- From: 陳信屹 <tyson@slashlife.ai>
- Date: Wed, 4 Feb 2026 13:05:01 +0800
- To: Will Abramson <will@legreq.com>
- Cc: Alan Karp <alanhkarp@gmail.com>, meetings@w3c-ccg.org, public-credentials@w3.org
Thanks Alan! Thank you for sending Alan's slides. I found the presentation to be amazing and incredibly helpful for understanding the arguments for capabilities. I've been thinking about this in the context of the Agent Ontology use cases we are currently working on (https://github.com/s-agent-comm/usecases). I think it would be a better approach to re-organize these cases to be more engineering-friendly and practical for implementation. Will Abramson <will@legreq.com> 於 2026年2月4日週三 上午2:20寫道: > > Hi everyone, > > Thanks again for your presentation Alan! > > Here are Alan's slides from last weeks presentation. > > Apologies for the delay, > Will > > On Wed, Jan 28, 2026 at 12:16 AM Alan Karp <alanhkarp@gmail.com> wrote: >> >> That's a pretty good summary, but it contains an important mistake. >> >> It says, >> >> Confused Deputy Vulnerability: A widespread issue where a service incorrectly uses another party's permissions. >> >> that's backwards. The definition should be >> >> Confused Deputy Vulnerability: A widespread issue where a service incorrectly uses its own permissions on a resource designated by somebody else. >> >> >> -------------- >> Alan Karp
Received on Wednesday, 4 February 2026 05:05:16 UTC