[cap-talk] NDAs
Toby Murray
toby.murray at comlab.ox.ac.uk
Wed Jun 10 04:49:05 EDT 2009
On Tue, 2009-06-09 at 23:36 +0000, Karp, Alan H wrote:
> Toby Murray wrote:
> >
> > Even if Bob delegates the resume capability r that is created afresh
> > each time NDA invokes Bob, he still cannot pass on the general right to
> > reply to NDAs invocations of him. Hence, he must actively collaborate
> > each time he wishes to share his authority to invoke Carol. Hence, I
> > argue that this authority is not delegatable.
> >
> I believe you mean to say that "this permission is not delegatable." Bob can still provide the authority to whomever he pleases.
No I meant authority, since Bob has no permission to invoke Carol.
The actual authority that Bob cannot delegate is not "the authority to
invoke Carol" since he can clearly delegate this by passing on the
resume capability each time he is invoked by NDA. The authority that Bob
cannot delegate, however is "the authority to invoke Carol without Bob
being able to intercede". This is subtle and may have no practical use
at all, but the distinction is real.
More information about the cap-talk
mailing list