Overview of difference between trust levels for different classes of products

[elf-pavlik]

Example list of various existing classes of products:

https://elf-pavlik.github.io/solid-efforts/#/?tab=products

• OIDC Provider and SAI Authorization Agent have a critical level of trust since they allow complete impersonation
• Solid Storage needs to be trusted with all the data hosted in that particular storage; users can have multiple storage depending on how critical they see specific data.
• Applications are the broadest and least trusted parties. They need to request authorization from the user and be restricted to acting only within the bounds set during the authorization step.

This is very rough and only acts as a starter for this conversation.