Re: Signs of adoption of CCG specifications

The problem is in the details, delegation and revocation in particular.
Consider a VC that is making a claim, such as that you are licensed to
drive a truck.  What does delegation even mean?  Also, you don't know who
might need to verify that claim, so you need something like a revocation
list.  Now consider a certificate authorizing the holder to query and
update a specific resource.  Delegating the query permission makes perfect
sense, and you know that only the resource needs to validate the
certificate.  Overloading one spec for both purposes is a recipe for
confusion.

--------------
Alan Karp


On Wed, Jul 30, 2025 at 9:37 AM Adrian Gropper <agropper@healthurl.com>
wrote:

> Please help me understand this. I think I get the difference between
> authentication and authorization. When someone or something shows up at an
> authorization endpoint with some request (e.g. RFC 9396 - RAR) that request
> could include a VC and be signed by the requester.
>
> This is the model we've always used in the HIE of One demo. If the
> requester is a physician, they present one or more VCs and authenticate
> with a Passkey that is somehow linked to the VC. If the requester is a bot
> operated by OpenAI, why would anything be different from the authorization
> server's perspective?
>
> Adrian
>
> On Wed, Jul 30, 2025 at 12:02 PM Manu Sporny <msporny@digitalbazaar.com>
> wrote:
>
>> On Wed, Jul 30, 2025 at 11:29 AM Alan Karp <alanhkarp@gmail.com> wrote:
>> > I've read several papers/specs over the past few months where agentic
>> AI systems are using VCs for permissions.  I believe this choice is a
>> mistake for reasons that I have articulated several times.
>>
>> Yes, it's a mistake. At present, this is the statement we have in the
>> VC spec about using VCs for authorization:
>>
>> https://www.w3.org/TR/vc-data-model-2.0/#authorization
>>
>> ... which literally says: "Authorization is not an appropriate use for
>> this specification". :)
>>
>> What we need to do is get the Authorization Capabilities spec onto the
>> standards track, because that's what these agentic AI systems should
>> be using to do delegated actions on behalf of their controllers...
>> that Verified Bots stuff that Cloudflare is doing is something along
>> these lines (so all isn't hopeless).
>>
>> > There are so many of these projects from so many organizations that
>> there's no way I can explain the issues to them one by one.  Is there
>> something the VC standards group can do?
>>
>> Speaking from a practical point of view -- no, not right now, because
>> we have too many other higher priority items that need to get done.
>> The only thing that solves that are more people volunteering to do
>> work around authorization capabilities and push that work forward, and
>> unless that happens, we'll just see another wave of
>> well-meaning-but-misguided young developers misusing authentication
>> technology for authorization use cases.
>>
>> I have suggested to W3C that they create a security technologies group
>> that can move the Data Integrity and ZCAP stuff forward, but they'd
>> need to hire more staff and the budget just isn't there to do that
>> right now.
>>
>> So, we're left with where we are right now -- the folks that get specs
>> done will have to get the higher priority ones done and when those are
>> done, move the authorization capability stuff forward. No one likes
>> that plan, but realistically, that's where we are right now without
>> more volunteers (on the CCG/VCWG side) and funding (on the W3C side).
>>
>> All that said, I completely understand and empathize with your
>> frustration, Alan... I'm in the same boat as you. We can't engage with
>> everyone that mixes up authentication with authorization and tries to
>> use VCs for both of those things.
>>
>> -- manu
>>
>> --
>> Manu Sporny - https://www.linkedin.com/in/manusporny/
>> Founder/CEO - Digital Bazaar, Inc.
>> https://www.digitalbazaar.com/
>>
>>