Artefact Lifecycle Event Log

Living Standard,

This version:
https://mellonscholarlycommunication.github.io/spec-eventlog
Issue Tracking:
Inline In Spec
Editors:
(meemoo - Flemish Institute for Archives)
(IDLab - Ghent University)
(IDLab - Ghent University)
(IDLab - Ghent University)

CC0 To the extent possible under law, the editors have waived all copyright and related or neighboring rights to this work. In addition, as of 17 May 2023, the editors have made this specification available under the Open Web Foundation Agreement Version 1.0, which is available at http://www.openwebfoundation.org/legal/the-owf-1-0-agreements/owfa-1-0. Parts of this work may be from another specification document. If so, those parts are instead covered by the license of that specification document.

Abstract

This document specifies the requirements for implementing and hosting an Artefact Lifecycle Event Log.

1. Set of documents

This document is one of the specifications produced by the ResearcherPod and ErfgoedPod project:

  1. Overview

  2. Orchestrator

  3. Data Pod

  4. Rule language

  5. Artefact Lifecycle Event Log (this document)

  6. Notifications

  7. Collector

2. Introduction

In a decentralized network, an artefact can be shared between actors and processed by a multitude of services, each appending to the artefact’s lifecycle. For each artefact, a series of lifecycle events is therefore distributed over the network. This document introduces the Artefact Lifecycle Event Log, a data format and protocol for the recording and discovery of these events, in order to serve mostly applications related to network governance.

An Artefact Lifecycle Event Log is an artefact-centric, append-only, public Web resource that exposes a series of lifecycle events. These events are recorded using a data vocabulary encoded in RDF to ensure network-wide interoperability. In practice, the Artefact Lifecycle Event Log will often be an [LDP] Resource implementation that is natively supported of a Solid Data Pod. It is important to note, however, that similar to [LDN], a Artefact Lifecycle Event Log is a specialized use of Linked Data Platform [LDP] and is not dependent on a complete implementation of LDP. It only requires a minimal subset that is easy to implement.

This document describes

3. Document Conventions

Within this document, the following namespace prefix bindings are used:

Prefix Namespace
as https://www.w3.org/ns/activitystreams#
daen http://www.w3.org/ns/solid/daen#
ldp http://www.w3.org/ns/ldp#
prov http://www.w3.org/ns/prov#
dcat http://www.w3.org/ns/dcat#
ldes https://w3id.org/ldes#
st http://www.w3.org/ns/st#
acl http://www.w3.org/ns/auth/acl#
hydra http://www.w3.org/ns/hydra/core#

4. Applications of the Artefact Lifecycle Event Log

A Decentralized Artefact Exchange Network can support communities in the exchange of digital artefacts and services without the need of a central authority. Data about these exchanges is therefore distributed over every actor in the network. This intensifies an actor’s control over its data and severely reduces data duplication, but also makes it more difficult to get a clear picture about an artefact’s history. There is no longer a single go-to trusted authority that records and certifies who applied what services to an artefact and when. In a Decentralized Artefact Exchange Network, this information needs to be collected from different actors with varying levels of trust. The Artefact Lifecycle Event Log provides basic groundwork for publishing artefact lifecycles and thus supporting this collection process.

In short, an Artefact Lifecycle Event Log registers lifecycle events that the Decentralized Artefact Exchange Network instance desires to be to be publicly disclosed. This is determined by the nature of the network, the use cases it supports, and how lifecycle information is employed. Typically, a network instance requires these events to be common knowledge to guarantee its well-functioning. For instance, a food network might desire the publication of a completed health inspection process. It is therefore assumed that the dominant fraction of participating actors will experience sufficient incentive to host a Decentralized Artefact Exchange Network available to all actors in the network; and accurately record the selected lifecycle events. This pragmatic approach is needed because no decentralized design can force actors to comply, while maintaining truly scalable.

