Skip to content

CMI 5 Subgroup Meeting Notes – Nov 17th, 2023

Jump to bottom Edit New page
Bill McDonald edited this page Dec 15, 2023 · 2 revisions

cmi5 Subgroup Meeting Notes – Nov 17th, 2023

Attendee List

  • Andy Johnson
  • Andrew Chemey
  • Bill McDonald
  • Florian Tolk
  • Franklin Ludgood
  • George Vilches
  • Jim Taite
  • Martin Koob
  • Megan Bohland
  • Simon Hsu

Notes

The group discussed the following items:

  • LMS vs LRS language in the spec may need more precisions to say “LRS = Endpoint Provided by the LMS”
  • LRS authentication – by AU vs LMS
  • LMS is responsible for the LRS
  • The endpoint provided by LMS (LRS or LRS proxy) must know how the Token Is authenticated.

7.1.1 First Statement API Call The AU MUST issue a statement to the LRS after being launched, initialized, and ready for learner interaction using the "initialized" verb as described in Section 9.3.2 Initialized

  • LRS = Endpoint Provided by the LMS

"Derived Requirements" (from CATAPULT documentation):

8.1.2.0-2 (d): The LMS must reject xAPI requests that use an authorization token prior to it being fetched, or after a session has been terminated or abandoned.

  • Eventually Consistent Model
    • statements are voided.
  • The LMS would need maintain a timestamp for auth tokens to determine prior timing
  • Need a Best Practices Guide on “Eventually Consistent” cmi5 LMS’s
    • Timing and Sequence of Voiding Invalid Statements

8.1.3.0-3 (d): The LMS must reject xAPI requests that require an "actor" or "agent" that do not include the "actor" value as provided to the AU.

  • Should be added to cmi5 2.0

8.1.4.0-3 (d): The LMS must reject xAPI request that require a "registration" that do not include the "registration" value as provided to the AU.

  • Should be added to cmi5 2.0

8.2.1.0-2 (d): The LMS must handle POST requests to the URL provided in the "fetch" parameter.

  • Add more explicit requirements for:
    • LMS must implement a Fetch Listener
    • Each LMS must generate a unique fetch URL for each launch of an AU.
    • Must handle POST requests
    • Must reject Requests with that have invalid Payloads
    • Token provided MUST only be used for one session (Actor/AU/Registration)
      • This requirement that may not be practical to test ?
    • Call it the “Fetch Endpoint” ?

All Previous cmi5 Meeting Minutes/Notes

https://github.com/AICC/CMI-5_Spec_Current/wiki

cmi5 on GitHub:

http://aicc.github.io/CMI-5_Spec_Current/

cmi5 Working Group Wiki

Home

Meeting Minutes

Working Documents

Clone this wiki locally