[cap-talk] Collaboration opportunity

[Dirk Pranke]

On Fri, Jun 10, 2011 at 1:57 PM, David Barbour <dmbarbour at gmail.com> wrote:
>
>
> On Fri, Jun 10, 2011 at 12:10 PM, Ben Laurie <benl at google.com> wrote:
>>
>> there must surely be a moment at which I prove to my device
>>
>> that I am me and not some imposter, at which point my big
>>
>> bag o' capabilities becomes available to me?
>>
>> Is this not 'login'?
>
> Hmmm... would you say we 'login' to our smart card when we provide our PIN?

Yes.

> or would you say that we use a smartcard to 'login' to some other system?

Also yes.

I think of "login" as a form of privilege escalation and state transition.

> Anyhow, I wouldn't object to using a smartcard or the like as an external
> memory device to mitigate my puny human brain.
> But neither the smartcard itself nor whatever PIN or biometric data it uses,
> should need to provide any 'new' authority... i.e. if I could remember the
> capabilities, I should be able to use them independently of the smart card.
> In this sense, I'm just protecting my external memory. If I had a chip in my
> head, I maybe could use that instead.

I disagree with this. It can definitely make sense to think of a smart
card as granting (or unlocking) additional authority, just as it can
make sense to want to revoke particular smart cards.

> Rob Meijer wrote:
>>
>> IMO identity (and thus login) is still pretty useful for auditing
>> purposes.
>> Wouldn't it be great that if you lend your car (key) to your friend for a
>> day and at the end of the day would be able to ask your friend why he
>> found it proper to lend your car keys to his brother for an hour.
>
> That seems rather hand-wavy to me. If we want responsibility, we should more
> formally model it.

What about that is hand-wavy to you? It seemed pretty clear to me from
a requirements point of view.

-- Dirk

>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>
>