[cap-talk] Capabilities for immutable data

Bill Frantz frantz at pwpconsult.com
Wed Apr 6 14:14:41 PDT 2011 

On 4/6/11 at 10:22, alan.karp at hp.com (Karp, Alan H) wrote:

>MarkM taught me long ago that I can better understand such 
>diverse systems as DvH-style clists and SAML assertions used as 
>capabilities by modeling their operations as object 
>capabilities.  In that model, a capability is an unforgeable 
>reference to an object O that grants permission to invoke all 
>of O's methods with any parameters that conform to O's 
>interface.  Attenuation is done by creating a new object, a 
>facet F, having an interface with only the desired subset O's 
>methods.  (In practice, F usually holds a reference to O and 
>forwards requests to O.)

At the risk of further discussion between David and Sandro that 
I don't quite comprehend, I will mention the kind of object that 
changes its interface with time. My favorite example is the 
KeyKOS Factory 
<http://www.cis.upenn.edu/~KeyKOS/agorics/KeyKos/Gnosis/68.html>. 
The first phase of its existence can be called the 
"construction" phase. The set of available methods are those 
used for construction. (The capability can be considered to be 
the construction facit.) During this phase, components are added 
which define the product of the factory. However, the methods 
which actually construct the product are not yet available. When 
the "Complete Factory" call is issued, the facit which can build 
the product is created and returned. After that call, the 
factory will not accept construction calls which increase the 
number of "holes" (loosely, outgoing channels that the factory 
mechanism does not trust).

My own view of a capability invocation is a bit like jumping 
through a gate in Philip Jose Farmer's "World of Tiers" series. 
What is on the other side may radically change with time or 
experience. It may become much more powerful using the things 
that you bring to it. It may be totally alien to your why of thinking.

Cheers - Bill

-----------------------------------------------------------------------
Bill Frantz        | OAuth -  It's the best that  | Periwinkle
(408)356-8506      | the wrong way of doing things| 16345 
Englewood Ave
www.pwpconsult.com | can provide. - Mike Stay     | Los Gatos, 
CA 95032

More information about the cap-talk mailing list