This document offers a minimal semantic data model to construct and publish artefact lifecycle events, which serves as a basis for technical interoperability, It is expected that a community that employs an instance of a Decentralized Artefact Exchange Network, extends this model with domain-specific event types that provide more meaning and understanding within the network instance. A community can also leverage lifecycle information as they see fit, resulting in one or more applications of the Artefact Lifecycle Event Logs. Some probable applications are given below:

4.1. Establishing trust in the integrity of an artefact

In some domains, an artefact’s value depends on its reconstructed lifecycle and whether this lifecycle can be trusted. For instance, in scholarly communication, a publication gains status after it has been certified by a certification service (eg. by a peer review process). Such lifecycle event should be registered in the Artefact Lifecycle Event Logs of both parties. When reconstructing the artefact’s lifecycle to assess its integrity, encountering such events in multiple places increases the trust.

4.2. Discovering entities on the network

A process that collects decentralized information needs a way to navigate the network and discover new artefacts. Given the potential size of the network, many data pods are still unknown when this process starts. Discovering unknown pods relies on existing links between actors and artefacts. Therefore, an Artefact Lifecycle Event Log can be used to find these links and serve as a routing mechanism. For instance, in a digital heritage network, a portal wants to discover relevant data stored in pods controlled by cultural heritage institutions. No knowing the location of these pods beforehand, the portal might consult the eventlog of a registry service hub first, to finds links to all datasets that were registered there.

5. Overview

A Artefact Lifecycle Event Log is a Web resource that is accessible by all actors inside a single network. When requested, it returns an ordered list of notable lifecycle events descriptions, each containing the what, who and when of the event. An actor can store new descriptions by updating this resource. The log maintains a chronological order; new events are appended to the end of the log. Hence, it MUST support producers appending events as described in § 8 Appending Lifecycle Events. It MAY also validate Lifecycle Events before they are added in accordance to § 11 Validating an Artefact Lifecycle Event Log.

An Artefact Lifecycle Event Log MUST be consumable for authorized actors in the network in accordance to § 9 Consuming an Artefact Lifecycle Event Log. Its URL MUST be discoverable through one of the methods described in § 7 Discovering an Artefact Lifecycle Event Log. Actors in the network MAY be authorized to read, append or change the permissions according to the authorization mechanism in § 10 Authorization. Lifecycle events MUST be described in the artefact lifecycle data vocabulary as defined in § 6 Vocabulary. An Artefact Lifecycle Event Log MUST be available in the [json-ld11] format, but it MAY support other data formats as well through content negotiation.

While not mandatory, each actor in the network is expected to host a Artefact Lifecycle Event Log per known artefact to allow effective network governance. As a result, a single Artefact Lifecycle Event Log MUST correspond to at least one artefact in the network, while an artefact MAY correspond to multiple Artefact Lifecycle Event Logs.

Alice and Bob have data pods that contain two resources: an artefact and an Artefact Lifecycle Event Log. Service Hubs also host a Artefact Lifecycle Event Log resource. Since Service Hub B certifies artefacts, the lifecycle event that Alice’s artefact A has been certified is in the logs of both Alice and Service Hub B. Also, Bob made a comment on Alice’s Artefact B, hence both actor’s logs contain the lifecycle event that artefact A has been commented on by Bob.

6. Vocabulary

An Artefact Lifecycle Event Log is described using a minimal data vocabulary, introducing a number of high level semantic types and properties. The Artefact Lifecycle Event Vocabulary can be used to construct an RDF 1.1 representation of the log and the lifecycle events it contains. The data vocabulary is fully compatible with PROV-O and the object types from Activity Streams 2.0. An overview is given in the figure below.

A diagram of the Artefact Lifecycle Event Vocabulary

The examples in the document use a predefined compliant JSON-LD context compliant with the Artefact Lifecycle Event Vocabulary.

add a high level explanation

6.1. Types

The following table lists the Artefact Lifecycle Event Vocabulary types. These semantic types that distinguish the different resources and actors that are involved in an artefact’s lifecycle.

Base URI:

http://www.w3.org/ns/solid/daen#

Preferred prefix:

daen

Classes:

daen:Artefact | daen:LifecycleEvent | daen:ArtefactLifecycleEventLog | daen:Maintainer | daen:ServiceHub

6.1.1. Type: daen:Artefact

URI: http://www.w3.org/ns/solid/daen#Artefact

A Web resource and Artefact that is the object of interaction between actors and retains a lifecycle within the network.

