Henry Story
Henry Story
Actually I do show [issue 176: Only Trust Certain issuers of Identity](https://github.com/solid/authorization-panel/issues/176) of the Authorization panel how one could express an Access Control Rule that allowed only credentials from certain...
Thanks for your input @zenomt. To take your points one by one. 1. can you explain why it violates the Principle of Least Privilege giving your definition of it and...
@zenomt wrote: > today's Solid access control model is entirely based on identity (specifically webid), not on verifiable attributes, claims, or non-webid credentials. the examples you give (such as "anyone...
I agree that the wording of the principle can be improved. @acoburn wrote > The problem with that principle is that it assumes that the trust relationship between Client and...
Perhaps we can think of the symmetry as follows. If a user of an App is one who does have access to a resource R, then that user should be...
It seems that a logical consequence of the design proposed for giving access to a protected Group [described above](https://github.com/solid/authorization-panel/issues/73#issuecomment-671367420) would be that when adding people to a protected group, one...
I suppose this issue should be tied together with the issue [Consider the advantages of wACLs being readable by apps](https://github.com/solid/web-access-control-spec/issues/75), as both answers are needed to help both reduce credential...
@zenomt wrote in response to @bblfish's setence: >> If the user has many ids, as most of us already have (I have Twitter, Github, Facebook and Google Ids to mention...
I think it may be worth looking into whether one cannot just extend the current wACL by enlarging the classes of agents as related by the `wac:agentClass` to groups of...
That is an interesting point. I think the following strategies can be used: 1. Bob can create a resource on Alice's server stating that he supports Alice. There would need...