On 4/4/21 3:56 PM, Alan Karp wrote: > You have separated the designation of the resource, url, from the > authorization, capability, in the request. What happens if someone uses a > different url for that capability? How URLs are mapped to capabilities is server-specific. If someone uses a different URL for that capability, the server may or may not resolve to the same capability. This is application-defined behavior... but again, this is a corner case (or advanced case). In general, the mapping rules are expected to be simple... and if they're not... don't use ezcap... use something else. > The standard approach is to use the capability to both designate and > authorize. Yes, which is what is being done, I believe. What am I missing? I don't know if we're on the same page or not? :) -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launchesReceived on Sunday, 4 April 2021 21:39:49 UTC
This archive was generated by hypermail 2.4.0 : Sunday, 4 April 2021 21:39:50 UTC