W3C home > Mailing lists > Public > public-credentials@w3.org > December 2020

Re: VCs - zCaps / OCap a Discussion

From: David Chadwick <D.W.Chadwick@kent.ac.uk>
Date: Mon, 7 Dec 2020 22:47:53 +0000
To: Alan Karp <alanhkarp@gmail.com>
Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <40b026d8-7ee0-55f6-d3a9-5b7136deb8b1@kent.ac.uk>

On 07/12/2020 22:22, Alan Karp wrote:
>     As a boss, if I revoked an employee's permission I would want all
>     instances of this to be revoked.
> You need a different mechanism for that.  The solution is to give Bob 
> an ocap to use a Bob-agent, which holds all the ocaps that have been 
> delegated to Bob.  When Bob gets fired you revoke his Bob-agent ocap.  
> This solution also works in the case in which the boss gets fired.  If 
> you didn't do something like this, every delegation the boss made 
> would be revoked, and nobody would be able to get any work done.
We seem to be getting rather complex here. Does this mean that every 
user has two "selfs". His real self that is directly given ocaps, and an 
agent-self that is only given delegated ocaps?
Received on Monday, 7 December 2020 22:48:08 UTC

This archive was generated by hypermail 2.4.0 : Monday, 7 December 2020 22:48:09 UTC