open-cloud-mesh/OCM-API
open-cloud-mesh/OCM-API
1
0
Fork 0
mirror of https://github.com/cs3org/OCM-API.git synced 2025-12-28 18:16:06 +00:00
Code Issues Projects Releases Packages Wiki Activity
Page: Meetings 2025
Pages
Home Implementations readiness and spec maturity Meetings 2025
121 Meetings 2025
Giuseppe Lo Presti edited this page 2025-12-18 13:03:20 +01:00
Table of Contents

Date: 2025-12-18 11:00 CET

Agenda

  • STA work status update and Milestones to be claimed
  • Spec work
  • Report from SIG-CISS meeting and upcoming events
  • Next meetings and AOB

Present

Minutes

  • Intro by Giuseppe
    • Next meeting: 13/01/2026 at 11:00 CET
    • Summary of discussions at Bologna's SIG-CISS meeting (presentation linked from the history page)
      • How to model sharing to distributed groups/federations, introducing a concept of responsibility/liability: sites are responsible for their members of a distributed group, no need to rely on a central LDAP-like infrastructure and update it, which doesn't scale.
    • Next CS3 workshop in Oslo, call for abstracts is open. Clashes with IETF 125, Thibault and Micke would go there.
  • [Micke joined] Review of STA work
    • Enrique demonstrates the refresh token flow. Discussion about how to fulfill the requirement
    • Discussion on how to spec the use of the token exchange flow yet remaining backwards compatible to remote systems that do not offer this capability
      • The Sender should always inspect the Receiver's discovery endpoint, and offer a share using the new format {"name": "multi", "webdav": {...}} including a must-exchange-token requirement if it finds the exchange-token capability, or fall back to the old format if not.
      • Giuseppe: for the fallback to work, it's actually better to keep the name of the key in the share payload as it is today, sharedSecret, but it was voted to rename it...
      • Micke: there must have been a misunderstanding, I assumed the rename applied to the token endpoint, not the Share Creation endpoint
      • Giuseppe: let's reiterate on the mailing list, Matthias seemed to imply the Share Creation payload. For now, we don't change it.
      • An implementation capable to do token exchange should accept both share formats. Giuseppe: the old format might be disabled e.g. via configuration.
    • Q: what do we need to produce in order to claim the Milestones? Mahdi: guidelines now in the OCM-STA repo
    • Mahdi demonstrates his milestones and the extensions of the test suite
  • Datatracker updates
    • Thibault: for a new version it's good to send a changelog to the mailing list, and add it as a section to the Draft itself. It will eventually be removed during the last call before becoming an RFC. The cadence is relatively arbitrary, we should avoid too many small changes as well as too large changes. The changelog can be a digest of the PRs.
    • Giuseppe: will review and merge https://github.com/cs3org/OCM-API/pull/297 early in January, and then we could publish to the datatracker what we have so far (including ssh/sftp), with possibly another round in preparation to IETF 125 and CS3 2025.

Date: 2025-12-02 11:00 CET

Agenda

Present

Discussion

  • STA work update
    • Enrique: exchange token logic is there, the /token endpoint is hard-coded for now. There's also a patch in the webdav client. PR upstream? Enrique will create it.
      • Giuseppe: the incoming share must be parsed in the new format in order to look for the requirements
    • Mahdi: CERNBox works with LocalFS and UI. Working in multiple milestones at the same time.
      • Issue with memory-hungry components for the CI (Reva, Cypress, ...), but we are using custom GitHub runners so should work.
    • Richard: we could also use the Sunet Research Cloud infrastructure here
  • Spec issues
    • sharedSecret renaming
      • Micke doesn't mind too much, rename to refreshToken if others think it is a good idea. Rough consensus is more important that the name of the key, so we can move on with Nextcloud implementation.
      • Out of the presents, we have 4 votes for refreshToken and 1 abstention.
    • Giuseppe proposes to merge https://github.com/cs3org/OCM-API/pull/304 and in general concurs that having JSON payload specifications described in JSON format is good as they can be embedded in the Draft. To be seen how to keep the OpenAPI spec.
  • AOB
    • Mahdi: the meshdir provider in Reva is now obsoleted by the directory service, could be dropped. Giuseppe: yes for cs3 Reva, whereas in oCIS it is likely used in production. Could be proposed, anyway this was not part of OCM.

