Orie Steele

@agropper I think we will cover this on the next call, but I'm concerned that you think a user's ability to control of their data is a privacy concern, because...

There appears to be a fundamental misunderstanding with respect to encryption, user control over data, and authorization here. Encryption happens before authorization, because if you do it the other way...

# Hypothetical Interface for Layer A "Untrustworthy Byte Storage" ## Data Model ``` { id: string, block: Buffer } ``` ## Interface ### Write ``` let id = '123'; let...

@OR13 to open a PR that addresses this issue with spec text.

possible this was done, and the text was already added, and this comment was just left, please close if thats the case.... if its not, please review the use cases...

@csuwildcat to help define these intro paragraphs / structure. please coordinate.

Wondering if there is a way for us to design interfaces such that storage primitives are swappable.... I imagine that some solutions might apply to many layers, and that will...

specially JSON for each operation request and capability... for example: As a user I can request the ability to create a resource with GNAP. As a system I can grant...

I would prefer to see each resource type defined, and explicit operations for each resource type defined... for example: Vault - create / update / delete / query etc... I...

> One notion that complicates the above discussion is the intention to perform all encryption/decryption operations client-side (i.e. generation of the JWEs). This decision point makes it difficult to implement...