[cap-talk] Lost objects and accounts
Jed at Webstart
donnelley1 at webstart.com
Fri Dec 9 18:53:26 EST 2005
At 03:36 PM 12/9/2005, Karp, Alan H wrote:
>Jed wrote:
>...
> > Of course the need is for objects to be found in practice.
> > This is why
> > I argue we need to tie things back to an "account" which is tied to
> > a person (no quotes needed ;-).
>
>That's exactly what a protection domain did. I put "person" in quotes
>because a protection domain could be for a service that had several
>people who could connect to its protection domain.
I get it.
>We had an API for
>walking the PD to get a list of all the capabilities reachable from it.
>That's what you're asking for, right?
Exactly.
>...
> (snip)
> >
> > Is there any alternative to something like the above? Isn't it clear
> > that the client who is paying (one way or another) needs to be in
> > control of the resources that are "charged" to his account?
>
>That's basically the way we did it.
It sounds like we came to the same place in widely different eras.
I hope that suggests something to others working on these Network
"Secret URL"s or "Secure Bookmark"s or whatever they end up
being called.
I don't yet see anything like the above ("walk" the account to
get the list of capabilities) in the WideWord or YURL services.
I don't see how any sort of "production" service can survive without
such a facility.
--Jed http://www.webstart.com/jed/
More information about the cap-talk
mailing list