Aaron Coburn

> This means that we need creative people to come up with new answers to problems within the constraints of Solid. There is a lot of work to do and...

I'd like to give a big 👍 to this proposal. This would be really useful metadata for cache implementations because it would provide a strong hint for TTL values.

I can describe my own use case a little more extensively, which may address @dmitrizagidulin's questions. I would like a multi-tier, low-latency ACL cache that effectively pre-computes access controls across...

I have also implemented WAC-based authorization for two completely [different](https://github.com/trellis-ldp/trellis/tree/master/components/webac) [servers](https://github.com/fcrepo4/fcrepo4/tree/master/fcrepo-auth-webac). Is the specification implementable, as currently written? Yes, certainly Will all implementations enforce WebAC authorization the same way, based...

@awead can you clarify point 3 a bit? The Fedora impl uses `acl:agent` for user names and group names, e.g.: ``` a acl:Authorization ; acl:mode acl:Read ; acl:agent "repoEditorGroup", "[email protected]"....

@escowles I am totally open to making those agent values URIs. A system defined prefix wouldn't be too hard to implement for this. Do you have any suggestions for that?

@sberyozkin that sounds great. I know this PR has gone largely dormant, but I would be happy to help move it forward

@sberyozkin thanks for the feedback. Using an abstract class, as you propose, makes a lot of sense, and that should be reasonably straight-forward to implement.

@sberyozkin thanks for the ping. I have done some initial work on this. I'll try to wrap that up and submit as part of a PR

> Auth 1 Adding support for RFC 9207 seems like a good idea, but I am not convinced that it should necessarily be _required_ by Solid-OIDC. An OAuth 2.0 client...