[cap-talk] SAML assertions as capabilities vs. ocaps
Jed Donnelley
jed at nersc.gov
Thu Apr 24 17:52:36 CDT 2008
On 4/24/2008 10:06 AM, Kevin Reid wrote:
...
> "chain" represents the chain of delegation in pet-name style (Alice
> says "I am delegating to they who I call Bob"); Horton-style Whos and
> boxes should be used instead to correspond to certificate signatures.
...
I wonder if the above might be where I'm getting
confused. Are you (AlanK) looking for policy hooks
more general (different) than 'identities' on which
to base "attenuations" of delegations without prior
planning? In that case something different than
Horton would be called for.
--Jed http://www.webstart.com/jed/
More information about the cap-talk
mailing list