Date: 2025-11-18 11:00 CET

Agenda

Present

Discussion

  • Maxence would probably join from the Nextcloud side in the IETF interim meeting.
  • We can give the chairs the slides for presentation so they can queue on the interim.
  • We should present the changes between draft 7 and 8, Micke would do the presentation.
  • We need to work on the delete share OCM notifications, Nextcloud is capable of this, others possibly, but interoperability was never proved.
    • There isn't cross tests to see how this would work between different EFSS.
  • The Nextcloud and CERNBox, OpenCloud, oCIS, are ready for WAYF tests.
  • Enrique: the fix needs patches for Sabre and Guzzle; Guzzle needs a PR
    • Micke: my idea is to open a PR from CS3 org, so we can work on it. Giuseppe to fork it (Done: https://github.com/cs3org/guzzle)
    • Giuseppe: we can switch Nextcloud to use our fork for short time just to show it works
  • Giuseppe: Reviewing the maturity of OCM and readiness of implementations
  • Micke: I can mention the new concepts and receive opinions about them (e.g: ro-crate, code, request share, journaling etc)
  • Micke: My intention is to present 3-4 presentations on interim meeting.
  • Giuseppe: Major version change happens if we obsolete the basic auth.
  • JMAP is interested to use OCM in server-to-server communication.
  • JsContact and JMAP has joint meeting to discuss it. the reply you get from OCM contact response is very rudimentary, we would benefit from a richer response using JsContact.
  • Mahdi: I've made a multi Reva docker setup, it works with some minor issues about localfs

Date: 2025-11-04 11:00 CET

Agenda

Present

Discussion

  • Enrique: started to deploy Nextcloud
  • Mahdi: good discussions with Joern and Giuseppe for the WAYF implementation and the protections to be implemented in Reva against attacks. Several PRs were opened, all linked from https://github.com/cs3org/OCM-STA/issues/1 including videos demonstrating the UI interactions
  • Joern: PRs in OpenCloud could be merged rapidly, make them "Ready for review"
  • Mahdi: an OCM reference implementation could be done in Go, in such a way that all Reva implementations could benefit from it
  • Giuseppe: videos well appreciated at the EOSC Symposium (credits to Richard!), could be reused in future events. Richard: could also be improved, the GUI is always very similar between the different vendors, some visual clue about the fact that we run a federation of sites would be beneficial. Giuseppe: the CERN folks produced a video about federated workflows with REANA, where a map of Europe with the different sites is featured
  • IETF WG interim meeting: a doodle(-like) will be sent to agree on a date for the meeting, which will take place at around 16.30-17.00 CET to allow for participation from the US West Coast.

Date: 2025-10-21 11:00 CEST

Present

Discussion

  • STA Project contract is signed on the 16:th, and work has started, Mahdi and Enrique are main developers.
  • Working group is well under way at IETF, IESG voting to be done at 23:rd.
    • Micke will represent at IETF 124 at HotRFC's with video demos.
  • New spec version tagged 1.2.2.
  • EOSC EFSS Federation tests, readiness for the EOSC Symposium demo
    • Invitations: Works Nextcloud <-> CERNBox <-> oCIS <-> OpenCloud.
    • Shares: Works Nextcloud <-> CERNBox, CERNBox <-> oCIS/OpenCloud, but not Nextcloud <-> oCIS/OpenCloud.
  • OpenCloud will set up a node and we will record some videos on it.
  • Spec: should we expire shares/invite?
    • We will use IETF mailing list/ Github discussions to discuss.

Date: 2025-10-07 11:00 CEST

Present

Agenda

  • PRs review
  • EOSC EFSS Federation tests, readiness for the EOSC Symposium demo

Discussion

  • PRs review
  • EOSC EFSS Federation tests, readiness for the EOSC Symposium demo
    • Invitation: NC <--> CERNBox OK, EOSC EU Node (EEN) needs to trust the federation
    • Sharing: work in progress, nothing works yet. NC-to-NC works in a non OCM compliant way
    • Remote access: on hold, depends on Sharing to work
  • OpenCloud implementation (like oCIS) does bearer auth only, so likely to work with CERNBox but not with Nextcloud
  • Discussion about the Invitation flow in the context of OpenCloud

Date: 2025-09-23 11:00 CEST

Present

Agenda

  • Grants for OCM work from GEANT (SUNET) and STA (PonderSource)

