Determine grammar for non-specific capability invoker

[chunningham]

ZCAP-LD delegation specificies an invoker field for indicating which verification methods a capable of invoking a capability:

invoker, which links to one or more instances of cryptographic material (such as public keys) being granted authority to use this capability

where the field is additive to the set of invokers from the parent documents:

New keys MAY be granted authority to use this capability through the associated invoker property.

with an empty field indicating that only the existing invokers can invoke it:

Why don't all child capabilities require a invoker property? The reason is that it is perfectly reasonable for an entity which has authority to a capability to give an attenuated capability to itself to be used in a specific context.

Some use cases benefit from the set of invokers being unbounded, such that an invocation by any party which satisfies the caveats is valid. This behaviour is not specified in the ZCAP-LD spec.

[bumblefudge]

hey @chunningham was this closed by #189 or do we have more grammar to determine? Have you raised an issue in the ZCAP-LD spec repo for good measure/trollpoints?

[clehner]

Unbounded invoker set meaning any holder of the capability can invoke it; like a bearer credential.