[cap-talk] Non-safety vs. permission propagation
Karp, Alan H
alan.karp at hp.com
Sat Aug 25 00:01:48 EDT 2007
Toby Murray wrote:
> Right. But as has been shown here, one can implement VOC on
> top of a cap
> system. From memory MarcS has a "Non-Transferable Claim
> Check" in E that
> does exactly this sort of thing somewhere in Walnut.
>
Sorry for the late reply. I set the note aside expecting MarkM to jump
in and then lost track of it.
E can implement only a part of VOC via the Loan Officer protocol. (You
can borrow this money if you can prove you don't need it.) In E that
translates to passing a capability as an argument only if the receiving
object alread has that capability. VOC should also be able to prevent
the receiver from ever getting the right.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list