[cap-talk] CapDesk demo, capability demos in general
Karp, Alan H
alan.karp at hp.com
Mon Oct 8 11:19:12 EDT 2007
Shap wrote:
>
> This is part of why I believe that network permissions should only be
> useful within a context imposed by an authenticated session.
>
Identity sharing is a reality. Ignore that fact at your peril.
Nevertheless, I agree when it comes to handing out capabilities. Things
aren't so clear when it comes to using them. E doesn't require an
authenticated channel to use a capbility. Client Utility did, but only
so we could limit the number of connections we had to deal with. We
weren't so foolish as to think we were gaining any additional access
control.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list