[cap-talk] origin of the power box

Kenton Varda temporal at gmail.com
Mon Oct 9 20:01:25 CDT 2006

On a tangent:  Are power boxes necessary?  It seems to me that if the UI
provides the ability to drag-and-drop capabilities, there's no need for the
power box pattern.  Programs can simply present dialog boxes asking the user
to drag such and such capability into them.

It seems like with the power box approach, you would need some sort of
namespace for your capabilities in order to allow programs to request them.
Then, you'd need (dun dun duuuuun) access control lists to decide what
capabilities in this namespace the program is allowed to access.  I like the
drag-and-drop approach since it totally bypasses these needs and is
user-friendly to boot.

As usual I am not well-versed on the literature, so if stuff has been
written on this topic, please point me to it.


On 10/9/06, Marc Stiegler <marcs at skyhunter.com> wrote:
> It's been a long time since I read Ping's paper, but I do not remember
> this paper mentioning a powerbox. I just did a quick search for
> "powerbox", "ping", and "interaction design", and the top hit is mark
> seaborn, not ping's paper :-)
> Ping may have described an object that would correctly be described as a
> powerbox, but I am quite confident that the first use of the term, and
> the first detailed characterization of the powerbox pattern, appear in
> the DarpaBrowser technical report, issued in June 2002:
> http://www.combex.com/papers/darpa-report/html/index.html
> So it is even more puzzling, what they did before then. Presumably they
> had powerboxes, they just didn't know it. This would make the history of
> the powerbox similar to the history of petnames: over and over again we
> can see very-nearly-complete petname systems (buddy lists for IM, the
> newest cell phones that ask to add a contact to the address list when
> you hang up from talking to a phone number the phone has not seen
> before, the pgp web of trust), reinvented each time by folks who do not
> realize that what they are invented has been done before, in a context
> just barely different enough to hide the relationship.
> Also, powerboxes become important to characterize only when one gets
> fierce about highly dynamic grants and revocations. The desktop is a
> place where this dynamism is acute, and without a solution to the
> dynamism there is no pola on the desktop. Server-side systems, while
> they benefit from dynamic pola, can stumble along quite well without it.
> Most of the work on capabilities prior to ping's and our work was
> server-side, so the powerbox was neither as important nor as visible
> earlier.
> --marcs
> Neal H. Walfield wrote:
> > What is the origin of the power box idea?  Mark Seaborn states on
> > http://plash.beasts.org/ that
> >
> >   The powerbox concept appears to have first been proposed by Ka-Ping
> >   Yee and Miriam Walker in Interaction Design for End User Security
> >   (December 2000).
> >
> > I find it amazing that this idea was suggested so recently.  How did
> > earlier capability systems handle run-time access delegation?
> >
> > Thanks,
> > Neal
> > _______________________________________________
> > cap-talk mailing list
> > cap-talk at mail.eros-os.org
> > http://www.eros-os.org/mailman/listinfo/cap-talk
> >
> >
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20061009/aa652c2c/attachment.html 

More information about the cap-talk mailing list