind the users' back. The users know where their data is (on their pods) and which part of their total data is known to which application.

Rapid changes are now occurring in the Solid ecosystem (specs and implementations). This "fluidity" can make it difficult to convince the CERN software developers and service managers' community because of the maintenance effort required. On the other hand,  in three years from now Solid will be widely used outside CERN. Hence, it is important to embark now and shape the form of things during these 3 years. If CERN has limited resources for contributing to the code and installing updates, there is the option to buy a support package by (closed source) inrupt implementation now.

Links:

  1. Jan's issues/questions
  2. PDS Interop - Personal Data Stores Interoperability (PDS is like a dropbox. The PDS interoperability is being co-developed by Michiel). A BBC video on PDS.
  3. Data conventions - How Solid OS stores data on a Solid Pod.
  4. Anvil connect - Single Sign-On Anvil was a group of developers who built security frameworks. Some were used for the NSS. Anvil decided to shift their attention to another research field and decided to archive their open-source libraries. (text by Jan).
  5. Panva - Open ID connect service libraries
  6. Michiel's client library for authenticating with Solid
  7. Solid tests for CRUD and Web sockets' functionality for a Solid server
  8. a nodejs client for Solid
  9. php Solid Server (php-SS) https://github.com/pdsinterop/php-solid-server
  10. SolidOS https://github.com/solid/solidos
There are minutes attached to this event. Show them.
The agenda of this meeting is empty