[cap-talk] Microsoft [correction]
David-Sarah Hopwood
david-sarah at jacaranda.org
Sun Sep 27 20:48:32 PDT 2009
David-Sarah Hopwood wrote:
> Incidentally, when browsing through Abadi's papers at
> <http://users.soe.ucsc.edu/~abadi/allpapers.html#jsds>, I came across
> this one:
>
> Authentication in the Taos Operating System
> [with Edward Wobber, Michael Burrows, and Butler Lampson]
> ^^^^^^^^^^^^^
> ACM Transactions on Computer Systems 12, 1 (February 1994), 3-32.
> Also appeared as SRC Research Report 117.
> <http://users.soe.ucsc.edu/~abadi/Papers/AuthPaper-TOCS.ps>
>
> Notice in section 3.1 (Authenticating messages):
>
> PROCEDURE Receive(): (Prin, Msg);
>
> Yep, that's right: two of the authors previously designed a system
> that solved this problem the straightforward way.
I should have read a little further: the authors first describe the
straightforward and correct solution (even to the extent of requiring
the sender to explicitly present its authorization to act as that
principal), and then proceed to throw away the good design and replace
it with a bad one that is more similar to Singularity. So perhaps this
particular example does not support the contention that it is Microsoft
that warps one's brain.
--
David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
More information about the cap-talk
mailing list