Comments on FC00 paper

Marc Stiegler marcs@skyhunter.com
Tue, 2 Nov 1999 10:43:05 -0700


I see your issue. Bummer--it was upon reading the read/write authority
explanation that I instantly knew how to implement sealers and unsealers
trivially in E. Always before, I'd look at them, and say to myself, "I'm
sure there's a trivial implementation of these things, but I'd have to think
about it" and let it go. I am amused that this defective explanation led me
to a level of illumination that the "correct" explanations had failed to
achieve :-)

--marcs

----- Original Message -----
From: Mark S. Miller <markm@caplet.com>
To: Marc Stiegler <marcs@skyhunter.com>; <hal@finney.org>
Cc: E Language Discussions <e-lang@eros-os.org>
Sent: Monday, November 01, 1999 5:55 PM
Subject: Re: Comments on FC00 paper


> At 03:31 PM 11/1/99 , Marc Stiegler wrote:
> >...the thing used as a public key is really a write
> >authority, ...
> >For me personally, talking about it as write-authority ... is
> >much clearer than talking about it as a public-key-encryption analogy.
...
>
> I believe there's a fatal problem with this approach.  The seal operation
> doesn't *write* anything -- it is completely side effect free.  As is the
> unseal operation.  The seal operation *creates* something that only the
> unseal operation (with the corresponding unsealer) can read.  So what did
> my previous message mean about an encryption key being "write authority on
> a virtual communication channel"?  Creating sealed envelopes and tossing
> them into a broadcast medium is effectively writing the communications
> channel represented by the unsealer's ability to unseal, since the traffic
> is opaque to everyone else.  The only object we can be said to be
> "writing", this virtual communications channel, is not reified as an
> object.  I think it would be disastrous to lead with this explanatory
> direction.
>
> Btw, two other explanations of logically equivalent sealer/unsealer
notions
> are available electronically:
>
> Dean's ftp://www.agorics.com/pub1/agorics/postscript/MANUAL.B17.ps.Z
>
> and Rees's http://www.mumble.net/jar/pubs/secureos2.html
>
> Perhaps we can borrow some of their explanation?
>
>
>          Cheers,
>          --MarkM
>