[cap-talk] How desirable / feasible is a persistent OCAP language?
Bill Frantz
frantz at pwpconsult.com
Mon Jul 28 16:32:30 CDT 2008
erights at gmail.com (Mark Miller) on Monday, July 28, 2008 wrote:
>On Sun, Jul 27, 2008 at 7:09 PM, Bill Frantz <frantz at pwpconsult.com> wrote:
>
>>
>> Alan Karp was discussing last Friday the point that the most
>> important thing that needs to be persisted in a capability system
>> is changes in the long-term capability relationships, and that
>> these changes can conceptionally be persisted by rewriting the ACLs
>> for the capabilities active entities receive when they authenticate
>> themselves to the system.
>>
>
>Except that the holder of a cap to resource R generally doesn't have
>permission to add itself to R's ACL.
I believe that is exactly the change Alan was thinking about.
However, I should not try to speak for Alan.
I will say for myself that the changing access relations of a
capability system are an important part of the things that should
be persistable.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz |"We used to quip that "password" is the most common
408-356-8506 | password. Now it's 'password1.' Who said users haven't
www.periwinkle.com | learned anything about security?" -- Bruce Schneier
More information about the cap-talk
mailing list