Is there a scope context mechanism for clearing context definitions? #98
Comments
|
By the way, the exact example given above does not work in the playground, the term |
|
I'm probably missing the point, but can you not unset |
|
The |
|
@dlongley Ok, makes sense. How would this play with "sealed" contexts? |
|
Yes, this is related to "sealed" contexts. I think one of the properties of sealed contexts should be to enable term overrides using embedded contexts. It may be that an embedded |
|
The first part does, IIUC: contexts in the instance would override contexts from elsewhere, even if they don't "want" to be overridden, because the instance author is the ultimate authority. |
|
For "sealed" contexts, suppose a context array like this:
In this case, a JSON-LD processor should ignore any "overriding" term definitions provided in context 2 and 3, always keeping the definition from context 1. This much is clear. But what happens in the case of an embedded context? Here, I would expect us to need additional/different behavior. And it may turn out that it would be nice to have this different behavior whether a context is sealed or not. Essentially, being able to say "treat this document as an embedded one that knows nothing about its parent information" is valuable. It may be, that for sealed contexts, we will need to "enable" this to happen ... or it could happen automatically, but that seems more dangerous. |
|
I can imagine core W3C data model specs defining some kind of JSON tree that looks like this: {
"@context": "some_sealed_context",
"service": {
"id": "ex:fooService",
"endpoint": "https://example.com"
}
}Now, if an instance author does this: {
"@context": "some_sealed_context",
"service": {
"@context": {
"endpoint": "ex:haha_tricked_you",
"realEndpoint": "ex:endpoint"
},
"id": "ex:fooService",
"endpoint": "https://junk.example.com",
"realEndpoint": "https://example.com"
}
}All the software that performs JSON-LD processing will use a different endpoint from the software that does not. I don't think we can assume that an embedded context can always override terms. I think we may want to be able to say "here's where you can override terms/here's where terms must be overridden". It's a more clean way of calling out where extensions are expected to be or where "embedded documents" can more freely override (anything). |
Yes, it would look something like this: {
"@context": {
"extensionsGoHere": {"@id": "ex:extension", "@context": null}
}
"extensionsGoHere": {
"@context": "whatever"
}
} |
|
It seems like we might be talking about a few things here:
So there's a lot of ways those things could interact (I kind of want to write down a combinatorial table here, but I'm not sure what I would be computing!) I'd like to try and simplify the discussion (just for a bit). Perhaps we can leave aside sealing (I realize that we can only do that for a little while) and think about unsealed contexts only and the latter two relationships. In a world without sealed contexts (just for now! :) ) what would this feature look like? Would it enable instance contexts to easily blank out the computed context and "start afresh"? I'm just trying to get my head around a small piece of this before we reintroduce sealing, because sealing is also hypothetical for the moment and I'd like to minimize the hypotheticals in my brain. It's not much larger than Pooh's. 😵 |
|
I agree that we're talking about a number of different things and how they interact. :)
Yes, it would enable instance contexts to blank out the computed context and "start afresh". In particular, it would do so for certain terms (i.e. any objects under the term "x" would have a "fresh start"). The use case for this would be to ensure that nothing "leaks in" from the original instance context into whatever is embedded within a certain term, without undefining the term itself. It enables encapsulation and, because of that, I would expect it to often be used in conjunction with |
|
Setting aside the sealed/frozen nature, setting either Arguably, setting How to clear a sealed/frozen term definition? This needs discussion, if we want to allow it at all. |
|
@ajs6f said:
Sounds like adding a fair bit of complication. Is this a real-world concern? |
|
Step 3.1 of the Context Processing Algorithm indicates that
|
Yes, that's true, but what of scoped contexts?
I have a real world use case of embedding sub documents (which are treated as sub graphs) that should not have to concern themselves at all with the sealed context of the container: {
"@context": "some outer sealed stuff",
"type": "SomeOperationToAddARecordToABlockchain",
...,
"record": {
"@context": "some inner stuff that doesn't care/know about outer stuff",
...
}
} |
The processing should be the same, as it's treated as if the
Perhaps it should do the following: {
"@context": "some outer sealed stuff",
"type": "SomeOperationToAddARecordToABlockchain",
...,
"record": {
"@context": [null, "some inner stuff that doesn't care/know about outer stuff"],
...
}
} |
|
@dlongley I think part of the difficulty for me here is that the gesture of blanking out a term or the whole context is something sealing is supposed to disallow, right? So we've got at least three categories: the original sealed context, contexts that are not allowed to alter it, and contexts that can. Is it possible to partition the last two on a scope boundary, or on the boundary between retrieved and embedded contexts? Or must we think about a new and fresh way to signify a "able to defeat sealing" context? (Also, we might want a name for that category, if only for discussion.) |
See below -- I think this needs to be done from within the sealed context.
Yes. I think it should only be permitted if the sealing context allows for it by clearing the context.