Example:

{
  "@context": "http://www.w3.org/ns/solid/daen/context.jsonld",
  "@id": "https://example.org/artefacts/1",
  "@type": ["Artefact","prov:Entity","as:Document"],
  "name": "Publication about WOII"
}
Subclass of:

as:Object, prov:Entity

Properties:

daen:eventLog

6.1.2. Type: daen:LifecycleEvent

URI: http://www.w3.org/ns/solid/daen#LifecycleEvent

A Artefact Lifecycle Event that impacted the lifecycle of a certain Artefact and is of value to the well-functioning of the network. They often result from an actor performing a service pertaining to that Artefact.

Example:

{
  "@context": "http://www.w3.org/ns/solid/daen/context.jsonld",
  "@id": "https://example.org/eventlog#1",
  "@type": "LifecycleEvent",
  "title": "Artefact was registered.",
  "startedAtTime": "2011-07-14T01:01:01Z",
  "endedAtTime": "2011-07-14T02:02:02Z",
  "artefact": {
    "@id": "https://example.org/artefacts/1"
  },
  "executor": {
    "@id": "https://registar.org/"
  },
  "generated": {
    "@id": "https://registar.org/registration/23813178"
  }
}
Subclass of:

prov:Activity

Properties:

daen:executor, daen:artefact

6.1.3. Type: daen:ArtefactLifecycleEventLog

URI: http://www.w3.org/ns/solid/daen#ArtefactLifecycleEventLog

A Web resource and Artefact Lifecycle Event Log that exposes an ordered collection of Artefact Lifecycle Events resources that pertain to certain Artefact.

Example:

{
  "@context": "http://www.w3.org/ns/solid/daen/context.jsonld",
  "@id": "https://example.org/eventlog",
  "@type": "ArtefactLifecycleEventLog",
  "title": "Artefact Lifecycle Event Log",
  "isEventLogOf": {
    "@id": "https://example.org/artefacts/1",
    "@type": ["Artefact","prov:Entity"],
    "name": "Publication about WOII"
  },
  "contains": [
    {
      "@id": "https://example.org/eventlog#1",
      "@type": ["LifecycleEvent, prov:Activity"],
      "title": "Artefact was registered.",
      "startedAtTime": "2011-07-14T01:01:01Z",
      "endedAtTime": "2011-07-14T02:02:02Z",
      "artefact": "https://example.org/artefacts/1",
      "executor": "https://registar.org/",
      "generated": "https://registar.org/registration/23813178"
    },
    {
      "@id": "https://example.org/eventlog#2",
      "@type": ["LifecycleEvent, prov:Activity"],
      "title": "Artefact was certified.",
      "startedAtTime": "2011-07-16T01:01:01Z",
      "endedAtTime": "2011-07-16T02:02:02Z",
      "artefact": "https://example.org/artefacts/1",
      "executor": "https://certifier.org"
    },
    {
      "@id": "https://example.org/eventlog#3",
      "@type": ["LifecycleEvent, prov:Activity"],
      "title": "Artefact was archived.",
      "startedAtTime": "2011-07-17T01:01:01Z",
      "endedAtTime": "2011-07-17T02:02:02Z",
      "artefact": "https://example.org/artefacts/1",
      "executor": "https://archive.org"
    }
  ]
}
Subclass of:
Properties:

daen:isEventLogOf, ldp:contains, daen:maintainer

6.1.4. Type: daen:Maintainer

URI: http://www.w3.org/ns/solid/daen#Maintainer

A Actor, Maintainer and Human Agent that participates on the network and generates activities pertaining to the lifecycle of an Artefact.

Example:

{
  "@context": "http://www.w3.org/ns/solid/daen/context.jsonld",
  "@id": "https://www.kb.nl#me",
  "@type": ["Maintainer", "as:Organization"],
  "as:name": {
    "@value": "National Library",
    "@language": "en"
  }
}
Subclass of:

prov:Agent, as:Person, as:Organization

Properties:

6.1.5. Type: daen:ServiceHub

URI: http://www.w3.org/ns/solid/daen#ServiceHub

A Actor and Service Hub that performs services pertaining to the lifecycle of an Artefact.

