[cap-talk] password capabilities & object capability model?
zooko
zooko at zooko.com
Tue Aug 19 17:46:06 CDT 2008
I recently submitted the final version of this paper on Tahoe LAFS:
http://allmydata.org/~zooko/lafs.pdf
In an earlier draft, I had this text:
"""
Tahoe uses the \textit{capability access control model}
\cite{DvH:caps} to manage access to files and directories. In Tahoe,
a capability is a short string of bits which uniquely identifies one
file or directory. Knowledge of that identifier is necessary and
sufficient to gain access to the object that it identifies. The
strings must be short enough to be convenient to store and transmit,
but must are long enough that they are unguessable (this requires them
to be at least 96 bits).
Such an access scheme is known as ``capabilities as keys'' or
``cryptographic capabilities'' \cite{miller:demolished}. (This is in
contrast to a related scheme, ``object capabilities''
\cite{RobustComposition}.) This approach allows fine-grained and
dynamic sharing of files or directories.
"""
For the final version I had to squeeze the text, so I removed the
parenthetical mention of object capabilities.
By the way, I am very excited about this publication. It's one of my
first ever "real" scientific publications. Please read it and tell me
what you think.
Regards,
Zooko
http://allmydata.org -- Tahoe, the Least-Authority Filesystem
http://allmydata.com -- back up all your files for $5/month
More information about the cap-talk
mailing list