2026 (past) | W3C CCG - Upcoming Meeting

This talk argues that many identity and access management (IAM) failures come from starting with the wrong use cases and ignoring the hazards that emerge as systems grow more complex. Drawing on three decades of experience—from early large‑scale access control deployments to work with the US Navy and modern systems like AWS Cedar and Solid—it shows how designs focused on simple ACL-style scenarios bake in vulnerabilities, complexity, and usability problems.

Using a progression of concrete use cases, the talk surfaces hazards such as excess authority, weak delegation, missing responsibility tracking, awkward conditional policies, and transitive access issues, then demonstrates how authorization‑centric models and capability-style approaches address them more naturally than traditional authentication‑centric IAM. Attendees will leave with a sharper vocabulary for IAM “use case hazards” and a set of design principles for building systems that handle delegation, composition, and accountability without bolting on fixes after the fact.

Meeting Link: https://meet.google.com/dzc-yjfq-tyf

W3C CCG - First Person AI Agents and the First Person Network Cooperative

Past
Confirmed

Drummond Reed presenting First Person AI Agents and the First Person Network Cooperative

Meeting Link: https://meet.google.com/dzc-yjfq-tyf

Standards & groups

Get involved

Resources

News & events

Support us

About

W3C CCG - Upcoming Meeting - 2026 (past)

W3C CCG - Upcoming Meeting

W3C CCG - NANDA: The Internet of AI Agents

W3C CCG - DIDs and VCs in Music Rights Management

W3C CCG - did:webvh and DID Attested Resources

W3C CCG - Threat Modeling Credentials With LINDDUN

W3C CCG - Client-side Biometric Authentication and Identity Verification

W3C CCG - Use Cases for Access Management

W3C CCG - First Person AI Agents and the First Person Network Cooperative

W3C CCG - New Year Kick-Off

W3C CCG - Upcoming Meeting