[cap-talk] What are caps good for? "Encapsulation"? POLA vs. confinement - long, but with some meat

Jed Donnelley jed at nersc.gov
Fri May 14 17:03:06 EDT 2004

At 01:09 PM 5/14/2004, Karp, Alan wrote:
>Jed Donnelley wrote:
> >
> > Just to try to further clarify this example (whose relevance
> > seems a bit limited to me),
> > will this rights amplification succeed or fail if Alice and
> > Bob both proxy their capabilities to Carol
> > (rather than transfer them directly in apparent violation of
> > the delegation
> > restriction)?
>It will fail even if they both proxy since no single request can carry 
>both capabilities.

In that case apparently it would fail even if both capabilities were
passed directly also?  I'm still trying to tease out any relevance
to the "don't share" (delegate, whatever, any effort to restrict the
right to share any received capability over any open communication
channel).  Sorry for laboring such a seemingly minor point.

>Alan Karp

--Jed http://www.nersc.gov/~jed/ 

