Re: The dangers of using VCs as permission tokens

The use case that Kyle describes around delegation seems reasonable -- but
I don't agree with the article's suggestion about how this would/could be
modeled with VCs. The complexity of VCs as a delegation mechanism is not an
inherent characteristic of VCs, but rather a characteristic of the wrong VC
schemas. In other words, Kyle's critique might be better summarized as, "If
you attempt to adapt complex VCs that weren't built for delegation to a
simple delegation problem, you get a lot of baggage that makes it easy to
make mistakes." Cue Alan's comment about confusion...

My conclusion would be: "Don't use complex VC schemas to delegate along the
lines of the model Kyle warned against."

We had a deep discussion about whether or not to use VCs as OCAPs,
facilitated by the chairs of the CCG. I suggest that if we want to explore
this topic further, we allocate proper time and focus to it again, rather
than touching on it in smaller, less contextualized increments.

--Daniel

Received on Monday, 28 June 2021 07:57:43 UTC