Example:

{
  "@context": "http://www.w3.org/ns/solid/daen/context.jsonld",
  "@id": "http://registar.org",
  "@type": "ServiceHub",
  "as:name": {
    "@value": "Registry service",
    "@language": "en"
  }
}
Subclass of:

prov:Agent, as:Service, dcat:DataService

Properties:

6.2. Properties

The following table lists the Artefact Lifecycle Event Vocabulary properties. These describe the relationship between the different resources and actors that are involved in an artefact’s lifecycle.

A diagram of the Artefact Lifecycle Event Vocabulary
Base URI:

http://www.w3.org/ns/solid/daen#

Preferred prefix:

daen

Properties:

daen:eventLog | daen:isEventLogOf | daen:artefact | daen:maintainer | daen:executor

External properties:

ldp:contains | prov:generated | prov:startedAtTime | prov:endedAtTime | dct:title | sec:signature | sec:creator

6.2.1. Property: daen:eventLog

URI: http://www.w3.org/ns/solid/daen#eventLog

The Artefact Lifecycle Event Log that represents the lifecycle of an Artefact.

Subproperty of:
In domain:

daen:Artefact

In range:

daen:ArtefactLifecycleEventLog

6.2.2. Property: daen:isEventLogOf

URI: http://www.w3.org/ns/solid/daen#isEventLogOf

The Artefact which lifecycle is represented by tArtefact Lifecycle Event Log of this .

Subproperty of:
In domain:

daen:ArtefactLifecycleEventLog

In range:

daen:Artefact

6.2.3. Property: daen:artefact

URI: http://www.w3.org/ns/solid/daen#artefact

The artefact whose lifecycle the Lifecycle Event belongs to.

Subproperty of:

prov:used

In domain:

daen:LifecycleEvent

In range:

daen:Artefact

6.2.4. Property: daen:maintainer

remove this property because not needed (see signatures)?

URI: http://www.w3.org/ns/solid/daen#maintainer

The Maintainer who maintains the Artefact Lifecycle Event Log resource.

Subproperty of:
In domain:

daen:ArtefactLifecycleEventLog

In range:

daen:Maintainer | daen:ServiceHub

6.2.5. Property: daen:executor

URI: http://www.w3.org/ns/solid/daen#executor

The Maintainer or Service Hub who executed the event.

Subproperty of:

prov:wasAssociatedWith

In domain:

daen:LifecycleEvent

In range:

daen:Maintainer | daen:ServiceHub

6.2.6. External properties

6.2.6.1. Property: ldp:contains

URI: http://www.w3.org/ns/ldp#contains

The Lifecycle Event that is contained by this Artefact Lifecycle Event Log.

Subproperty of:
In domain:

daen:ArtefactLifecycleEventLog

In range:

daen:LifecycleEvent

6.2.6.2. Property: prov:generated

URI: http://www.w3.org/ns/prov#generated

A secondary Artefact that resulted from this Lifecycle Event.

Subproperty of:
In domain:

daen:LifecycleEvent

In range:

daen:Artefact

6.2.6.3. Property: prov:startedAtTime

URI: http://www.w3.org/ns/prov#startedAtTime

The moment the Lifecycle Event started.

Subproperty of:
In domain:

daen:LifecycleEvent

In range:

xsd:dateTime

6.2.6.4. Property: prov:endedAtTime

URI: http://www.w3.org/ns/prov#endedAtTime

The moment the Lifecycle Event ended.

Subproperty of:
In domain:

daen:LifecycleEvent

In range:

xsd:dateTime

6.2.6.5. Property: dct:title

URI: http://purl.org/dc/terms/title

The title of the Lifecycle Event.

Subproperty of:
In domain:

daen:LifecycleEvent

In range:

xsd:string

6.2.6.6. Property: sec:signature

URI: https://w3id.org/security#signature

The title of the Lifecycle Event.

Subproperty of:
In domain:

daen:LifecycleEvent

In range:

sec:Signature

6.2.6.7. Property: sec:creator

URI: https://w3id.org/security#creator

The title of the Lifecycle Event.

