[cap-talk] Last Call for ref_send API 1.0
Tyler Close
tyler.close at gmail.com
Mon Apr 9 15:39:07 CDT 2007
On 4/5/07, Dean Tribble <tribble at e-dean.com> wrote:
> BTW A general point: since the security review write-up is in progress, you
> might consider waiting until the write-up is complete before publishing.
> There's alsways a few things that won't get articulated until the document
> is in writing that you may want to address.
I'll probably wait until after the review write-up to release the full
Waterken Server, but I don't see a compelling reason to wait on the
ref_send library. We didn't find any bugs in the code that forms the
ref_send library, so I suspect most of the write-up will be about the
bugs we did find in the other parts of the server.
In general, waiting for something else to happen is also a poor
strategy for making progress. The ref_send library is useful
independent of the Waterken Server, so I think pushing it to
completion is both possible and important. Having a platform that
people can use to produce deployable applications in the
object-capability model is crucial to adoption of the model.
Tyler
--
The web-calculus is the union of REST and capability-based security:
http://www.waterken.com/dev/Web/
Name your trusted sites to distinguish them from phishing sites.
https://addons.mozilla.org/firefox/957/
More information about the cap-talk
mailing list