[cap-talk] Zooko/yurl terminology
James A. Donald
jamesd at echeque.com
Fri Aug 15 21:58:07 CDT 2008
James A. Donald:
>> We don't seem to have a name for a user interface based on Zooko's
>> triangle, a user interface that that minimizes user exposure to possibly
>> incomprehensible globally unique identifiers by use of globally non
>> unique nicknames and locally unique petnames- the triangle is a
>> statement of the problem, rather than the name of the solution to the
>> problem. Perhaps simply call it a user interface based on Zooko's
>> triangle? Or use "Zooko's triangle" to refer both to the problem and
>> the solution?
Mark Miller wrote:
> I agree that we need a name for this concept. I would start with the
> concepts of trusted path and the Y property, but I haven't come up
> with anything yet. Ideas?
First let us make sure we mean the same thing by trusted path and the Y
property.
To me, trusted path means that you login by the chrome, rather than an
unauthenticated web page, and you click on a bookmark, not a link in an
unauthenticated email.
The Y property is that a nickname an authenticated communication is
securely connected to a particular entity - that when Ann tells Bob
about Joe, Bob can then contact the particular Joe that Ann is talking
about, and not be bamboozled into contacting some other Joe.
So if one has trusted path with Y property, one starts with a bookmark
that has security properties that get you authenticated information from
Ann, which is a secure path to Ann. Ann refers to Joe, and now one has
a secure path to that particular Joe.
More information about the cap-talk
mailing list