@Nikos Fotiou <fotiou@aueb.gr> You seem to be describing the authorization
use-case based on VCs. This is reasonable and has been extensively
discussed already but I'm having a hard time remembering which thread.
- Adrian
On Thu, Apr 1, 2021 at 10:20 AM Nikos Fotiou <fotiou@aueb.gr> wrote:
> Hi,
>
> The VC includes a list of "IoT devices" that a "user" can access. The
> subject is the "user" and each "user" can be authenticated by a public key.
> We do not want the VC to be used as a bearer token.
>
> Best,
> Nikos
> --
> Nikos Fotiou - http://pages.cs.aueb.gr/~fotiou
> Researcher - Mobile Multimedia Laboratory
> Athens University of Economics and Business
> https://mm.aueb.gr
>
> > On 1 Apr 2021, at 4:57 PM, Manu Sporny <msporny@digitalbazaar.com>
> wrote:
> >
> > On 4/1/21 7:56 AM, Nikos Fotiou wrote:
> >> I find the latter approach "cleaner" but I am not sure if it is correct.
> >> Any opinion?
> >
> > Could you elaborate more on the use case, Nikos?
> >
> > What are you trying to express with the VC? That might help us answer
> your
> > question with more specific guidance.
> >
> > Note that a DID Document is one example of a data structure that does
> what
> > you're trying to do.
> >
> > Have you considered the type of relationship between the subject and the
> > public key? Or is the VC subject the public key?
> >
> > -- manu
> >
> > --
> > Manu Sporny - https://www.linkedin.com/in/manusporny/
> > Founder/CEO - Digital Bazaar, Inc.
> > blog: Veres One Decentralized Identifier Blockchain Launches
> > https://tinyurl.com/veres-one-launches
> >
> >
>
>