[cap-talk] Limiting case considered (was: Re: Selling capabilities programming)
Karp, Alan H
alan.karp at hp.com
Mon Jul 16 12:04:12 EDT 2007
Jed wrote:
>
> Hmmm. I don't understand the above "negative permission". Do you
> think it's relevant to this considered "limiting case" - i.e.
> the case where all communication of permissions is done via
> proxying?
>
How does the proxy know whether or not to block a particular request?
There must be something about the requester that makes an otherwise
legitimate right invalid. In Client Utility, we used the same kind of
capability that enabled some rights to make others invalid. Hence, the
term negative capability. An alternative would be to use a caretaker
with an administrator having the revoke privilege. I would not call
that a negative capability, but the effect is the same.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list