[cap-talk] On revocation and the use of wrappers and In Defense of Identities

Jed at Webstart donnelley1 at webstart.com
Wed Dec 6 15:18:47 CST 2006 

At 08:32 AM 12/6/2006, Jonathan S. Shapiro wrote:
>On Wed, 2006-12-06 at 02:24 -0800, Mark Miller wrote:
> > On 12/5/06, Jed at Webstart <donnelley1 at webstart.com> wrote:
> > >  I believe MarkM and I (I mention MarkM for credit and not for
> > >  blame) have a solution for both Neal's concerns and for Jonathan's -
> > >  though I despair of communicating this solution via email without
> > >  a considerable additional amount of flap.  We discussed this topic
> > >  extensively at HP last Friday.  Let me see if I can cut through some
> > >  of the flap...:
> >
> > Hi Jed. I just read it carefully, and I think it's an excellent
> > summary of what this protocol accomplishes. Thanks!
> >
> > My apologies to the list for not yet having the protocol in a coherent
> > form that can be posted. I hope to do so soon.
>
>I will respond to Jed's note separately. I just want to observe that
>protocols which are satisfactory for language-based solutions sometimes
>are not satisfactory for OS-based solutions, because there is a relative
>factor of ~1000 in the round-trip overhead per interaction.

I agree.

>When you describe the protocol, please be careful to identify the number
>of round trips, and also which environment you think it works for.

They should be obvious, but we'll see.  Just because we have one implementation
that works at the language level doesn't mean that we can't have other
implementations of the same semantics and even with the same API
at other levels - e.g. at the network level.  Even in the HP discussion
there was quite a bit of talk regarding cryptographic implementations
(key pairs for identity, cryptographic operations for delegation) as a
'natural' network level approach.  I hope to find a means of implementing
this semantics at the network level with cryptographic operations, and
even without requiring any interaction with the server for delegation
with responsibility tracking (though I admit that is asking a lot) -
Alan's point.  Somebody want to make a name for themselves?  Have at it.
You might consider:

http://www.webstart.com/jed/papers/Managing-Domains/#s13

, which is along those lines (but without identity tracking) and I think
is worth understanding, and see if that sort of technique can be extended
to include identity tracking.  Perhaps as we better understand MarkM's
E design we'll find some mappings that seem to work better at the network
level.

--Jed http://www.webstart.com/jed/

More information about the cap-talk mailing list