[Cap-Talk] Is there a capability RFC?

David L. Nicol david@kasey.umkc.edu
Mon, 09 Jul 2001 20:55:16 -0500 

Reading the open issues of 

http://www.normos.org/ietf/draft/draft-ietf-calsch-inetcal-guide-00.txt

(section 5.1 and 5.2)

and the bits about Security, which seem "tacked on," it occurs to me
that a Standard Capability Protocol (capabilities are 1024 bits long,
they include time-stamps and encooded origin info in a standard way,
etcetera) would be a very good thing, if it doesn't exist already,
and it would allow interoperability in much more interesting ways
that the complex mutual trust relationships that the state-of-the
art seems to require.


For instance, the "ability to flood a calendar system with bogus
requests" could be greatly mitigated by use of capabilities in the
basic archtecture.  If every event is persistently tagged with the
capability under which it was posted, removing (and submitting for
re-moderation) all events posted under a compromised capability becomes
trivial.

Using capabilities, all the iTIP (rfc 2446) activities could be safely
delegated.  In fact, anything restricted to any RFC-defined entity
could be safely delegated.

For now, rfc 2445 does define X-* extensions, reserved for experimentation,
so a suite of calendaring products that went ahead and implemented some
kind of X-CAPABILITY field that could cause a CS to eliminate or skip over 
certain administrative checks could exist,  but compliant release, in
light of

     ; Reservered for experimental use. Not intended for use in
     ; released products.

would require CAPABILITY to be promoted to a listed element of something.
Perhaps CAPABILITY would be best inserted as part of MIME rather than
this particular MIME-encapsualted application?


And there remains the big-picture problem of where are all the laid-off
personal secretaries supposed to do once it becomes possible to give
someone a capability code and have a reasonable expectation of
the recipient being able to leverage it into a meeting appointment
with no further human interaction?





-- 
                                           David Nicol 816.235.1187
      Series EE bonds can be exchanged for Series HH savings bonds.