Very interesting @happybeing. I’ve come upon a couple pro’s and con’s earlier today:
Pros:
- Efficiency of processing
- Manageability at (web-)scale and in trustless environments
- Possibility for very fine-grained authz
Cons:
- Accountability
- Revocation is harder
I also read something about best-of-both-worlds solutions being possible, but I don’t have any info on that. And in Capability Myths Demolished there is this comparison table:
