[cap-talk] Non-safety vs. permission propagation
Karp, Alan H
alan.karp at hp.com
Sat Aug 25 00:01:48 EDT 2007
Toby Murray wrote:
> Right. But as has been shown here, one can implement VOC on
> top of a cap
> system. From memory MarcS has a "Non-Transferable Claim
> Check" in E that
> does exactly this sort of thing somewhere in Walnut.
Sorry for the late reply. I set the note aside expecting MarkM to jump
in and then lost track of it.
E can implement only a part of VOC via the Loan Officer protocol. (You
can borrow this money if you can prove you don't need it.) In E that
translates to passing a capability as an argument only if the receiving
object alread has that capability. VOC should also be able to prevent
the receiver from ever getting the right.
Virus Safe Computing Initiative
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
More information about the cap-talk