I think the sealing context has to enable "defeat" in targeted areas by clearing the context for those terms via scoped contexts (or using some kind of |
|
I may not understand the whole issue... but it looks to me as if we wanted to have some
Obviously, there are defaults: if the context is sealed then, by default, all terms are sealed and if context is not sealed then, by default, non of the terms are sealed. Can this solve the use cases, @dlongley? |
I think the table is good and makes sense and would solve some use cases. I think it would also at least partially solve the use case here, but perhaps not entirely. Let me work through it below. So, a use case that we have is that we want a sealed context to be able to say that the term So, this would be insufficient: {
"@context": [
{
"@sealed": true,
"bar": "ex:bar",
"foo": {"@id": "ex:foo", "@sealed": false}
},
{
"foo": "ex:not_foo"
}
}],
"foo": "this should be 'ex:foo' for this use case, but it is not"
}Because it allows {
"@context": "...",
"foo": { /* `foo` should always be 'ex:foo' here */
"foo": "this can be 'ex:not_foo', no problem"
}
}So, you can see that we'd need something more than just saying {
"@context": [
{
"@sealed": true,
"bar": "ex:bar",
"foo": {
"@id": "ex:foo",
"@context": {
"ex:foo": {"@id": "ex:foo", "@sealed": false}
}
}
}],
"foo": { /* yay, this would still be `ex:foo` */
"@context": {
"foo": "ex:not_foo"
},
"foo": "this can be 'ex:not_foo', no problem"
}
}But that could get quite verbose for many terms. Of course, this could be possibility avoided like this: {
"@context": [
{
"@sealed": true,
"bar": "ex:bar",
"foo": {
"@id": "ex:foo",
"@context": {"@sealed": false}
}
}],
"foo": { /* yay, this is still 'ex:foo' */
"@context": {
"foo": "ex:not_foo"
},
"foo": "this can be 'ex:not_foo', no problem"
}
}This would not achieve the goals of this particular issue, which is to automatically clear all term definitions within the "scope" of "foo", but it would "unseal" all term definitions to allow for them to be redefined. I believe this also enables us to say that an "embedded" context does NOT automatically unseal anything, rather, the sealed context MUST explicitly use scoped contexts to say where any terms can be unsealed. So a big +1 to this for dealing with the sealing/unsealing issue on its own. Now, regarding this particular issue, per @gkellogg's comment it seems to me that clearing all term definitions should actually work per the spec today, but does not in the implementations. So we may just have a bug. We may need further spec clarification (not sure?). But fixing the bug would ensure that this works too: {
"@context": [
{
"@sealed": true,
"bar": "ex:bar",
"foo": {"@id": "ex:foo", "@context": null}
}
],
"foo": { /* yay, this is "ex:foo" */
"@context": {
"foo": "ex:not_foo"
},
"foo": "this can be 'ex:not_foo', no problem"
}
}I think the above with {
"@context": [
{
"@sealed": true,
"bar": "ex:bar",
"foo": {"@id": "ex:foo", "@context": [null, {"@sealed": false}]}
}
],
"foo": { /* yay, this is "ex:foo" */
"@context": {
"foo": "ex:not_foo"
},
"foo": "this can be 'ex:not_foo', no problem"
}
}What do you think? I think if we can support some variant of the above we'll cover all the cases. |
I am trying to find a clear way of explaining all this that does not sound to be too complicated. What I had in mind was:
If I understand your examples, it does solve the various issues, albeit a bit verbose here and there. But a bit of verbosity is, I believe, acceptable if the processing rules are clear... |
|
This issue was discussed in a meeting.
View the transcript5.3. Is there a scope context mechanism for clearing context definitions?Benjamin Young: #98 Rob Sanderson: we should give it a deadline, e.g., F2F in feb Benjamin Young: this issue is also related to scoped contexts … most of the hard issues are related to how this relates to sealed contexts … maybe @context is an array and the first value of that array is null … and the 2nd value is actually a reference to an external context … the issue with regard to sealed context, is the fact that because it is sealed it cannot be cleared … maybe it needs some special language to do so Rob Sanderson: seems like it fits to the sealed context discussion, so we should discuss them together |
|
This issue was discussed in a meeting.
View the transcriptRob Sanderson: Github issue: #20Ivan Herman: Related issues: #98 and #108 Rob Sanderson: We want to have it such that contexts that are processed after sealed contexts are unable to change the definition of terms. … So, if you see something like “foo” in the context, you can be confident of its meaning from the sealed context. … There is also the desire to “unseal” sealed terms. dlongley is champion from Credentidals WG. Dave Longley: The main reason for the feature is that there are a number of specifications that add prose to text about order of contexts, and that you can extend the context, but may not override terms. There’s no mechanism to enforce this. Rob Sanderson: An example of such language: https://iiif.io/api/presentation/2.1/#linked-data-context-and-extensions Dave Longley: People sometimes don’t use JSON-LD processors, and could interpret the data differently then those using JSON-lD procesors. Rob Sanderson: And: https://iiif.io/api/presentation/3.0/#45-linked-data-context-and-extensions Dave Longley: The other issue is related: we want a base context to define terms, and call-out an area where you can clear out the sealed contexts. You could use a scoped context to define a new scoped context for whatever is under that term. Pierre-Antoine Champin: I’m not sure I understand the use case for allowing people to unseal the context. My understanding is that, in some vocabularies, a term is an extension point, so that below that term the sealed context shouldn’t apply. … I’d understand the case where it’s always cleared, but not where it “could be” Dave Longley: Yes, it would be a clean-slate by definition. Benjamin Young: https://w3c.github.io/web-ledger/ Benjamin Young: https://github.com/digitalbazaar/jsonld-patch/tree/implementation Dave Longley: The case for unsealing is used in web ledger, which allows you to store arbitrary data, and has know knowledge of being in a ledger. … In the case of json-ld patch, you want to be able to update arbitrary values in a document, in particular, if you want to be able to digitally sign patches. … You could use a scoped context for “value” to clear the context. It’s the case that you want a clean slate and allow users to override the context using embedded or scoped contexts. Benjamin Young: Conceptually, this feels like “important!” in CSS, to not allow things to be overridden. … I think dlongley’s point about how specs are written in the last couple of years is in play in so many places that a sealing mechanism is important. David Newbury: We talked about JSON literals before, could that be a way to handle content that is not associated with the context? Dave Longley: We looked at that, but it ends up being much more difficult, because of how signing works. … You’d end up having to canonicalize the JSON, and