Subproperty of:
In domain:

sec:Signature

In range:

daen:Maintainer | daen:ServiceHub

6.3. Signing lifecycle events

Lifecycle events that belong to a single Artefact can be produced by different actors in the network. While one can derive the actor who executed the event via the [[#property-executor|daen:executor]] property, it is also essential to derive who vouches for its existence. This is done by signing the serialized Lifecycle Event and adding the who, what, and when of the digital signature. Often, the actor who executes the event is the same as the one who sings it, although this is should not always be the case.

An event of type [[#type-lifecycle-event|daen:LifecycleEvent]] SHOULD contain a [[#property-signature|sec:signature]] property. The signature MUST be typed as one of the classes in The Security Vocabulary § classes and MUST be a valid Linked Data Signature. It MUST contain the property sec:creator with the URI of the signing actor as value.

{
  "@context": "http://www.w3.org/ns/solid/daen/context.jsonld",
  "@id": "https://example.org/eventlog#1",
  "@type": "LifecycleEvent",
  "title": "Artefact was registered.",
  "startedAtTime": "2011-07-14T01:01:01Z",
  "endedAtTime": "2011-07-14T02:02:02Z",
  "artefact": {
    "@id": "https://example.org/artefacts/1"
  },
  "executor": {
    "@id": "https://registar.org/"
  },
  "generated": {
    "@id": "https://registar.org/registration/23813178"
  },
  "signature": {
    "@type": "GraphSignature2012",
    "creator": "https://registar.org/",
    "signatureValue": "OGQzNGVkMzVm4NTIyZTkZDYMmMzQzNmExMgoYzI43Q3ODIyOWM32NjI="
  }
}

7. Discovering an Artefact Lifecycle Event Log

An Artefact Lifecycle Event Log can be discovered with multiple methods:

  1. Actors issue a request to any resource to retrieve the Artefact Lifecycle Event Log's URL from a link (§ 7.1 Discovery via link).

  2. Actors use [shapetrees] description to pinpoint the Artefact Lifecycle Event Log's URL (§ 7.2 Discovery via Shape Trees)

how to pinpoint what resources can lead to such link? Who is hosting them?

Any artefact resource MUST support the first discovery method. They MAY support the additional [shapetrees] method. Actors MAY choose the order in which they try these discovery methods

An actor MUST try at least one of the following:

An actor may be carried out in either order, but if the one fails to result in an Artefact Lifecycle Event Log the alternatives MUST be tried. A resource MAY advertise multiple Artefact Lifecycle Event Log resources, for example an artefact aiding in the discovery of its lifecycle distributed over the network. A Artefact Lifecycle Event Log MAY be used by multiple resources, for example using a single Artefact Lifecycle Event Log to collect the Lifecycle Events from all Artefacts in a data pod.

In case of an RDF resource located at resourceURI, any implementation linking an Event Log located at eventLogURI through an in-body link MUST add the following data triple to the document body: 
@prefix daen: <http://www.w3.org/ns/solid/daen#> . 

<https://example.org/artefacts/1> daen:eventLog <https://example.org/eventlog>.
In case of an HTML resource located at resourceURI, any implementation linking an Event Log located at eventLogURI through an in-body link MUST add use a Link element in the HTML body as follows: 
<!doctype html>

<html lang="en">
<head>
  <meta charset="utf-8">

  <title>A Basic HTML5 Template</title>

  <link rel='http://www.w3.org/ns/solid/daen#eventLog' href='https://example.org/eventlog' />
</head>
<body>
    ...
</body>
</html>
Any resource with a linked Event Log that does not advertise this Event Log through an in-body link MUST advertise this Event Log through a Link header in the server response as follows: 
Link: <https://example.org/eventlog>; rel="http://www.w3.org/ns/solid/daen#eventLog".

get more specifics on the method below

Certain data formats may use an external resource to aggregate metadata and/or serve as an entry-point for multiple resources. The implementer MAY choose to aggregate the Artefact Lifecycle Event Log entities advertised by the aggregated resources in the aggregation resource, and advertise them from this resource. Alternatively, the implementer may choose to advertise a single Artefact Lifecycle Event Log instance from the aggregation resource for all aggregated resources.

Any implementation MAY support the discovery of an Event Log through an external resource. In this case, the actor MUST make an HTTP HEAD or GET request on the target URL. The actor must search in the response headers for a Link header with a rel value of meta and in the response body for a link element with a rel value of meta in the case of a [html] representation, or for a data triple with a predicate value of rdf:seeAlso in case of an RDF 1.1 encoding.

