[cap-talk] Scope/span of capability systems

Jed Donnelley capability at webstart.com
Fri Mar 6 02:29:13 EST 2009

At 09:48 AM 3/5/2009, Karp, Alan H wrote:
>Marcus Brinkmann wrote:
> >
> > In a world where we can't even agree on compatible data formats, 
> I see little
> > chance to agree on compatible capability interfaces, which have 
> potentially a
> > much higher degree of complexity.
> >
>Data format compatibility is the dirty little secret of the Services 
>Oriented Architecture and the major barrier to achieving its full 
>potential.  On the other hand, there are a number of widely accepted 
>standards for capability formats, including SPKI, Kerberos, and 
>SAML.  Agreeing on which one to use is a far simpler problem that 
>solving the data compatibility problem.

Amen to that!  Thanks for that incisive comment.  Compared to the 
general problem of compatible data formats, agreeing on a format for 
something as simple as a capability seems trivial.  There is so 
little semantics to a capability.  To me it seems to be essentially 
just a pointer to a server (something like a network address) and a 
block of un interpreted data for the server.  Compared to the issues 
concerning compatible formats for data with unbounded semantic 
content, this seems a simple problem.  No wonder that something as 
simple as a YURL/Web Key can do the job.

--Jed  http://www.webstart.com/jed-signature.html 

More information about the cap-talk mailing list