File tree 1 file changed +12
-8
lines changed 1 file changed +12
-8
lines changed Original file line number Diff line number Diff line change @@ -2047,14 +2047,18 @@ <h2>Disputes</h2>
20472047 < h2 > Authorization</ h2 >
20482048
20492049 < p >
2050- It is arguable that < a > verifiable credentials</ a > or
2051- < a > verifiable presentations</ a > should be used as authorization mechanisms
2052- that a < a > holder</ a > could use to access various
2053- systems. This specification does not contemplate such a usage of verifiable
2054- credentials and MUST NOT be considered an authorization framework on its own.
2055- The Working Group did consider authorization use cases
2056- during the creation of this specification and is pursuing that work as an
2057- architectural layer that is built on top of this specification.
2050+ < a > Verifiable credentials</ a > are intended as a means of reliably identifying
2051+ subjects. Whilst it is recognized that Role Based Access Controls (RBAC) and
2052+ Attribute Based Access Controls (ABAC) rely on this identification as a means
2053+ of authorizing subjects to access resources, this specification
2054+ MUST NOT be used for authorization purposes without an accompanying
2055+ authorization framework.
2056+ </ p >
2057+
2058+ < p >
2059+ The Working Group did consider authorization use cases during the creation of
2060+ this specification and is pursuing that work as an architectural layer that is
2061+ built on top of this specification.
20582062 </ p >
20592063
20602064 </ section >
You can’t perform that action at this time.
0 commit comments