[cap-talk] SPAM-LOW: Re: Capabilities - the rub, an account
Jed at Webstart
donnelley1 at webstart.com
Sun Nov 26 15:14:52 CST 2006
At 07:53 AM 11/25/2006, Rob J Meijer wrote:
>The important issue here is I believe is getting the issue of
>accountability solidly anchored in the user his/her brain.
Hmmm. I think I can agree at least to the point of making
person to person delegation explicit.
>If the user
>passes an unproxied/unbound version of its own capability, any incident
>with the given capability will lay full acountability with that user, even
>if the delegation itself would have been according to policy.
>Independent if the user wants to pass a revocable capability, I believe
>the user wants or should want to pass a capability that implicitly
>records (either in a proxy or by using SPKI style cap as data) the
>action of delegation for accountability purposes in case of
>incidents. I am under the impression that the issues of proportional
>and directed incident response are under adressed in cap lit, but
>recording of delegation trough proxied/bound delegation seems a
>relatively simple measure that seems to allow for it in a very solid
>If you can get the issue of accountability and incident response
>into the users way of thinking (what should not be that hard an
>abstraction to get used to), you could be reasonably sure that the user
>"will not" pass rights unexplicitly.
Hmmm. I'm not sure how much it has to get integrated into
the user's way of thinking as into the implementation for delegation
at the level of people (processes?). If I want to give you one of my
permissions I can do so. I just think we should make the simplest
and easiest (most readily available) mechanism that I have of doing
so one that tracks my delegation. As Alan says:
At 08:01 PM 11/25/2006, Karp, Alan H wrote:
>Hence, any mechanism should
>allow users to be Oblivious of the rules. Of course, the bottom line is
>Compliance with policy. Voluntary Oblivious Compliance.
I do believe there's a win-win situation in here. I hope we can find a way
to make it more common. I believe that doing so at the network level
(e.g with CapWiki or wideword or similar) is likely to be the most effective
More information about the cap-talk