[cap-talk] In Defense of Identities

[Marc Stiegler]

> Once we acknowledge that this is a discussion about relative costs, it
> may be the case that the technical deficiencies of identity-based
> authorization are real but irrelevant. The nuisance factor of ACLs may
> actually be at just about the right level.

Alas, nuisance factors prohibit the honorable people from getting their 
work done with far greater effectiveness than they prohibit true 
clandestine conspirators. The stories associated with HP's efforts to 
grant me edit authority on the folder on the app server so I could 
manage the Polaris deployment successfully demonstrate this.

The reason is simple: the honorable folks have a thousand low-value 
transactions to engage in, while the evil conspirators typically have a 
small number of high-value transactions to engage in. One does not 
engage in industrial espionage as casually as one tries to get one's 
work done. You can stop a lot of the low-value transactions without even 
imposing a speed bump on the high-value transactions. Of course, you can 
lose enormous amounts of value by preventing large numbers of low value 
transactions. Hey, that sounds like the way it really works today, 
doesn't it?

--amrcs