[cap-talk] Concrete comparable use cases
Mark Miller
erights at gmail.com
Tue Mar 18 23:57:04 EDT 2008
On Tue, Mar 18, 2008 at 6:31 PM, Pierre THIERRY
<nowhere.man at levallois.eu.org> wrote:
> For example, to the best of my knowledge, no mainstream ACL system has
> to deal with chains of delegation. [...]
Hi Pierre, I think these are excellent points, and I agree. SPKI does
handle delegation chains. It does by means that lie somewhere between
the ACL and ocap paradigms.
> Has there been any published comparisons of the merits of ACL and cap
> systems in the context of identical use cases, or assessments of the
> costs and gains of use cases of cap systems that are impossible in ACL
> systems?
Not that I'm aware of.
> I have that idea of a paper where an ocap web system would be
> implemented along with a similar ACL one (in terms of features and
> security). Then you show how to add extensions to the system. And then
> you show what code is needed to make changes in the security policy.
I you can find comparisons that ring true to both sides -- such that
neither feels the deck was stacked -- that would make for a wonderful
paper. Please try!
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list