it becomes a mess. It avoids pitfalls where we want to avoid causing everything to be marked as a JSON literal. Rob Sanderson: In IIIF, we have the same wording, but it puts the contexts at the end, rather than the beginning, but we do want to have extension points. … Similarly, we use language maps, annotations uses string, we want those to be used together. Gregg Kellogg: Having something that prevents you from saying @context None would be inadvisable … it does what people have asked for to create the clean slate … it requires that values for terms to have their own context, so would need to be explicitly set … is there expectation about changing the default content is up higher. … If Annotations defines a term, data, and you want to unseal it. You add null as a scoped context … If you want to have the data in schema.org in data, you could do it with a scoped context that’s an array with null as the first entry, but it’s sealed … so the context needs to unseal itself Ivan Herman: The usage of “sealed” seems to be straightforward. I wonder about unsealing only appears when we talk about embedded contexts, is that correct? … If I have an array of contexts it’s different than if I have an embedded context. Dave Longley: I think that the main use case where you set context to null, should then allow the scoped context, or via an embedded context. If you defined “data” in a sealed context, you’d then say "@context": null, the second context could then define the term and introspects into the sealed context to see that the term can be overridden because it has a scoped context of null. … I think we should keep the cascading order we have. Rob Sanderson: +1 to last in winning Dave Longley: It can’t override terms, but can override scoping. Rob Sanderson: I think we can’t change definition order either. Dave Longley: +1 to sealing individual terms Jeff Mixter: +1 to individual term sealing Dave Longley: (we’ve worked out some of these details in #98) Rob Sanderson: what about sealing specific terms in a context? Then, we wouldn’t need to worry about unsealing different things. … What would current processors due if they had a …? Dave Longley: "data": {"@id": "foo:data", "@container": "@graph", "@context": null, "@Sealed": true} => enables a later @context to define: "data": {"@context": "..."} Dave Longley: "data": { "@id": "foo:data", "@container": "@graph", "@context": null, "@Sealed": true } => enables a later "@context to define: "data": {"@context": "..."} Rob Sanderson: "@context": [ { "data": { "@id": "eg:data", "@Sealed": false } }, { "data": { "@context": "http://example.org/data-context.jsonld" } } ] David Newbury: The only place I can unseal something is within the context that seals it. I can’t add something that unseals something that had previously been sealed. Rob Sanderson: -1 to restricting to graph containers Benjamin Young: I about how we can express this so that the behavior is obvious. Rob Sanderson: E.g. An LDP implementation for Annotations should not require a graph container to put an annotation in a page Benjamin Young: Perhaps something the scopes the sealing to the term, the content, or something else. … Perhaps the @Sealed could have different values? Benjamin Young: "@Sealed": "@id" Benjamin Young: "@Sealed": "@context" Jeff Mixter: maybe we can walk through the IIIF use case in DC next month Dave Longley: I think we can safely add "@Sealed": "`"` (in a backwards compatible way) if we find that `"@Sealed": true` is insufficient for use cases Rob Sanderson: My understanding is that if you seal a context (or a set of terms), you’re only sealing the terms it defines. You could have a term outside that context can do whatever it wants, including override terms that would have come from an inherited context. Rob Sanderson: {"data2": {"@context": {"data": ... }} Rob Sanderson: If “data2” is defined in a separate context, and within that you define “data”, that could conflict with a sealed “data” term. Dave Longley: If you tried to use that I would expect that to be an error. Pierre-Antoine Champin: I’m not a fan of sealing or unsealing individual terms, saying "@Sealed": false would not be good. Jeff Mixter: What if someone want’s to just point at a different context and seal it, but you want to also import additional contexts, wouldn’t that lead to different errors or collisions? Pierre-Antoine Champin: -1 to sealing someone else’s context Rob Sanderson: I don’t think you can seal someone else’s context. Jeff Mixter: so sealing contexts is only within the context of the JSON-ld document? Rob Sanderson: jeff_mixter: Yep. Ivan Herman: Perhaps dlongley or someone else could come up with a strawman spec text that we can look at. We’re getting lost. Ivan Herman: #98 (comment) and the last example of #98 (comment) Ivan Herman: These discussions in November we had (see #98/comment-443182908 and the last example of #98/comment-443241467 a table to talk about different ways to seal, and this seems to give a core spec; if it can be written down, we may have something. … If it becomes spaghetti, we have a problem. … We have the F2F in three weeks, so maybe we can have a goal to have a final resolution then. Dave Longley: We’d also want test cases so we can experiment with test cases. … We intend to implement one way or another. Rob Sanderson: I’m happy to contribute examples. Jeff Mixter: so this is not valid - { "@context": [{"@vocab": "http://schema.org/", "@Sealed": true}]? Ivan Herman: We can also use the wiki page. Action #3: Rob Sanderson to document simple input and expected processing of them Action #4: Dave Longley to review azaroth’s text and add further examples Dave Longley: +1 Benjamin Young: +1 Dave Longley: jeff_mixter: I think as a first cut of this feature you’d have to seal all of the schema.org terms yourself (defining them yourself in your own @context) Ivan Herman: That’s discussed in #108; there was a syntax that might allow for that. Ivan Herman: #108 (comment) Ivan Herman: I didn’t realize I was sealing it, but it could be done. I’m not sure we want to do that. Dave Longley: thanks everyone for the discussion! Rob Sanderson: It’s been a useful discussion. Dave Longley: I can probably dial into the F2F. |
|
Other than for the potential for a scoped context within a sealed context which can unseal the context underneath the term, scoped contexts should always be thought of as a short-hand for simply defining the scoped context embedded inline. So for example, @dlongley's original example is equivalent to the following: {
"@context": {
"@version": 1.1,
"someTermToClear": "ex:someTermToClear",
"record": {"@id": "ex:record", "@container": "@graph"}
},
"someTermToClear": "should be defined here",
"record": {
"@context": [null, {"someOtherStuff": "ex:someOtherStuff"}],
"@id": "ex:someId",
"someOtherStuff": "this should be defined here",
"someTermToClear": "this should NOT be defined here"
}
}In the proposed change in #20 (comment), only a scoped context definition within a sealed context/term can be used to unseal that context by setting it to |
|
This issue was discussed in a meeting.