The aggregation resource located at aggregationResourceURI MUST be linked for all aggregated resources through EITHER an in-body link of the form: 
<link rel='meta' href='{aggregationResourceURI}' />
in case of a HTML resource and 
<resourceURI> rdf:seeAlso <aggregationResourceURI> .
in case of an RDF encoding OR using a Link header of the form: 
Link: <aggregationResourceURI>; rel=meta

7.2. Discovery via Shape Trees

Any implementation MAY support the discovery of an Artefact Lifecycle Event Log through [shapetrees] defined in the data platform.

In the Solid ecosystem, All created Artefact Lifecycle Event Log resources SHOULD be discoverable in the data pod through the pod’s Shape Tree. This enables actors in the network to efficiently aggregate all Lifecycle Event data in the data pod for which they have Read permissions.

// The Events folder contains EventLog containers
<#Events> st:expectsType st:ShapeTreeContainer ;
	st:contains <#EventStream> ; 

// An Event Log is a container in the Solid ecosystem containing Event resources.
<#EventStream> tree:expectsType st:ShapeTreeContainer ;
	st:contains <#Event> ;
	
// An Event resource is Validated by a base Event shape
<#Event> tree:expectsType st:ShapeTreeResource ;
	st:validatedBy <EventShape> ;

<EventShape> { ... }

8. Appending Lifecycle Events

An actor can append Lifecycle Events by sending a POST request to the Artefact Lifecycle Event Log.

In case authorization is enabled for the Artefact Lifecycle Event Log, the actor MUST have append permissions to execute this action.

Before appending an event to the Artefact Lifecycle Event Log, the client SHOULD try to discover if validation is enabled for the Artefact Lifecycle Event Log. In case validation is enabled, the client SHOULD try to validate the event first on the client with the discovered validation link.

Any event that is successfully posted and validated MUST be added to the Artefact Lifecycle Event Log. The permissions for the event SHOULD per default be inherited from the Artefact Lifecycle Event Log permissions.

On a successful POST request, the event MUST be added on a URI eventURI and MUST be defined in the body of its Artefact Lifecycle Event Log with URI eventLogURI using an RDF triple of the form:

<eventLogURI> ldp:contains <eventURI> .

8.1. Pagination

A Artefact Lifecycle Event Log MAY make use of pagination. Any used pagination system MUST make sure that ALL events in the Artefact Lifecycle Event Log can be retrieved by following the available next links. These links MUST be provided either as a Link header of the form:

Link: <nextPageLocation>; rel="next"
or in the body of the Artefact Lifecycle Event Log / a retrieved page of the Artefact Lifecycle Event Log as a data triple: 
<eventLogURI> hydra:next <nextPageLocation> .
Any implementation MAY provide additional pagination support or filtering possibilities, and SHOULD advertise these using the appropriate mechanisms detailed by their specifications.

9. Consuming an Artefact Lifecycle Event Log

An actor can consume a Artefact Lifecycle Event Log by sending a GET request.

On a successful GET request on the Event Log URI eventLogURI, the actor can discover the URIs of the available events by processing the Artefact Lifecycle Event Log body for all data triples of the form:

<eventLogURI> ldp:contains <eventURI> .
The consumer implementation MAY include alternate approaches to retrieving events from an Artefact Lifecycle Event Log, but MUST support this retrieval method.

9.1. Pagination

Any consumer implementation MUST support pagination through following advertised next links. On a GET request to an Artefact Lifecycle Event Log / Artefact Lifecycle Event Log page on URI eventLogPageURI with an Accept header of type text/turtle, the consumer MUST process the server response for a Link header with a rel value of "next". The response body MUST be processed to discover any data triples of the form:

<eventLogPageURI> hydra:next <nextPageLocation> .
Any implementation MAY support additional advertised pagination or filtering approaches, but MUST support this approach for consuming a paginated Artefact Lifecycle Event Log.

