[cap-talk] What Horton cannot do? (Was: mailkey: transfer of accountability...)

[James A. Donald]

James A. Donald:
>> Now if Alice and Bob both have private keys, whose
>> corresponding public keys are recognized by the entity
>> that issues capabilities to activate the fire alarm,
>> which is necessary if Alice is to pass the capability
>> through the Horton mechanism, then we could just as
>> easily pass the capability directly, not through the
>> horton mechanism, and require the use of the capability
>> to be signed by a private key.

Karp, Alan H wrote:
> I latched onto the phrase "whose corresponding public keys are
> recognized by the entity ..."
 > What if that entity never heard of Bob's
> public key? 

Depends on circumstances, and the problem to be solved.  Under most 
circumstances, the entity would merely log it, on the assumption that if 
a problem arose, that information would be of value to Alice.

The thing is, you are asking questions that involve the larger world, 
things that depend on the real world problem to be solved.

Horton does not attempt to address any specific real world problems.  If 
we had a specific real world problem, we would have a specific answer, 
and be able to compare the specific answer for that real world problem, 
with Horton's specific answer for that real world problem.

> Lacking any further information about Bob, the entity will hold Alice
> responsible for actions taken by Bob.  More precisely, the entity will
> hold Alice responsible for actions taken by the holder of Bob's private
> key.  That leads to a situation in which your approach reduces to bearer
> rights. 

But Alice has control of whether it reduces to bearer rights, or not, 
and responsibility for it doing so, as she should.  If the situation is 
such that bearer rights are generally deprecated, then Alice will 
attempt to ensure it does not reduce to bearer rights, and if it does, 
Alice will be deprecated.  If the situation is such that bearer rights 
are reasonable, then fine.  Alice can make the call.