[cap-talk] solve CSRF by making references unforgeable, not unshareable
david.hopwood at industrial-designers.co.uk
Wed Mar 25 19:21:23 EDT 2009
lists at notatla.org.uk wrote:
> David-Sarah Hopwood wrote:
>> References are made unforgeable by making valid representations
>> of them either opaque or sparse (unguessable). Representations
>> of SQL queries cannot be made opaque nor sparse.
> Can things be opaque or sparse but not both? What would be examples?
A reference in most capability programming languages is opaque, but
its representation as an address is not sparse.
A cryptographic capability representation or a swiss number is sparse
but not opaque.
There is not much reason to make a capability representation both
opaque and sparse: it would be redundant. However, there is nothing
to prevent it.
David-Sarah Hopwood ⚥
More information about the cap-talk