Christine Lemmer-Webber
Christine Lemmer-Webber
> I think there is general agreement that embedding and linking to a very specific key is the best. The downsides are, of course, that you can't rotate the key......
> I just want to clarify. You say "to exchange that key." I am proposing getting a new capability issued to the new key, not exchanging it. Yes that was...
So there's another reason to consider favoring granting to keys + re-issuing ocap over granting to entities + rotating keys linked to entities, which was discussed on the cap-talk thread,...
This is a good point, though I am not sure if it is worth changing in the sense that it may make following the examples significantly harder, and understandability is...
@David-Chadwick The original sentence I had before Manu made edits about it discussed the differences between the ocap perspective and identity-based perspectives: > "ocap is authority by posession, as opposed...
> A bearer verifiable credential is exactly the same thing. I will note that bearer instruments are useful, and oauth 2.0 bearer tokens are very similar to object capabilities. However,...
This issue is about *clear explanation* about what we mean by ocap. Let's move conversation about ocap vs ACLs to #6 (as well as whether ld-ocap on top of VCs...
Yes, @elf-pavlik has it right. (This comes from ActivityStreams rather than ActivityPub itself.) BTW, very happy to hear about this! Getting the REST'y people and the Linked Data people to...
Hi! I'm glad zcap(-ld) has had real world implementation experience! I might be making some gradual changes as I read through this if I have time (ha ha I don't)...
Fixed, I hope! (Edit: fixed up one more time.) BTW, [expanded (slightly) more in this message on a cap-talk thread](https://groups.google.com/d/msg/cap-talk/xWv2-J62g-I/pRUUoIEVAgAJ).