[cap-talk] mailkey: Is this broken ?? Identity key access?
David Hopwood
david.hopwood at industrial-designers.co.uk
Mon Jun 4 21:18:29 EDT 2007
Karp, Alan H wrote:
> David Hopwood wrote:
>
>>This problem is easily solved: just consider instances of
>>applications to be principals, as well as users. Then a typical
>>delegation chain (e.g. appearing in a log) will look like
>>"Alice -> app1 -> Bob -> app2", where Alice used her "app1"
>>to delegate to Bob, and Bob used his "app2" to access the
>>delegated object.
>
> But Carol has to know about each such account before the application can
> use her objects.
Why? We must have a disconnect of assumptions here. I am assuming that
it is usually system-provided powerboxes that perform delegations between
principals. There is no logical requirement for the objects being delegated
to be aware of the protocol, let alone particular principals.
--
David Hopwood <david.hopwood at industrial-designers.co.uk>
More information about the cap-talk
mailing list