- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Sun, 4 Apr 2021 17:39:31 -0400
- To: Alan Karp <alanhkarp@gmail.com>
- Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
On 4/4/21 3:56 PM, Alan Karp wrote: > You have separated the designation of the resource, url, from the > authorization, capability, in the request. What happens if someone uses a > different url for that capability? How URLs are mapped to capabilities is server-specific. If someone uses a different URL for that capability, the server may or may not resolve to the same capability. This is application-defined behavior... but again, this is a corner case (or advanced case). In general, the mapping rules are expected to be simple... and if they're not... don't use ezcap... use something else. > The standard approach is to use the capability to both designate and > authorize. Yes, which is what is being done, I believe. What am I missing? I don't know if we're on the same page or not? :) -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Sunday, 4 April 2021 21:39:49 UTC