W3C home > Mailing lists > Public > public-credentials@w3.org > July 2021

Re: VC-HTTP-API - A follow up on the RAR presentation

From: Adrian Gropper <agropper@healthurl.com>
Date: Tue, 6 Jul 2021 12:03:23 -0400
Message-ID: <CANYRo8hCs=-6mY3J3i1OSz5x+jOO7j=nn04ZbKZqMmGTYsDAfQ@mail.gmail.com>
To: Manu Sporny <msporny@digitalbazaar.com>
Cc: W3C Credentials Community Group <public-credentials@w3.org>
Would implementing a RAR request to the Issuer that results in a capability
based on biscuit, macaroon, or ZCAP not be something to implement?

https://github.com/CleverCloud/biscuit
https://docs.rs/biscuit/0.5.0/biscuit/
https://neilmadden.blog/2020/07/29/least-privilege-with-less-effort-macaroon-access-tokens-in-am-7-0/

- Adrian

On Tue, Jul 6, 2021 at 11:29 AM Manu Sporny <msporny@digitalbazaar.com>
wrote:

> On 7/6/21 11:20 AM, Adrian Gropper wrote:
> > So then can we avoid mention of OAuth2 in the first iteration?
>
> No, because if we do that, we won't have anything concrete to implement as
> a
> MUST. :)
>
> -- manu
>
> --
> Manu Sporny - https://www.linkedin.com/in/manusporny/
> Founder/CEO - Digital Bazaar, Inc.
> News: Digital Bazaar Announces New Case Studies (2021)
> https://www.digitalbazaar.com/
>
>
>
Received on Tuesday, 6 July 2021 16:03:48 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:18 UTC