#social 2021-01-20

2021-01-20 UTC
tenma_, someonewithpc, includeals, sl007, paul, includeals_ and someonewithpc_ joined the channel
# 13:01 
fr33domlover o/I have an OCAP question: If Alice grants Bob access to some shared resource R, and all 3 of them are on different servers, where should the capability URI that Bob receives be hosted? On Alice's server (where she forever controls Bob's access and can make the capability URI go 404 or whatever she likes) or on the server where resource R is hosted (so that once Alice granted the OCAP, she has
# 13:01 
fr33domlover no more control of it than anyone else with access to R)?
# 13:02 
fr33domlover cwebber2`, ^ :P
# 13:07 
fr33domlover I guess in ZCAP-LD, resource R sent Alice in advance a Delegation giving her access, and she's now delegating some access to Bob, so she'll be hosting the Delegation object, having control of it. But whatever happens, if Bob sends R that delegation, R can verify the signature chain. Unless... unless Alice shuts down her server and her public keys are gone and now Bob has no access to R...?
paul and sl007 joined the channel
# 15:56 
cwebber2` fr33domlover: the shared resource on R's authority always extends from the object on R.  Thus there are really two reasonable choices
# 15:57 
cwebber2` host it on A, or host it on R.  a reasonable choice is, host it on A initially, but permit "shortening" where it can be stored more directly (and with the chain shortened) on R
dmitriz, raucao, tantek and hellekin joined the channel
# 18:29 
fr33domlover Thanks cwebber2`! Hmm does it make sense for @id URI of the AP activity that grants access to be used as the capability URI? The only downside I can think of is that even if the capability is revoked, the activity may still exist since it's in people's inboxes/outbox etc. and doesn't necessarily get deleted / 404. But either way, HTTP GETing the capability URI is not a reliable way to check
# 18:29 
fr33domlover whether it's still active, so, perhaps there's nothing to lose
# 19:05 
cwebber2` fr33domlover: that makes a lot of sense if taking the zcap-ld approach on top of AP I think? (not where my head has been atm though, working on different layers right now)
# 19:05 
cwebber2` would love to talk more but have a deadline by Friday... if you do a mockup or writeup maybe I can read it tho
# 19:05 
cwebber2` but not until after Friday at soonest ;)
dmitriz, erincandescent, paul and timbl joined the channel