my OCAP proposal does not have “no one knows about this endpoint” as the security model. capability URIs are opaque tokens, which could expire, etc.
Yes and I am sorry for implying that. I don’t want to spread FUD about your proposal, it wasn’t my intention to have that comment refer to your OCAP proposal, kaniini.
My original comment was intended for fr33domlover’s proposed OCAP implementation where simply invoking a generated URI is proof of possession of the token.