You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If no inbox is found a Pod Management App MAY create an inbox by creating a container. In that case, the app SHOULD also create access controls for the container that give read and write permissions to the WebID owner and append but not read or write permissions to everyone else.
I see this as a very risky suggestion. If the pod management app actually does, it can make storage vulnerable to spam. I think we should handle this issue on the spec level since in SAI we also make very minimal use of a specialized public inbox and it will require special considerations to prevent spam.
The text was updated successfully, but these errors were encountered:
Solid Protocol and WebID Profile do not require a public inbox. It is the specs that require a public inbox should include additional requirements and considerations to prevent spam.
It may be simpler to leave out the optional application behaviour to setting access permissions for an inbox. It does not impact interoperability given that another application (controlled by a user) can rightly set their own preferred access permissions.
the issue for tackling the use of public inboxes more broadly: solid/specification#464
https://solid.github.io/webid-profile/#inbox
I see this as a very risky suggestion. If the pod management app actually does, it can make storage vulnerable to spam. I think we should handle this issue on the spec level since in SAI we also make very minimal use of a specialized public inbox and it will require special considerations to prevent spam.
The text was updated successfully, but these errors were encountered: