[cap-talk] Capability accounting - meta
Jed at Webstart
donnelley1 at webstart.com
Tue Jun 27 14:21:19 EDT 2006
At 10:51 PM 6/26/2006, Ian G wrote:
>Jed at Webstart wrote:
> > To my thinking there has been a significant divergence from the
> > original topic of "Capability accounting" as I try to address by
> > responding to Sandro's message below:
>At a higher level, Capability accounting can still
>be best viewed as a money and trade issue. The
>concepts of retail trade and payments for goods
>have a lot to offer here - so much so that I don't
>see why Capability accounting is any different from
>accounting for any other similar resource - e.g.,
>your supercomputing CPU resource.
Except for the technical aspect of using a communicable
authority token (a capability) to communicate permission
to access an "account". Doing so inevitably brings up
the issue (problem) that whenever such a capability
is sent in a message, it gives the receiver the permission
to use the account to "charge" resources to (e.g. our
CPU usage example). This brings up the issues of trust
with regard to such account usage. Namely, it suggests
that there should be some means (POLA) to reduce the
authority of any such communicated account permission
(account capability) so that it can only be used for suitable
(POLA) permission - e.g. only for a certain amount of money,
certain amount of draw, different data in the accounting records,
etc. In traditional timesharing systems users aren't typically
given the opportunity to allow other users to charge to their
accounts (except by themselves using resources, essentially
The above issue was really my whole reason for bringing up
the topic. I had no intent to bring up, as you say:
>Yes. This is a problem with money, it's a "whole
>other world." :)
which I've been peripherally aware of, but not intimately involved
with to the point of trying to make any contributions. If the two
are necessarily tied together, then on we go. However, that doesn't
seem to be the case to me, so perhaps Norm's fork is the right way
to pursue any further interest along those lines.
> > I believe the existence of systems like PayPal argue that an IT
> > "account" model can work in the general Internet world. The relevant
> > question for me is whether any sort of "capability" mechanism (with a
> > communicable authority token for an account) makes sense, adds
> value, can work.
>Do you mean - capabilities used to deliver / build money?
I think the answer is "yes". I understood you to suggest
that an accounting system with ready exchange mechanisms
(e.g. to other account systems, to real money) is itself a
money delivery system. Since a capability "account"
can certainly be used in such a way and used to set
up exchange mechanisms, it seems to me the answer is
>If that, I would have to say yes, because it
>is (I think) what I do. I use capabilities or
>capability-like constructs as the base concept
>for a money and assets system.
>(As a sort of funny aside, the reason for joining
>this group was to find out if that was a true
Interesting. I assume you concluded that it is?
>Or, do you mean, money used to deliver capabilities?
More information about the cap-talk