[cap-talk] Don't understand capabilities
Sandro Magi
naasking at higherlogics.com
Tue Oct 31 18:25:32 CST 2006
I think we're on the same page here more or less. Just a clarification
below...
Marcus Brinkmann wrote:
> I was thinking of EROS brands, which uses capabilities (that do not
> actually implement any operations) as unique unforgeable identifiers.
>
Right, so you don't have any authority on the object itself, just the
ability to hold the brand. Perhaps the implementation retains a
reference to the object, but that's just an implementation detail.
> If you want to introduce another concept like GUID, I think you should
> describe how it can be fitted into a capability system so I can try to
> understand it.
>
Sorry, I should have been clear. I was using the notion of brand as
implemented in the web-calculus. The same sort of implementation that
most capability-as-data implementations would use I imagine.
> Maybe both are approximately at the same level of abstraction.
> Consider doors with locks and keys: That's the capability model.
> Consider doors with names on them, and a magic force that stops people
> who are not on the name list from entering (that magic force is of
> course social norms).
>
I usually use security guards guarding entry as the real-world access
control analogy to ACLs.
Sandro
More information about the cap-talk
mailing list