[cap-talk] Re: OS security discussion, restricted access
processes, etc. - DCCS
jed at nersc.gov
Thu Apr 29 19:28:49 EDT 2004
At 02:30 PM 4/29/2004, Mark S. Miller wrote:
>At 01:43 PM 4/29/2004 Thursday, Jed Donnelley wrote:
> >I'm particularly curious to know about any 'modern' implementations of
> mechanisms to share descriptor or data based capabilities across a
> network - e.g. to compare them with earlier concepts and to see how they
> compare. Might anybody have any pointers? Might there be any sort of
> index of such concepts and/or implementations?
>There's a bare start at:
Thanks! I'd like to inject a question (discussion?) about something said
in the above with regard to the "password-capability system".
Namely, "Cryptographic capability protocols, by themselves, can never be
more than password capability systems".
If the above statement is true then it would seem I've been fooling myself
by considering some of the protocols in:
that was the primary reason for publishing that paper. With a scheme along
these lines, while it is still true that it depends on the inability to
guess a string of bits, at least it is set up so that the string of bits
belonging to one process (person) is invalid for use by another process
(person). A transformation is required to prepare the bits for
communicating to another domain. Is that notion included in the "Password
Capability Model"? It doesn't seem to me to suit the term.
That's a good one that I haven't read yet. Seemed to show up about the
time I returned from Germany. I find it curious that they didn't pick up
the reference to the above Managing Domains paper since they both seem to
focus on the same topic. Still, I'll have to look in more detail to find
out. Perhaps a comparison would be worthwhile.
>And, of course, CapTP at
>and the Web Calculus at
More information about the cap-talk