[cap-talk] Loss of control (was: Re: A paper on web-keys)
Karp, Alan H
alan.karp at hp.com
Fri Feb 1 11:29:40 EST 2008
Jed wrote:
>
> I believe that if we can supply a solution with
> capabilities on the Internet that comes with a
> solution to the "loss of control" concern
> (has auditing, logging, and access control
> management with flexible access control policy),
> then I think we have a chance to sell such
> an implementation, resulting in POLA for
> at least the Web. I believe such an application
> can be a path breaker.
>
The waterken server currently does SSL with server-side authentication. Adding client-side authentication might give enough additional information to implement the kind of controls the ACL folks think they want.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list