Hey HN! I'm one of folks that helped launch this project.<p>You can go directly to the annotated paper here[0].
It's got all kinds of goodies like the ability to direct link from anywhere and generate OpenGraph previews (e.g. [1]).<p>Coolest of all, it's entirely open source[2] built on NextJS.<p>[0]: <a href="https://zanzibar.tech" rel="nofollow">https://zanzibar.tech</a><p>[1]: <a href="https://zanzibar.tech/2R50fs-R_n:1i:3u" rel="nofollow">https://zanzibar.tech/2R50fs-R_n:1i:3u</a><p>[2]: <a href="https://github.com/authzed/zanzibar-annotated" rel="nofollow">https://github.com/authzed/zanzibar-annotated</a>
Super interesting! It's interesting to think about what Zanzibar ultimately is: an efficient way to store and traverse graphs to determine an outcome, in this case typically authorization, but ever since I learned of this I keep seeing more and more problems that could be solved this way.<p>Also I can't decide whether this paper is more interesting or the tech they built to annotate it, I keep thinking of papers I'd want to do this with now.
I was just skimming over real quick but don’t have to either to read the whole thing. One thing that stood out, is a group can hold another group. So I guess if you had a role like tech support, web development, financial, etc you could make a CEO role that includes the permissions within those other roles? If I am reading that right, never thought about that though. Kinda neat as role reusability.
Your notes immediately crystalized some of the concepts I was still fuzzy on before reading. Awesome!<p><a href="https://github.com/authzed/zanzibar-annotated" rel="nofollow">https://github.com/authzed/zanzibar-annotated</a> is very slick too!<p>Is there any way to attribute an annotation to a set of authors (sans git history)?