Re: Credentials Task Force proposal from Tony Arcieri on 2015-11-07 (public-webpayments-ig@w3.org from November 2015)

From: Tony Arcieri <bascule@gmail.com>
Date: Fri, 6 Nov 2015 17:12:50 -0800
To: Dave Longley <dlongley@digitalbazaar.com>
Cc: "public-webpayments-ig@w3.org" <public-webpayments-ig@w3.org>
Message-ID: <CAHOTMVLw0DfjKPWTD8Pc4_RTvpv62azmC6aRt3suG3ipyYkuUw@mail.gmail.com>

On Friday, November 6, 2015, Dave Longley <dlongley@digitalbazaar.com>
wrote:
>
> Right. Macaroons are about authentication as "bearer credentials"
> typically are.

Macaroons are a nuanced idea. They can act as bearer credentials but also
support confinement via contextual caveats.

> I meant credentials that refer to identification, which I
> believe to be the primary focus of the work the task force is exploring.

Again, Macaroons are a nuanced idea. The features of third party caveats
and discharge macaroons are applicable to privacy-preserving identity
providers.

> We could use these credentials in conjunction with macaroon caveats
> (which seems to be one of the primary use cases for caveats). In other
> words, these technologies can complement each other (which is what I
> believe you were alluding to, so we're in agreement).

I would argue the same problems can be solved by Macaroons alone, but it
seems this WG is looking more for a meta-standard than a one-size-fits-all
solution to bless.

-- 
Tony Arcieri

Received on Saturday, 7 November 2015 01:13:20 UTC