Re: VC HTTP API specification structure from Alan Karp on 2021-05-04 (public-credentials@w3.org from May 2021)

From: Alan Karp <alanhkarp@gmail.com>
Date: Tue, 4 May 2021 10:23:03 -0700
To: Manu Sporny <msporny@digitalbazaar.com>
Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <CANpA1Z1HjDoDLn73S8eciJdvSv97rEONgzXdYFQFDzu7kZqDDA@mail.gmail.com>

I am not a "standards guy."  I did serve on the UDDI (Universal
Description, Discovery, and Integration) committee for a while, so I
appreciate your efforts.  You have both my thanks and condolences :)

Because of that lack of experience with the standards process, I'm at a
loss when it comes to helping.  What I do know is:

1) having a specification in the first place: That's a good thing, but
you've got to define the scope properly.
2) the initial structure of that specification: The outline of the spec
constrains how the group considers options.

I'll continue to lurk so I can pipe up when I see something that concerns
me.

--------------
Alan Karp


On Mon, May 3, 2021 at 5:35 PM Manu Sporny <msporny@digitalbazaar.com>
wrote:

> On 5/3/21 6:08 PM, Alan Karp wrote:
> > If you aren't careful, such things can be jumbled up, leading to a
> > complicated standard that serves neither community well.  Adrian and I
> > would like to help keep that from happening.
>
> Yes, acknowledged -- hearing both of you loud and clear... and I say this
> as
> one of the Editors of the Authorization Capabilities (zcap-ld)
> specification,
> which deals with many of the same delegation and authorization concerns.
> Many
> of us on this list do truly understand the nuances here, and that we should
> tread carefully and be careful about the choices made. No one is saying
> that
> we should be careless here.
>
> That said, it has yet to be demonstrated that those concerns have anything
> to
> do with 1) having a specification in the first place, and/or 2) the initial
> structure of that specification.
>
> Alan, perhaps you can help Adrian draw a direct line back to the single
> concrete proposal we're attempting to make progress on... namely, can we
> pick
> a starting structure for the VC HTTP API specification so we can get some
> of
> these thoughts down?
>
> MikeP just asked the question of the hour:
>
> Mike Prorock wrote:
> > Not to take away from genuine concerns here, but what does any of this
> have
> > to do with 1) using separate open api specification files for each
> concern
> > in the vc-http-api? 2) using a single respec file to document an actual
> > specification for the vc-http-api?
>
> Alan, perhaps you can help here -- How is the discussion around
> Authorization
> and Delegation, which everyone wants to have (eventually), negatively
> impacted
> by items #1 and #2 above?
>
> -- manu
>
> --
> Manu Sporny - https://www.linkedin.com/in/manusporny/
> Founder/CEO - Digital Bazaar, Inc.
> blog: Veres One Decentralized Identifier Blockchain Launches
> https://tinyurl.com/veres-one-launches
>
>
>

Received on Tuesday, 4 May 2021 17:23:27 UTC