- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Mon, 13 Mar 2023 09:58:56 -0400
- To: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
- Cc: Bob Wyman <bob@wyman.us>, Alan Karp <alanhkarp@gmail.com>
On Sun, Mar 5, 2023 at 7:27 PM Alan Karp <alanhkarp@gmail.com> wrote: > Pardon me for butting in, but I've been using capabilities since 1996 and may be able to clarify some things. Bob, closing the loop on this... I didn't respond because I was hoping that Alan would, and do a far better job than I in boiling the conversation down to first principles. Yes, everything Alan said. * A capability designates a resource (FILE-X) and a permission that acts on that resource (READ). * You exchange one or more VCs (that prove that you should be allowed to take a particular action on a particular resource) for a capability (that allows you to take a specific action on a specific resource, including delegating the capability to some other entity, possibly with further restrictions). People will debate the second point, noting it's unnecessary. While that might be technically true, if you do that, you stand a good chance of putting your system into a confused deputy situation. The people that argue against combining VCs w/ Capabilities are concerned about proper layering of security primitives. Those that argue for expressing capabilities as VCs, are just wrong! *ducks* :P -- manu PS: There's gotta be some sort of "Internet Law of Capability Discussions" where, if there is any confusion around what capabilities are and are not, that Alan will eventually appear and deftly untangle the conversation. :P -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. News: Digital Bazaar Announces New Case Studies (2021) https://www.digitalbazaar.com/
Received on Monday, 13 March 2023 13:59:45 UTC