[cap-talk] Capabilities giving up control?

[Jed Donnelley]

At 08:51 AM 1/18/2008, David Hopwood wrote:
>Jed Donnelley wrote:
>[...]
> > I really think the sense in which we have been using
> > "authority" on this list (sorry MarkM) is an entirely
> > different concept.  Namely the closure of what sort
> > of access can be obtained by using all available
> > permissions.  Sadly, I don't think this fits very
> > well with the human social notion of "authorize",
> > e.g. (from:
> > http://www.thefreedictionary.com/authorize ):
>
>Please let's not redefine terms in mid-argument. MarkM's choice
>of "authority" to mean the transitive closure of available
>permissions will do fine for the time being; it's concise, useful,
>and no less well-chosen than many other technical terms.

That's fine.  I wasn't really trying to redefine it.  I
was just pointing out that this usage is in conflict with
typical human social usage as in the way people refer to
a driver's license as 'authorizing' driving on the roads
or a passport as authorizing entry into a country. I
think this results in some of the confusion that has come
up during this discussion.

The sort of "permission" and "authority" that we are talking
about with computer systems relates only to 'access control'.
That is to a program's (even a person's) ability to execute
an action and effect outside change, regardless of whether
or not they are "authorized" to do so in the human social
sense.  Of course we hope that we are able to arrange our
computer systems so that what people and programs have access
to do is at most a subset of what the government feels they
are "authorized" to do.

Sadly, I think this is a rather fine enough point that it
doesn't surprise me that it can cause confusion.  I haven't
thought about it to anything like this extent before, so
I'm writing these words both to clarify my own thinking and
to hear the thoughts of others.

--Jed  http://www.webstart.com/jed-signature.html