Christine Lemmer-Webber
Christine Lemmer-Webber
This does possibly add the additional cost of having to store revocations on part of a recipient. However since invocation handlers will presumably also need to keep track of nonces,...
So, why are the behaviors for these systems different? First let's look at what an ACL is vs an Object Capability: - **ACL:** *Authority by identity and association.* You can...
> One component of your argument is about the benefits of bearer credentials vs credentials that are tied to a specific holder. From a security perspective, the latter are preferred,...
Okay, regarding [this post](https://github.com/w3c-ccg/ld-ocap/issues/5#issuecomment-379825010): > Assume we have an authz token (it could be a VC or OCAP, the format is not important for now) that allows someone to drive...
On that note *there is no requirement that you be sold on ocap design*, and *we know that building ACLs is possible on top of Verifiable Credentials*. So if your...
BTW, some of this is documented in the ld-ocap spec itself. I'd encourage anyone considering commenting on this thread to read the following sections: [Linked Data Capabilities By Example](https://w3c-ccg.github.io/ld-ocap/#ocap-by-example), [Capabilities...
@MostAwesomeDude Thanks for the helpful post! I agree with what you said there in general and these are very helpful references. I think part of the confusion though is explaining...
Much more conversation was made [on this PR for Verifiable Credentials](https://github.com/w3c/vc-data-model/pull/169#discussion_r186232341). However, we are moving conversation back here again.
@dlongley I think you explained things perfectly. A few more points, or rather, summaries of previous points: - VCs provide a lot of wiggly room for interpretation (and reasoning!) about...
> I'm not sure that this is the right way to frame this particular item. Fair, what I meant to say was that DIDs are actively solving the indirection-for-key-rotation problem,...