UCAN specification

[Alan Karp]

https://ucan-staging.pages.dev/specification/

I read through it this afternoon (skipping the policy language and crypto heavy sections).  I have some quibbles about the presentation, but the design looks solid from a capability perspective.  

The main thing I think is unnecessary is using DIDs.  They probably went that way because they use long-lived keys instead of a different key pair per certificate.

--------------
Alan Karp

[David Nicol]

after pondering the terminology -- one speaks of a "UCAN" as the authorization grant when the term is supposed to mean the network, or the protocol -- I'd like to propose UMAI -- User-Managed Authorization Instrument -- as the thing the holder presents to show authorization to access the resource. Instrument, like a driver's license is an instrument.

--
You received this message because you are subscribed to the Google Groups "cap-talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cap-talk+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/cap-talk/CANpA1Z3DZwFpMgPcWdAW3aKD%3DavFBUsTC26HpUNuUo8rZTQc8A%40mail.gmail.com.

--

Nothing but net

[Alan Karp]

It's been UCAN for a long time.  I doubt they'll agree to change the name.

--------------
Alan Karp

To view this discussion visit https://groups.google.com/d/msgid/cap-talk/CAFwScO8sN0ddBaRa94Czzx2OfppBsh7RhT__C2verbM4t1FCtA%40mail.gmail.com.