[cap-talk] Webkeys vs. the web
Karp, Alan H
alan.karp at hp.com
Wed Apr 1 13:13:33 EDT 2009
Charles Landau wrote:
>
> Without inadvertently exposing them to the naive user, perhaps. But it
> should be possible with a little work for the user to get the actual
> text of a webkey, otherwise you are precluding the sort of mashups that
> were a major motivation for webkeys
> (http://waterken.sourceforge.net/web-key/).
I believe (without proof) that we can do everything that's needed without exposing the webkeys that appear on the page. Notice how carefully I worded that sentence. Delegation may require transfering a webkey to another module, but it can be a separately revocable webkey rather than the one that appears on the page.
SCoopFS hides all webkeys from the user except use-once webkeys used to create new Pals. Whether or not our approach is general is an open question.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list