Open selfissued opened 2 weeks ago
msporny
commented
2 weeks ago The specification is agnostic to the capability scheme... could be Authorization Capabilities, could be UCAN, or something else. The spec shouldn't specify how capabilities are represented; it's intended to be a generic mechanism.
selfissued
commented
2 weeks ago The capability being generic doesn't relieve us of the responsibility to readers to say how to use it.
Even an example or two could help make this less opaque.
decentralgabe
commented
2 weeks ago I agree with an example or two to demonstrate usage of the property.
msporny
commented
2 weeks ago Just to be clear, you two are asking for an Authorization Capabilities (ZCAP) example and a UCAN example and won't object once we put those examples and references in the specification?
decentralgabe
commented
2 weeks ago @msporny I won't object as-is; however, I think for all the properties the spec enables, providing examples is useful. This is true for some other issues Mike opened too (there may be more):
selfissued
commented
2 weeks ago Building on my suggestion for #61, maybe say "The processing performed following delegation is application-specific."?
TallTed
commented
2 weeks ago I agree with an example or two to demonstrate usage of the property.
It must be made clear that such examples demonstrate that "uses include, but are not limited to..."
https://www.w3.org/TR/2024/WD-controller-document-20240817/#capability-delegation The description doesn't say how the capability being delegated is represented. For instance, how does a developer know to which HTTP API authority to access is being delegated?