- From: Alan Karp <alanhkarp@gmail.com>
- Date: Thu, 24 Jun 2021 10:53:09 -0700
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Received on Thursday, 24 June 2021 17:54:47 UTC
On Thu, Jun 24, 2021 at 10:28 AM Manu Sporny <msporny@digitalbazaar.com> wrote: > > VCs-as-attribute-based-permission-tokens are a really dangerous idea. > I agree, but I thought Orie Steele was arguing that not needing to deal with a separate standard for such things as encryption algorithms and namespaces was worth the risk. I've been participating in this discussion to explore that option. I think it might be OK if the spec is very careful about what MUST and MUST NOT go into the two types of tokens. However, I'd be quite happy if the decision was not to use VCs as permission tokens. -------------- Alan Karp
Received on Thursday, 24 June 2021 17:54:47 UTC