Re: The dangers of using VCs as permission tokens

The use case that Kyle describes around delegation seems reasonable -- but
I don't agree with the article's suggestion about how this would/could be
modeled with VCs. The complexity of VCs as a delegation mechanism is not an
inherent characteristic of VCs, but rather a characteristic of the wrong VC
schemas. In other words, Kyle's critique might be better summarized as, "If
you attempt to adapt complex VCs that weren't built for delegation to a
simple delegation problem, you get a lot of baggage that makes it easy to
make mistakes." Cue Alan's comment about confusion...

My conclusion would be: "Don't use complex VC schemas to delegate along the
lines of the model Kyle warned against."

We had a deep discussion about whether or not to use VCs as OCAPs,
facilitated by the chairs of the CCG. I suggest that if we want to explore
this topic further, we allocate proper time and focus to it again, rather
than touching on it in smaller, less contextualized increments.


Received on Monday, 28 June 2021 07:57:43 UTC