Skip to content

Add scope diagrams section with C4 Level 1 and Level 2 diagrams#159

Open
jeremycaine wants to merge 5 commits into
w3c:mainfrom
jeremycaine:scope-diagrams
Open

Add scope diagrams section with C4 Level 1 and Level 2 diagrams#159
jeremycaine wants to merge 5 commits into
w3c:mainfrom
jeremycaine:scope-diagrams

Conversation

@jeremycaine

@jeremycaine jeremycaine commented May 15, 2026

Copy link
Copy Markdown

Editorial - Clarify systems diagram (at least scope/system context; platform independent model)


Preview | Diff

System(client, "Client application", "Requests and manages resources")
System(lws, "LWS server", "Manages resource hierarchy and access")
System_Ext(idp, "Identity provider", "Issues signed credentials")
System_Ext(ext, "External resources", "Web resources under management")

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean by "external resources"? Are these the same as the "LWS resources" we defined in the terminology? If so, it might be best to re-use that term.

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
System_Ext(ext, "External resources", "Web resources under management")
System_Ext(ext, "LWS resources", "Web resources under management")

Comment thread lws10-core/diagrams/fig-2-container-diagram.md Outdated
Comment thread lws10-core/index.html Outdated
@elf-pavlik

Copy link
Copy Markdown
Member

@jeremycaine In various projects I've been using https://likec4.dev/

There's even some work on embedding it in specs

@elf-pavlik

Copy link
Copy Markdown
Member

@jeremycaine you can see two different LikeC4 diagrams I've done for LWS in

Would you like to coordinate our diagramming efforts?

jeremycaine and others added 2 commits June 29, 2026 15:42
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>

@acoburn acoburn left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The LWS protocol intentionally does not have a notion of "external resources". I would remove references to external resources.

Person(user, "User", "Person accessing resources")
System(client, "Client application", "Requests and manages resources")
System_Ext(idp, "Identity provider", "Issues signed credentials")
System_Ext(ext, "External resources", "Web resources under management")

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
System_Ext(ext, "External resources", "Web resources under management")
System_Ext(ext, "LWS resources", "Web resources under management")

Container(authn, "Authentication", "Validates credential against identity provider")
Container(authz, "Authorization", "Enforces resource manager access decisions")
Container(rm, "Resource Management", "Manages containers, containment and linksets")
Container(era, "External Resource Access", "Mediates access to external web resources")

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would remove this line. The LWS protocol does not define any behavior to interact with "external resources"

Boundary(lws, "LWS server") {
Container(authn, "Authentication", "Validates credential against identity provider")
Container(authz, "Authorization", "Enforces resource manager access decisions")
Container(rm, "Resource Management", "Manages containers, containment and linksets")

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would rephrase the description to be "Manages containers, metadata and data resources" (linksets are a particular type of metadata resource that don't need explicit mention)

Rel(rm, era, "resolves resource")
Rel(era, ext, "accesses")
```
Issue: The internal organisation of container, containment, and linkset management within the LWS server is not yet defined in the protocol. This diagram reflects current terminology and is subject to revision.

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The internal organization is intentionally not defined by the protocol -- that is an implementation detail. I would remove this line.

Comment thread lws10-core/index.html
</p>
<figure id="fig-1-system-context">
<img src="diagrams/fig-1-system-context.svg"
alt="LWS Protocol system context diagram showing the user, client application, LWS server, identity provider, and external resources"/>

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would remove "external resources" from this description

Comment thread lws10-core/index.html
</p>
<figure id="fig-2-container-diagram">
<img src="diagrams/fig-2-container-diagram.svg"
alt="LWS Protocol container diagram showing authentication, authorization, resource management, and external resource access within the LWS server boundary"/>

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
alt="LWS Protocol container diagram showing authentication, authorization, resource management, and external resource access within the LWS server boundary"/>
alt="LWS Protocol container diagram showing authentication, authorization, and resource management within the LWS server boundary"/>

@elf-pavlik

Copy link
Copy Markdown
Member

Following up in discussion I had with @jeremycaine after the WG call.

https://w3c.github.io/lws-protocol/lws10-core/#conformance

LWS core defines two classes of products

  • LWS Server
  • LWS Client

You can find various normative statements with Clients MUST, Clients MAY etc.

Given notifications, access requests / grants, indexes / search, more distinct classes of products may need to be defined. This would be out of scope for this PR but something to keep track of in next iterations.

I will be adjusting LikeC4 model for #177 to reference those classes of products. I also created

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

6 participants