[cap-talk] Selling capabilities programming
James A. Donald
jamesd at echeque.com
Sat Jul 21 21:31:21 EDT 2007
David Hopwood wrote:
> If valid capabilities-as-data could be embedded in a
> library image or in data that it uses,
Straw man attack.
Capabilities as data are cryptographic secrets,
therefore normally transient, and transience was an
inherent part of my original description of capabilities
as data.
Durable secrets are well known to be a problem - though
in many situations, such as logon, a problem that may
well prove unavoidable - passpet in a sense works by a
collection of durable shared secrets.
More information about the cap-talk
mailing list