Re: PROPOSALs for VC HTTP API call on 2021-06-22

On Thu, Jun 24, 2021 at 10:28 AM Manu Sporny <>

> VCs-as-attribute-based-permission-tokens are a really dangerous idea.

I agree, but I thought Orie Steele was arguing that not needing to deal
with a separate standard for such things as encryption algorithms and
namespaces was worth the risk.  I've been participating in this discussion
to explore that option.  I think it might be OK if the spec is very careful
about what MUST and MUST NOT go into the two types of tokens.  However, I'd
be quite happy if the decision was not to use VCs as permission tokens.

Alan Karp

Received on Thursday, 24 June 2021 17:54:47 UTC