View the transcriptSealed contextsIvan Herman: If we can’t get to a clear model and agreement on sealing today, I propose we defer it. Adam Soroka: If we happen to do that, what do we say to verifiable claims, etc? Rob Sanderson: (reads guiding principles) Rob Sanderson: https://www.w3.org/2018/json-ld-wg/WorkMode/guiding_principles Rob Sanderson: sealed contexts - goal is to solve by end of day Ivan Herman: one thing from last week’s discussions - sealing seems to be a very dangerous thing to do… … if Google decides to put a seal on schema.org, community will be unhappy … Gregg Kellogg: we need to understand who we’re serving. Not there for schema.org, rather verifiable claims … specs as verifiable claims have a shared vocabulary, with some domains wide open, but people can’t change semantics … in spec, intentionally or otherwise Benjamin Young: chief aim of proposal is that json and json-ld world co-exist. Term sealing is to guarantee that … … json and json-ld authors work on exact same shape … maybe take a step back from sealing and see what other options there may be … notion of foundational shape surviving framing Ivan Herman: what I understand from ver. claim. is that they have a wrapper w/ properties whose value is an object… … want to give total freedom for another vocabulary to leave locally. How about a syntax that says this is an extension point… … @context null + specific situation that is sealing + @context null … concentrate on this use case and try not to generalize Rob Sanderson: sealing doesn’t solve actual shapes - just relationship between key and class. Not producing necessary structure … it is intersection of RDF semantic layer and JSON keys. Not shape thing as an API. Mapping not API Pierre-Antoine Champin: goal of sealing is not to guarantee LD has same shape as plain JSON, but JSON LD that has the same shape… … has the same semantics. … agree with ivan – sealed is sealed from point to rest of subtree and not try to address unsealed point. David Newbury: Use case for unsealing is to insert user specified documents into structure. Unstructured JSON into LD… Ivan Herman: may try to pick up json literal again Ivan Herman: some examples don’t want literal, but piece of RDF graph but based on another vocabulary on its own David Newbury: do we need ability to interpret unsealed part in context of whole document? Gregg Kellogg: yes David Newbury: do we have use cases where sealed and unsealed need to be interpreted? Rob Sanderson: I think so Rob Sanderson: Note - if we can’t solve by the end of the day, revisit the fallback position of JSON literals Gregg Kellogg: We’re making this too hard. A sealed context is a collection of sealed terms – maintains original interpretation … an extension point is where you use a term that is not sealed… … say there is a named term in VC that has a given meaning, but want to be able to add other properties that aren’t sealed… … also need a “this is a place for you to put stuff” – creating a scoped context where properties can be re-interpreted. … sealed terms have fixed meaning when you use them. Pierre-Antoine Champin: a term may be sealed (i.e. its meaning, esp. its IRI, can not be overridden) and an extension point (allow sealed terms to be overridden in its subtree) David I. Lehn: common use will be use an example, preserving semantics and adding on… Adam Soroka: we have ways to control shapes of json and RDF, but now we’re talking about a third way… controlling semantics Pierre-Antoine Champin: gregg says extension points are properties that aren’t sealed — sealed means one cannot override Gregg Kellogg: one approach is sealed context that allows context underneath to be unsealed… Pierre-Antoine Champin: thanks @gkellogg, that’s clearer :) Ivan Herman: i would like to hear a description of the exact sealing proposal Gregg Kellogg: that would be pchampin’s PR Ivan Herman: if we cannot explain where we are, we have a problem Pierre-Antoine Champin: I agree with first 2 parts of the PR, the 3rd one is related to extension points … we don’t have the same model for unsealing … especially when it happens automatically … I think the sealed definitions in a context cannot be overwritten by anything in that context Ivan Herman: if you seal a context, then the only way the terms can be overridden is in a scoped context within the sealed context? Pierre-Antoine Champin: I think so Gregg Kellogg: explicates example on whiteboard Test so03 David I. Lehn: there are problems with this example because the inner context has no effect Ivan Herman: we often use such examples, which I find a little unnatural Harold Solbrig: That confuses me Ivan Herman: [discusses example] Gregg Kellogg, Ivan Herman, Rob Sanderson: [edit and discuss example] Ivan Herman: sealing seems to mean that the terms are cast in concrete Ivan Herman: it is very difficult to explain exception David I. Lehn: Not sure why it’s unnatural? Ivan Herman: if the context says “Sealed” that would seem to me to mean that everything is cast in concrete … but that doesn’t seem to be the case … we can change things with scoped contexts etc Gregg Kellogg: this comes out of discussion of multiple sealed contexts Harold Solbrig: by changing this one term to add a typo, I can open up everything I thought I was sealing David Newbury: I would have assumed that by sealing a term, it would remain sealed Gregg Kellogg: so once sealed, always sealed Gregg Kellogg: that didn’t work for Verifiable Claims because they don’t want to intro a constraint on the JSON-LD within the wrapper jeff mixer: can I constrain the type of value used with a term this way? all: no, JSON-LD has no way to constrain the types of values Adam Soroka: Agree completely. The wrapper compresses the protocol into the document … It pulls us toward sealing other things beyond just the mapping, but into complex chains Harold Solbrig: preventing people from accidentally overwriting contexts seems within our scope, but not all the further ramifications Pierre-Antoine Champin: re: when terms become unsealed … it is genuinely hard to explain … I would say that a