[cap-talk] "ambient authority" on wiki.erights.org
Karp, Alan H
alan.karp at hp.com
Mon Jun 15 13:51:47 EDT 2009
Rob Meijer wrote:
>
> A Static authority (as in static authority carrying variables in OO)
> B Authority through ambient available proxies.
> C Authority through designating proxy permission to a proxy with
> ambient authority.
>
> These border cases are outside of the first concern of Dean & Marks
> findings, but are absolutely of the biggest importance when trying to
> arrive at a definition that can be used without high probability of
> misunderstanding. If I interpret ambient authority as I currently do to
> include A and B but not C, and Allan interprets it to not include A or B,
> but to include C, than we are very likely not to be able to come to a
> definition of ambient authority that we both agree on, even if we agree on
> what ambient authority means in the original settings for what it was
> first described as a concept.
Actually, I exclude all three. I would favor A, but the OO analogy implies that a permission is designated when used. The fact that any object can reference a static variable doesn't seem relevant. Without the analogy, you need to define "static authority." I exclude B and C because you don't need proxies to have ambient authorities. (Remember, a permission is an authority.)
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list