Meaning of empty permissions?

[matthiasautrata]

Several of your policies have empty permissions or permissions with no action/target defined. This seems to violate the ODRL Information Model. I am sure that I misunderstand something. But, it seems to me that an odrl:Set that is otherwise empty should not be considered 'permission' to execute any action on any dataset by any party.

Can you please clarify?

[woutslabbinck]

Policies 1 to 4 for test cases 1-14 indeed have rules that are empty or almost empty.
These do indeed violate the ODRL Information Model.

In there, it states that a policy MUST have one rule (be it Permission, Prohibition or Obligation). So far so good, all our policies do have that.
Where we are in violation is in the Rule Class.
Permissions and Prohibitions MUST always have a target and action property.
This is what policy 1-4 their rules thus do not have.

Why did we not follow ODRL there to the letter?

While researching how to evaluate ODRL policies in a systemic way (which resulted in a paper containing this repository, the ODRL Evaluator, and the compliance report model as our proposal for the output of evaluation), we were experimenting in how expressive the current ODRL core model really is.

By violating the information model, we were able to create rules that stated everybody can do anything on any resource and showed our evaluator can handle those rules.

That is the main reason why they are in there.

At some point, the goal of this repository is to provide some test cases for the ODRL Formal Semantics (which will then probably end up here).
More specifically, when the state of the world and evaluation request (the inputs for ODRL evaluation) have consensus within the group.

I hope this clarifies it a bit. If not, let me know where I could provide some more context.

[matthiasautrata]

This perfectly explains it and it makes sense. Thank you. I am generally struggling how to interpret ODRL. For example: An odrl:Offer is not ‘evaluated’ seems to make little sense. Most would naively assume that an offer states the conditions for acceptance. Likewise, the Information Model does not state that odrl:Permission should not contain in it an odrl:Prohibition (along the lines of: You can do this but not that!). It is all open to more interpretation than I seem to be able to make sense of. At any rate: Thank you for your work and for sharing it. It helped me greatly and is referred to in my team quite often. Kind regards Matthias

…

------------------------ Matthias Autrata +1-201-300-9196

On Oct 22, 2025, at 06:27, Wout Slabbinck ***@***.***> wrote: woutslabbinck left a comment (SolidLabResearch/ODRL-Test-Suite#7) <#7 (comment)> Policies 1 to 4 for test cases 1-14 indeed have rules that are empty or almost empty. These do indeed violate the ODRL Information Model. In there, it states that a policy MUST have one rule (be it Permission, Prohibition or Obligation). So far so good, all our policies do have that. Where we are in violation is in the Rule Class. Permissions and Prohibitions MUST always have a target and action property. This is what policy 1-4 their rules thus do not have. Why did we not follow ODRL there to the letter? While researching how to evaluate ODRL policies in a systemic way (which resulted in a paper <https://w3id.org/force/papers/ESWC2025> containing this repository, the ODRL Evaluator <https://w3id.org/force/evaluator>, and the compliance report model <https://w3id.org/force/compliance-report> as our proposal for the output of evaluation), we were experimenting in how expressive the current ODRL core model really is. By violating the information model, we were able to create rules that stated everybody can do anything on any resource and showed our evaluator can handle those rules. That is the main reason why they are in there. At some point, the goal of this repository is to provide some test cases for the ODRL Formal Semantics <https://w3c.github.io/odrl/formal-semantics/> (which will then probably end up here <https://github.com/w3c/odrl/tree/master/formal-semantics/examples>). More specifically, when the state of the world and evaluation request (the inputs for ODRL evaluation) have consensus within the group. I hope this clarifies it a bit. If not, let me know where I could provide some more context. — Reply to this email directly, view it on GitHub <#7 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AL52JJWZF7LXXSG6MQEBTZD3Y5LYZAVCNFSM6AAAAACJSJAUOKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTIMZRGYZDMMJQHA>. You are receiving this because you authored the thread.