sealed term is sealed anywhere, except when the sealed context opens it … there are two situations in which one can redefine a sealed term … plain JSON users don’t expect the semantics to be sealed any more … we should leave the decision of when to unseal terms to the authors of the sealed context Ivan Herman: an extension point means a combination of “context now” and “I cannot touch what is on the upper level” Gregg Kellogg: {discusses Ivan’s example] Ivan Herman: how about a keyword “extension” that means you cannot redefine anything you inherit? Gregg Kellogg: not quite @context: null. David Newbury: if we have a context that defines ‘name’ within a sealed context, [points to examples] Gregg Kellogg: [discusses examples] … it may be simpler in the end to say that sealed terms are always sealed except for @context:null … but subtleties arise when two sealed contexts interact Rob Sanderson: can we do that example? Ivan Herman: the only place where @context:null would have a nuclear option would be in the context that is sealed Adam Soroka: [discussion of various examples] Gregg Kellogg: [refers to examples] David Newbury: ditto Pierre-Antoine Champin: [example of two contexts conflicting] David Newbury: the confusion caused by accounting for the complex interactions outweighs the utility Harold Solbrig: what if we turned the pattern inside out and let contexts signify that they don’t intend to override? … if you want to enforce that, you do it on a vocabulary-specific basis … with rules for that particular context Gregg Kellogg: so if a context lacked that flag, it would be harder to reuse it Harold Solbrig: depends on how much you care about this relationship between the contexts Adam Soroka: [discussion of what is or is not in scope for the use case and interoperability concern] Gregg Kellogg: not clear how to specify that Ivan Herman: going back to David’s example Ivan Herman: [discusses example] Rob Sanderson: [discusses example] Gregg Kellogg: @context: null has a specific meaning and we are altering it Ivan Herman: if we go down the road of “sealing”, then @context:null is going to conflict in some way and we will have to resolve it Harold Solbrig: that’s why I went for an extension-based approach Gregg Kellogg: we have until noon! Harold Solbrig: can we get the use case in a more concrete form? David Newbury: I’m increasingly fond of Harold’s idea to put in an “extension” property that errors if something with it overrides a term … this allows me to write extensions that will work, but it may not be what VC need Pierre-Antoine Champin: I have to think about that idea (Harold’s idea). gkellogg convinced me to try to explain again how a context becomes ineffective. … I’m in favor of saying that whenever I traverse a term that is not part of a sealed context, it’s not sealed anymore … after which a term could have been redefined: no guarantees about the semantics! … as for @context:null– maybe the “extension” idea is a better way to make extension points; it makes the unsealing specific … to make @context:null work one goes through both extension properties Gregg Kellogg: let’s for the moment let’s put off the table any terms from a non-sealed context … the behavior I heard dlongley describe … is that history is wiped out and we start from scratch Ivan Herman: I’m good so far Gregg Kellogg: but if you do want to allow a mixture of sealed and unsealed terms, we get into the case that pchampin discussed … two ways to have an extension point: 1) an unsealed term, under which anything goes, 2) a sealed term that is defined as an extension point … and 2) doesn’t satisfy the use case Ivan Herman: let’s say I have a claim, and I put into the context a @context:null to make an extension point. … the danger is that I will redefine a term from VC, accidentally or maliciously … IIUC VC, it’s a bit like Annotation … outsiders are expected to use their own vocabularies with these guys, without having to understand VC or Annotation Gregg Kellogg: one case is that everything is wiped out, but the other is that you intermingle the use of properties Ivan Herman: so I can add my own context Gregg Kellogg: but not redefine terms … we would end up with semantics that differ between JSON and JSON-LD David I. Lehn: the way that Activity Streams does this is to say “You must not override or change contexts” as a normative piece (see https://www.w3.org/TR/activitystreams-core/#jsonld) Rob Sanderson: people do this now by ordering the contexts Rob Sanderson: [returns to examples] Rob Sanderson: you can say that a sealed context can have an extension … having sealed on the context is confusing and makes more sense at the term level Ivan Herman: what is the difference between sealed and extension … if extension was not true then there would be a warning Ivan Herman: why not just say extension:true – it’s not setting a context? Rob Sanderson: to distinguish from the case of this term being an extension Gregg Kellogg: two different keywords that act on the context are unclear Rob Sanderson: the change is that the default condition is “sealed” Dave Longley: i’m on another call and can’t join, so i apologize… but was reading what’s here and thought i’d throw this in here… if there is a fear that schema.org (or contexts like it) might get sealed … we could allow {"@context": [{"@contextref": "http://schema.org", "@Sealed": false}, ...]} and the reason that would be ok for the sealed case we care about in VC community and so on, is because JSON processors would reject that … the context MUST be specified as a simple string, that’s what JSON-only processors would be looking for: {"@context": ["https://w3id.org/credentials/v1", ...]