10. Authorization

Any platform implementing the Artefact Lifecycle Event Log mechanism MAY support authorization for the following aspects of the Artefact Lifecycle Event Log mechanism:

Any implementation of authorization for an Artefact Lifecycle Event Log MUST make use of Web Access Control (WAC). The discovery of the ACL document for a resource MUST be done according to the ACL spec. The setting of permissions for a resource happens by creating / updating the ACL file for that resource.

NOTE: Depending of the course of the Solid Project, this dependency on WAC may be updated to include newer approaches to authorization, as the goal is to maintain compatibility with the Solid Project.

10.1. Read authorization

Any actor with Read permissions set for an Artefact Lifecycle Event Log MUST be able to discover all Events in the Artefact Lifecycle Event Log to which the actor has Read permissions. Any actor with Read permissions set for an Artefact Lifecycle Event Log SHOULD automatically have read permission for all the stored events, UNLESS explicitly defined otherwise by the individual events. The implementation MAY restrict the actor from discovering events in the Artefact Lifecycle Event Log for which the actor does not have Read permissions. Any actor without Read permissions for an Artefact Lifecycle Event Log SHOULD NOT be able to discover the Event in the Artefact Lifecycle Event Log, even if the actor has Read permissions for individual events in the Artefact Lifecycle Event Log.

10.2. Append authorization

Any actor with Append permissions set for an Artefact Lifecycle Event Log MUST be able to append Events to the Artefact Lifecycle Event Log.

Note: The implementation MAY decide to use EITHER acl:Write OR acl:Append as the permission to append events to the Artefact Lifecycle Event Log, but the platform MUST support the use of POST operations on the Artefact Lifecycle Event Log for the chosen permission.

10.3. Update permissions authorization

Any actor with Update permissions set for an Artefact Lifecycle Event Log MUST be able to edit permissions for all actors for the Artefact Lifecycle Event Log. Any actor with Update permissions set for an Artefact Lifecycle Event Log MUST be able to edit permissions for all individual events in the Artefact Lifecycle Event Log UNLESS explicitly defined otherwise by the individual events.

10.4. Event specific read authorization

Any actor with Read permissions set for an event MUST be able to read this event, and discover the event in the Artefact Lifecycle Event Log in the case of Read permissions for the Artefact Lifecycle Event Log.

10.5. Event specific update permissions authorization

Any actor with Update permissions set for an event MUST be able edit permissions for all actors for this event.

11. Validating an Artefact Lifecycle Event Log

Any implementation of the Artefact Lifecycle Event Log mechanism MAY add support for validating events that are appended to the Artefact Lifecycle Event Log. In case an actor tries to append an event to the Artefact Lifecycle Event Log that cannot be validated, the event MUST NOT be added to the Artefact Lifecycle Event Log and an appropriate 4xx error code must be returned. The following sections define the different possibilities for providing a shape file, located at shapeFileLocation, to which an event MUST validate before it can be added to the Artefact Lifecycle Event Log. If a shape file is advertised using any of the different methods described in the following sections, the server MUST validate all incoming requests to append an event to the Artefact Lifecycle Event Log and MUST reject all requests for which the event fails this validation step.

A request to the Artefact Lifecycle Event Log MAY return the following Link header:

Link: <shapeFileLocation>; rel=http://www.w3.org/ns/ldp#constrainedBy
In this case, the server MUST validate all incoming requests to append an event to the Artefact Lifecycle Event Log for the advertised shape file.

11.2. Validation in-body Link

The Artefact Lifecycle Event Log MAY provide the following links in the resource body:

<link rel='http://www.w3.org/ns/ldp#constrainedBy' href='{shapeFileLocation}'/>
in the case of an HTML resource, and 
<eventLogURI> <http://www.w3.org/ns/ldp#constrainedBy> <shapeFileLocation>.

in case of an RDF resource. In this case, the server MUST validate all incoming requests to append an event to the Artefact Lifecycle Event Log for the advertised shape file. http://www.w3.org/ns/ldp#constrainedBy

11.3. Shape Tree Validation

In a Solid environment, the shape file to which all events in the Artefact Lifecycle Event Log must validate MAY be advertised using a st:validatedBy link in the Shape Tree. In this case, the implementation SHOULD also advertise this shape file using EITHER a link header or an in-body link.

