Explain motivation behind the "can_*" naming pattern for common actions

[randomstuff]

Common action names follow a can_* naming pattern. It is not clear, why this pattern is chosen. Why is it can_read and not `read?

All the examples in the repository follow this pattern. Are custom actions expected to follow this pattern as well?

Having plain actions names seems better to me as an implementation could directly map authzen action names to OAuth scope.

[independentid]

Following on this thread and Issue #123, I think actions should be defined only as case-insensitive strings. Applications and PDPs use a wide variety of ways to express actions (example: URNs). The PDP/PEP interaction should be agnostic to the value of the action. IMO, the use of can may be common but it also seems stylistic more than useful.

For example: GCP Bind uses forms like roles/iap.httpsResourceAccessor, Cedar uses PhotoApp::Action::"viewPhoto".

I think standardizing formats for subject, actions, and resources would have to come in another specification because it requires the PDP and PEP to agree on a common application information model.