[cap-talk] Second ABAC Google talk is now up

[David Hopwood]

Sandro Magi wrote:
> I think the discussion of the academic history in the literature
> detracted a bit from the distinction you were trying to draw between
> permission and authority. I think the point is better made by focusing
> on the concrete examples you provided in the talk, ie. setting up a web
> server to circumvent permission limitations, and then abstracting it to
> the reference graph.
> 
> The web server example might be a bit of a stretch for some people, but
> there are workable alternatives, such as the unix 'write' command, if
> there are objections.
> 
> I think that the academic history should be a side note, more like a "so
> why hasn't anybody done this before? They have!"

I agree completely. It is much more important to discuss why capability
security is a better solution now, than the historical reasons why it has
not been popular. The latter discussion is likely to become more interesting
to people once you already have them 'hooked' on the benefits of capabilities.

-- 
David Hopwood <david.nospam.hopwood at blueyonder.co.uk>