Re: [MINUTES] CCG Atlantic Weekly 2026-01-27 from Will Abramson on 2026-02-03 (public-credentials@w3.org from February 2026)

From: Will Abramson <will@legreq.com>
Date: Tue, 3 Feb 2026 18:18:22 +0000
To: Alan Karp <alanhkarp@gmail.com>
Cc: meetings@w3c-ccg.org, public-credentials@w3.org
Message-ID: <CAPJWd2Qy7PTGod531wygfp1_3QZG1Ok2QDRTJdm7pk1AFF-48Q@mail.gmail.com>

Hi everyone,

Thanks again for your presentation Alan!

Here are Alan's slides from last weeks presentation.

Apologies for the delay,
Will

On Wed, Jan 28, 2026 at 12:16 AM Alan Karp <alanhkarp@gmail.com> wrote:

> That's a pretty good summary, but it contains an important mistake.
>
> It says,
>
>    - *Confused Deputy Vulnerability:* A widespread issue where a service
>    incorrectly uses another party's permissions.
>
> that's backwards.  The definition should be
>
>    - *Confused Deputy Vulnerability:* A widespread issue where a service
>    incorrectly uses its own permissions on a resource designated by somebody
>    else.
>
>
> --------------
> Alan Karp
>
>>

Attachments

application/pdf attachment: CCG-UseCase-presentation.pdf

Received on Tuesday, 3 February 2026 18:18:42 UTC