Discussion

  • [Richard] FileSender is seeking OCM support
  • rclone and OCM integration for file transfer: a PoC was done during ScienceMesh, with Reva implementing 3rd-party file transfers with https
    • Data Commons also have similar thing to do, fetching data after sharing
  • IETF WG progress: the WG may be appointed just before or at IETF 124 Montreal
  • EOSC Symposium: demonstrations yet to be defined

Date: 2025-09-09 11:00 CEST

Present

Agenda

  • Close/merge Matthias' PR [Done]
  • Review the IETF charter PR [Done]
  • Request Share PR [WIP]

Discussion

  • Discuss the funding from Digital Sovereign Agency
  • Federation tester ideas
  • Possibility of using DNS SRV records as fallback for .well-known
  • Micke and Antoons WAYF app for Nextcloud was demonstrated at the EFSS sub-group meeeting of the EOSC federation buildup task force
  • Upcoming presentations about OCM:
    • Richard gives today a lightning talk at Nordunet Community Workshop in Copenhagen
    • Micke will attend IETF 124 Montreal and proposes an HotRFC lightning talk
    • In the same days, the EOSC Symposium takes place and demos are foreseen
    • A SIG-CISS meeting is being organized by Geant in Bologna, with focus on Sync&Share and storage federations. Micke and Giuseppe will attend and present the current status of OCM
    • At next CS3 workshop there will be a comprehensive session about those events

Date: 2025-08-26 11:00 CEST

Present

Agenda

Actions

  • For Micke or Giuseppe
    • Get in contact with Maxence Lange to understand how group sharing is implemented in NextCloud - is this actually federated?

Discussion

  • Giuseppe: Reverse engineering how NextCloud does group sharing is not our job, get NextCloud developers involved and see how their implementation works.
  • SUNET received funding from GEANT to develop a storage module for SurfResearchCloud and the proposed solution includes OCM. Implementation and specification for group/federated sharing could be done here and the effort can be driven by SUNET.
  • The W3C Community Group is about to be closed. There's an issue with intellectual property, we cannot be in both the IETF and WC3.

Date: 2025-08-12 11:00 CEST

Present

Agenda

Actions

  • Email the IETF mailing list about the charter feedback and submit a PR today. - Done and done
  • We should have minimal security section - PR ready for review #221
  • Re-order the sections in IETF I-D, such as Introduction, etc. - PR #246
  • Re-upload the latest changes afterwards to IETF data tracker so people can review.
  • Clean ocm-test-suite, build images in cs3org and use GitHub Actions to build images and push to cs3org GitHub Container Registry ghcr.io

Discussion

  • We'll wait for Matthias to apply the requested changes for the OCM address PR.
  • The line length linter for IETF I-D, CI Job is ready and good.
  • We will wait for Pierre to join a meeting, and continue discussion then.
  • Wait for Tara's response.
  • Contact Sandro and Enrique to see if they are available to work on OCM.

Date: 2025-07-31 15:30 CEST

Present

Regrets

Agenda

  • IETF Meeting 123 Debrief:
    • We were mentioned on JMAP WG
  • New logistics

Introductions

  • Pierre Thierry: developed a decentralized binary format that is related to CBOR.

Actions

  • We should demonstrate people are interested so Vienna is better option for the in person BoF.
  • We should keep the momentum as per Andy's email, Micke might go to Montreal or China to have side meeting.
  • Having an online BoF is also an option.
  • We should fork the IETF charter repository into personal spaces. we host it on Micke space.
  • We are considering changing the time of weekly meeting.
  • Discussing with W3C at next Tuesday 4 PM when Michiel is back, about transferring OCM from W3C to IETF.

Discussion

OCM protocol following REST

  • Pierre Thierry: it's a good idea to hint the OCM endpoints in the OCM payloads, following the REST architecture 
    •   {
  	invitations: "/invitation",
  	share-accept: "/share-accept",
  }
  • Giuseppe: We should not break the compatibility, OCM doesn't concern itself with the actual data transfer
  • Giuseppe: Share and Invite cannot be changed, authentication maybe, notification is harder.
  • Micke: We should be weary of breaking compatibility, but we should also make the protocol better. sending the capabilities along would make protocol less chatty, it is worth looking into
  • Pierre Thierry: new clients would implement it, and legacy implementations would follow later.
  • Micke: gradual departure from hard coded paths is a good idea.

GitHub notification in mailing list

  • Giuseppe: filter out useless notifications
  • Micke: We can use other tools; the downside is that we should use a dedicated server or virtual machine.