} David Newbury: I thought we were talking about three use cases, one of which is ability to delete context, which is @context:null … are we trying to prevent people from overriding accidentally or maliciously? Gregg Kellogg: we can’t prevent malice Ivan Herman: it’s a clean slate… but not Harold Solbrig: @context:null is often too much Adam Soroka: gkellogg and ivan: [thrash more examples] Rob Sanderson: we fundamentally don’t want the semantics to slip between JSON and JSON-lD Rob Sanderson: [more examples] Rob Sanderson: gkellogg: “extension” unseals everything, which is not @context:null Adam Soroka: [discusion of @context:null and whether it is a problem for the original use case] Gregg Kellogg: if there’s another context with sealed terms and extension points Rob Sanderson: regardless of which context has the sealing, extension overrides it. Gregg Kellogg: that’s the simplest way Benjamin Young: #20 (comment) Benjamin Young: dlongley and I discuss term ordering and inheritance … there is a problematic example there … [discusses vocabulary] Benjamin Young: #20 (comment) Benjamin Young: this example shows how to avoid that by being verbose … [discusses problems that concern @type usage and inheritance] David Newbury: if I have two sealed contexts that define the same term, who wins? Gregg Kellogg: last one in Rob Sanderson: Reviewing the rules that we think we’re talking about. Adam Soroka: the use case is to avoid semantic slippage around terms when interpreted as JSON. Rob Sanderson: If @extension:true is encountered in scoped context definition, then attempts to redefine terms from the active context will succeed. Ivan Herman: If this is the rule, in the embedded context, I can also change the ID of that term? Rob Sanderson: yes. You can redefine anything. Ivan Herman: so if I have @extension : {}, the extension of the original key remains. Gregg Kellogg: the effect of extensions: true is to update the active context and remove the sealed status of all terms within that context … allowing those terms to be renamed within the value of the extension property Ivan Herman: so inside, something may be different than outside? Gregg Kellogg: yes. It only makes sense within a scoped context, and only makes sense on a sealed term. … if you extend an unsealed property… Gregg Kellogg: within an extension property, we can only define additional properties within that context. Rob Sanderson: this is an error: [{"extension": { @id: extension_property, @Sealed:true, @context: {@extension:true}}}}, { "extension":{@id: extension_propery}] Rob Sanderson: extending unsealed terms is dumb, but not an error. Pierre-Antoine Champin: I’m fine with this…in practice, this would mean that the plain JSON interpretation can only trust terms from the sealed context in the subtrees I defined. … because when there is a term from another context, theydon’t know anything about that term. … if we’re happy with this, we’re happy, but it seems like a lot of work to get to the same point. Gregg Kellogg: I don’t think we’re at the same point. … it’s only when we transition to a property when it’s extension: true that we transition Pierre-Antoine Champin: the assumption that JSON-only is the same–it’s only trustworthy when looking at sealed terms. Gregg Kellogg: that’s consistent with the spec. Pierre-Antoine Champin: right. that’s why I’m OK with this. Rob Sanderson: the thing we’re not able to deal with is nulling out terms and then redetermining them. So it works. … so for VC, the context for the claim can start with null, which wipes out their context. … so I don’t think that VC will use extension: true. Gregg Kellogg: do we have a use case for this? Ivan Herman: I thought that they want to avoid that anyone includes in the claim things that redefine things within verifiable claims Gregg Kellogg: I think that applies to the envelope … within the envelope, naive applications may not need to understand them. … for example, annotation properties … they come from another context … so if you introduce another term in the envelope, those envelope extensions won’t override the VC Rob Sanderson: don’t mess with our stuff … vs:issuer should not be overridden, but if an extension defines ex:date, that’s fine. but the extension should not be able to override vs:issuer. Gregg Kellogg: …explaining his example… … since we have both a sealed context and schema, name remains it’s context. within the extension, something could set the scoped context to null. … it could add a new context, and it could be anything. … thus, VC does not need extension Ivan Herman: why are we doing this? … if this can be met with sealed and nullification, what is the use case for extension? … this is the simplest thing that can work. That’s what we should do. … do we need extension at any point? Gregg Kellogg: I agree. Adam Soroka: so there’s no need for nullification … (i mean extension) Gregg Kellogg: what we determined is that we’re not going to restrict @context: null. In that case, we don’t need the exceptions. … you can always do @context: null … thus, you can do it in a scoped context … meeting VC’s use case Benjamin Young: this VC is something that we haven’t discussed … We don’t have anything that addresses it . … since it’s type term usage, not property-term usage … can we describe it as a use-case? … term inheritance works…they don’t need sealing… … but the scoped context around @type breaks things … see the comment further down about getting around this by being verbose, but…this is how those things are extended. … using a base type, and adding additional types…so type ordering matters. … endorsed by handwaving, but would like a better mechanism … but this is where things are breaking Benjamin Young: example description is here #20 (comment) Benjamin Young: verbosity “solution” is here #20 (comment) Gregg Kellogg: this example: we would process the scoped context for specificCredential…issue is defined in an example. … this is dlongley’s example, not mine … he was saying that the context ordering gets nullified by scope contexts and type…core vocabulary at the end doesn’t work, since types can override that. Gregg Kellogg: scoped context would not override this if issuer is a sealed term Benjamin Young: we have two inheritance orders: CSS and FIFO … so we would flip them, so if sealing isn’t done properly, then we have problems … don’t know if there’s a solution here…other than a core vocabulary that comes first Rob Sanderson: this seems to me to be application-logic-layer … so VC would have a sealed context… Benjamin Young: {"@context": {"@Sealed": "http://vc-data.example/", "@extensions": ["http://extension-1.exampe/", "http://other.example/extension"]}} Rob Sanderson: …typing on the whiteboard… Gregg Kellogg: so there’s a new extension keyword that imports without redefining? Benjamin Young: this is something totally different Rob Sanderson: this just inverts where the properties live Benjamin Young: this means that the core is at the top, and the extensions below Rob Sanderson: with would work with term definitions Benjamin Young: currently, you put the core last. … now you need to move it to the top, or potentially to both places Gregg Kellogg: this means that the thing at the front and seal it, then it can’t be changed Rob Sanderson: to me, sealing is the inversion of the property rules. Benjamin Young: this means that the scope documents now need to be explicitly 1.1 Rob Sanderson: if you’re using 1.1, but interpreting as 1.0, it will be strange. Gregg Kellogg: I think we can only talk about what 1.1 will do … the reason that 1.1 is needed, so that if a 1.0 processor sees it, it will die Benjamin Young: so in 1.1 we’re inverting the order? Gregg Kellogg: I don’t see it as inverting, I see it as a new effect. Benjamin Young: this sounds like !important in CSS Gregg Kellogg: it continues to work Benjamin Young: even if someone else seals it first? Gregg Kellogg: I think we need to table multiple contexts that seal … I don’t think it’s what we’re promoting … as a best practice, there should be only one … as a corner case, we should… Ivan Herman: the usage of sealed in the grand scale of things will be minimal … if it’s awkward, then that’s OK, because this is rarely used. Adam Soroka: we don’t know this will be rare Ivan Herman: our schema discussion showed us that we should not use sealed regularly. … common, vague vocabularies should not used sealed. … there are good use cases, but let’s be careful. Gregg Kellogg: IMO, sealed should only be used by contexts defined in specifications where there is a dual JSON/JSON-LD processing mode, and then only rairly Rob Sanderson: the other thing that’s important to put down is sealed is not a guarantee that it can’t be changed, but to prevent unintentional. … you can always put in a version 1.0… Gregg Kellogg: you can’t go back Ivan Herman: the @context:null option is there, so we can not defend against all malicious use Rob Sanderson: so we don’t need extension: true, because there’s no use case and we can cover it by nulling and re-i porting? … so are we back to the simple rule? … If @Sealed: true is encountered on a term definition, then attempts to redefine the term will fail and result in a warning. Gregg Kellogg: with a note about using context:null Adam Soroka: so there’s no way that a term picks up an unintentional meaning Harold Solbrig: can I put a @Sealed on the external context? Gregg Kellogg: you can’t do that Ivan Herman: you can’t seal someone else’s context Harold Solbrig: I would still like to be able to make sure that I don’t unintentionally reuse terms Gregg Kellogg: can this be solved with SHEX? Harold Solbrig: maybe… Pierre-Antoine Champin: what happened to redefining a term within a sealed context? Gregg Kellogg: we said that’s not possible. … the only way to do this is to null the context Pierre-Antoine Champin: so context:null could happen anywhere? Rob Sanderson: correct Pierre-Antoine Champin: so sealing prevents explicit redefining the sealed terms, but not guaranteeing their stability. Gregg Kellogg: correct Rob Sanderson: context: null is the way out of things, and you’d only do that in the VC case if you were trying to be malicious, and we’ve decided we can’t guard against that. … the intent is to avoid unintentional redefining. … to fix that, you need a preprocessor. Adam Soroka: is sealing now to strong a name? Gregg Kellogg: it is sealed in the active context. Pierre-Antoine Champin: I disagree; freezing (and sealing, for that matter) in JS is a quite different thing Ivan Herman: let’s make a resolution, and go to lunch Proposed resolution: Adopt the following rules for sealing - 1: If @Sealed:true is encountered on a term definition in the active context, then attempts to redefine the term will fail and result in a warning. 2 - If @Sealed:true is encountered on a context, then all terms defined within the context should be treated as having @Sealed:true in their definition. 3- If @Sealed:false is encountered on a term definition in the active context, where the context has been sealed with @Sealed:true, then the sealing for that term is removed. (Rob Sanderson) Harold Solbrig: if there’s a sealed: false for an unsealed term, what happens? Rob Sanderson: +1 Ivan Herman: +1 Gregg Kellogg: nothing–that doesn’t mean anything Adam Soroka: should we warn? Gregg Kellogg: +1 Jeff Mixter: +1 David Newbury: +1 Simon Steyskal: +1 Harold Solbrig: +1 Pierre-Antoine Champin: +0.5 Gregg Kellogg: we SHOULD Adam Soroka: +1 Benjamin Young: +0 (would like to see use case mappings for all these things) David I. Lehn: +1 Resolution #1: Adopt the following rules for sealing - 1: If @Sealed:true is encountered on a term definition in the active context, then attempts to redefine the term will fail and result in a warning. 2 - If @Sealed:true is encountered on a context, then all terms defined within the context should be treated as having @Sealed:true in their definition. 