[cap-talk] KeyKOS, EROS, CapROS keyInfo/databyte (was: Re: EQ, MyCap? review)
Jonathan S. Shapiro
shap at eros-os.com
Tue Feb 12 20:59:08 EST 2008
On Tue, 2008-02-12 at 17:13 -0800, Jed Donnelley wrote:
> I think I get the idea. One thing that's curious to me is
> the 16/8 bit size of the keyInfo/databyte....
> How did you manage with such minimal information to
> distinguish sufficient keys/capabilities serviced by
> a "deputy"?
In my opinion, they didn't. Which is why a Coyotos endpoint has a 64-bit
endpoint ID that is delivered to invokee along with the entry cap's
protected payload.
Since the endpoint is individually severable, one common idiom is that
the endpoint ID identifies the object and the entry cap protected
payload conveys permission distinctions on that object.
shap
More information about the cap-talk
mailing list