// An Artefact Lifecycle Event Log is a container in the Solid ecosystem containing Event resources.
<#EventStream> tree:expectsType st:ShapeTreeContainer ;
	st:contains <#Event> ;
	
// All event resources MUST validate for the advertised shape
<#Event> tree:expectsType st:ShapeTreeResource ;
	st:validatedBy <shapeFileLocation> ;

12. Acknowledgement

We thank Herbert Van de Sompel, DANS + Ghent University, hvdsomp@gmail.com for the valuable input during this project.

Conformance

Conformance requirements are expressed with a combination of descriptive assertions and RFC 2119 terminology. The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in the normative parts of this document are to be interpreted as described in RFC 2119. However, for readability, these words do not appear in all uppercase letters in this specification.

All of the text of this specification is normative except sections explicitly marked as non-normative, examples, and notes. [RFC2119]

Examples in this specification are introduced with the words “for example” or are set apart from the normative text with class="example", like this:

This is an example of an informative example.

Informative notes begin with the word “Note” and are set apart from the normative text with class="note", like this:

Note, this is an informative note.

Index

Terms defined by this specification

Terms defined by reference

References

Normative References

[LINKED-DATA-PROOF]
Manu Sporny; Dave Longley. Linked Data Proofs 1.0. Draft Community Group Report. URL: https://w3c-ccg.github.io/ld-proofs
[RFC2119]
S. Bradner. Key words for use in RFCs to Indicate Requirement Levels. March 1997. Best Current Practice. URL: https://datatracker.ietf.org/doc/html/rfc2119
[SECURITY-VOCAB]
Manu Sporny; Orie Steele; Tobias Looker. The Security Vocabulary. Draft Community Group Report. URL: https://w3c-ccg.github.io/security-vocab/
[SERVICE-WORKERS]
Jake Archibald; Marijn Kruisselbrink. Service Workers. URL: https://w3c.github.io/ServiceWorker/
[SHAPETREES]
Eric Prud'hommeaux; Justin Bingham. Shape Trees Specification. Editor’s Draft. URL: https://shapetrees.org/TR/specification/
[SOLID-PROTOCOL]
Sarven Capadisli; et al. The Solid Protocol. Editor’s Draft. URL: https://solidproject.org/TR/protocol
[SPEC-OVERVIEW]
Miel Vander Sande; et al. Overview of the ResearcherPod specifications. Editor’s Draft. URL: http://mellonscholarlycommunication.github.io/spec-overview/

Informative References

[ACTIVITYSTREAMS-VOCABULARY]
James Snell; Evan Prodromou. Activity Vocabulary. URL: https://w3c.github.io/activitystreams/vocabulary/
[HTML]
Anne van Kesteren; et al. HTML Standard. Living Standard. URL: https://html.spec.whatwg.org/multipage/
[JSON-LD11]
Gregg Kellogg; Pierre-Antoine Champin; Dave Longley. JSON-LD 1.1. URL: https://w3c.github.io/json-ld-syntax/
[LDN]
Sarven Capadisli; Amy Guy. Linked Data Notifications. URL: https://linkedresearch.org/ldn/
[LDP]
Steve Speicher; John Arwe; Ashok Malhotra. Linked Data Platform 1.0. URL: https://www.w3.org/2012/ldp/hg/ldp.html
[PROV-O]
Timothy Lebo; Satya Sahoo; Deborah McGuinness. PROV-O: The PROV Ontology. 30 April 2013. REC. URL: https://www.w3.org/TR/prov-o/
[RDF-PRIMER]
Frank Manola; Eric Miller. RDF Primer. 10 February 2004. REC. URL: https://www.w3.org/TR/rdf-primer/
[RDF11-CONCEPTS]
Richard Cyganiak; David Wood; Markus Lanthaler. RDF 1.1 Concepts and Abstract Syntax. 25 February 2014. REC. URL: https://www.w3.org/TR/rdf11-concepts/
[RDF11-PRIMER]
Guus Schreiber; Yves Raimond. RDF 1.1 Primer. 24 June 2014. NOTE. URL: https://www.w3.org/TR/rdf11-primer/

Issues Index

add a high level explanation
remove this property because not needed (see signatures)?
how to pinpoint what resources can lead to such link? Who is hosting them?
get more specifics on the method below