[annotator-dev] Usernames and groups

Randall Leeds tilgovi at hypothes.is
Mon Dec 9 21:41:24 UTC 2013


On Dec 8, 2013 5:03 AM, "Mitar" <mmitar at gmail.com> wrote:
>
> "Hi!
>
> Are those permissions which are done by Annotator (the extended ones,
> which have things liks "group:__world__") based on any standard? How
> could we assure interoperability between systems? So that if we
> federate annotations among systems there would be a way to map
> permissions as well?

No.

I haven't been tempted to raise the standardization issue because I assume
access control can be delegated, and assumed local, to the repository.

I might argue that it's not really a property of the annotation, but local
server metadata. I'm not aware of anyone in the Annotator community
enforcing authorization outside of the HTTP API layer, which means it's not
really annotation data but a property of its particular representation at a
particular web resource. If it moves to another server, through some
federation protocol, it would be subject instead to the authorization logic
of that host, which may or may not have access to the relevant group
membership information or be able to authenticate the principals mentioned
in the ACLs.

I don't think it's sane to pursue interoperability here.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/annotator-dev/attachments/20131209/8d9253ca/attachment-0004.html>


More information about the annotator-dev mailing list