3- If @Sealed:false is encountered on a term definition in the active context, where the context has been sealed with @Sealed:true, then the sealing for that term is removed. {: #resolution1 .resolution} Dave Longley: “If @Sealed:false is encountered on a term definition in the active context, where the context has been sealed with @Sealed:true, then the sealing for that term is removed.” <– this sounds like a big problem as written … Dave Longley: is this saying that with {"@context": [1, 2]} that 2 can unseal anything it wants? Dave Longley: if so, that defeats the purpose of sealing … so i can only imagine that something else was meant by that text. Dave Longley: it sounds like an attacker that defines 2 can get a VC to be successfully processed by a JSON-only processor in a different way from a JSON-LD processor under that condition Dave Longley: i’ll check back here later to see if there’s a clarification Dave Longley: if the ability to unseal a sealed context is a requirement (as opposed to just extending in an acceptable way) … it seems like we could do it without messing up JSON-only processors by using some other syntax that they would otherwise reject. Dave Longley: JSON-only processors will be looking for {"@context": [, , ...ignored]} Dave Longley: or could perhaps be further limited to: {"@context": [, , ...]} Dave Longley: in other words, any deviation from some very rigid rules would cause a JSON-only processor to reject the input … which could be potentially used to our advantage if we need to cover other use cases where we are fearful of people sealing things that JSON-LD aware entities would like to unseal in a way that would not impact JSON-only processors. Dave Longley: but what is key is that that any mechanism that is used to unseal would not impact JSON-only processors. Dave Longley: if we can abide by that rule, i don’t see why i wouldn’t be supportive. Rob Sanderson: dlongley: The @Sealed:false would only work for the original definition, no subsequent attempt to redefine it Rob Sanderson: It overrides the @Sealed:true on the context Rob Sanderson: But not @Sealed:true on a term Dave Longley: azaroth: ok, if I understand you I think that’s fine Adam Soroka: #87 2.1. closing related issues Proposed resolution: Close #87, as unnecessary given above rules. (Rob Sanderson) Rob Sanderson: +1 Ivan Herman: +1 Gregg Kellogg: +1 David Newbury: +1 Jeff Mixter: +1 Simon Steyskal: +1 David I. Lehn: +1 Resolution #2: Close #87, as unnecessary given above rules. {: #resolution2 .resolution} Simon Steyskal: #98 Proposed resolution: close #98, as unnecessary given the rules above (Ivan Herman) David Newbury: +1 Ivan Herman: +1 Proposed resolution: Close #98, as @context: null clears context definitions (Rob Sanderson) Gregg Kellogg: +1 Rob Sanderson: +1 Harold Solbrig: +1 David I. Lehn: +1 Resolution #3: Close #98, as @context: null clears context definitions {: #resolution3 .resolution} Resolution #4: Close #98, as @context: null clears context definitions {: #resolution4 .resolution} David I. Lehn: #116 David I. Lehn: discussion of [https://github.com/w3c/json-ld-syntax/issues/116#issuecomment-460681505] David I. Lehn: [missed scribing much back and forth, trying to catch up on the gist] Gregg Kellogg: [pointing out current algorithm could be modified based on some rules to handle the partial redefinition] Ivan Herman: [concerns about backwards compatibility] Gregg Kellogg: based on algorithm, 1.0 would fall through to new 1.1 behavior Ivan Herman: sounds like adding more hacks Dave Longley: also want it to be easier for json authors Gregg Kellogg: we go towards side of being easier for authors David Newbury: hard to follow what is going on without knowing all the processing steps Gregg Kellogg: not overriding term itself […?] Rob Sanderson: more authors to explain to than people needing to understand this feature. on side of authors. David Newbury: issue with how things are overridden. seeing next term definition would think it fully overrode first one. Ivan Herman: [worries about more complications] David Newbury: example seems like json in json-ld David I. Lehn: it’s a mix in this case, using json tools to process json-ld. would want to know the context of the data. Rob Sanderson: [discussing how some examples would be processed] Ivan Herman: adding new features to already complex system. really worried about it. Dave Longley: understand ivan. A goal is to make ergonomics of 1.1 easier for users and better than 1.0 Proposed resolution: if @id is not present in a term definition, and there is no default vocabulary, but has an expansion to an absolute IRI in the active context, then the @id of the new definition is taken from the active context (otherwise this is still an error) (Rob Sanderson) Rob Sanderson: +1 Ivan Herman: +1 Simon Steyskal: +1 Gregg Kellogg: +1 Dave Longley: +1 David I. Lehn: +1 Jeff Mixter: +1 David Newbury: +0.5 Adam Soroka: +1 Resolution #5: if @id is not present in a term definition, and there is no default vocabulary, but has an expansion to an absolute IRI in the active context, then the @id of the new definition is taken from the active context (otherwise this is still an error) {: #resolution5 .resolution} Proposed resolution: Once previous is done, we can close #116 (Rob Sanderson) Harold Solbrig: +1 Ivan Herman: +1 Rob Sanderson: +1 David Newbury: +1 Simon Steyskal: +1 Jeff Mixter: +1 David Newbury: +1 Rob Sanderson: +1 Harold Solbrig: +1 Adam Soroka: +1 Ivan Herman: +1 Rob Sanderson: Really 116 :) David I. Lehn: +1 Resolution #6: Once previous is done, we can close #116 {: #resolution6 .resolution} Proposed resolution: We agree with the processing order per #61: scoped definition from property, then from type, then embedded. PR to update docs to come. (Rob Sanderson) Ivan Herman: +1 Rob Sanderson: +1 Adam Soroka: +1 David I. Lehn: +1 Simon Steyskal: +1 David Newbury: +1 Jeff Mixter: +1 Harold Solbrig: +1 Gregg Kellogg: +1 Resolution #7: We agree with the processing order per #61: scoped definition from property, then from type, then embedded. PR to update docs to come. {: #resolution7 .resolution} Harold Solbrig: scribnic hsolbrig Gregg Kellogg: what if you said context null? Rob Sanderson: it would wipe out all definitions Gregg Kellogg: you could also seal activities |
Is there a way to use the scoped context mechanism to "embed" information in a JSON-LD document such that all term definitions are cleared? So, for example, suppose we had this:
The goal here is to avoid requiring the author of
recordvalue (or a user of it) to have to know to clear any terms in an "outer container". This may allow "safer" composition/embedding of JSON-LD documents.The text was updated successfully, but these errors were encountered: