Thoughts on droplets -- clarification

Mark S. Miller markm@caplet.com
Tue, 02 Nov 1999 12:19:33 -0800


At 12:48 PM 11/2/99 , shapj@us.ibm.com wrote:
>This transformation is not described in your security page in the
>description of Droplets capabilities. If I was directed to and therefore
>read a page with incomplete information, my apologies, but there are 30
>things on my plate today and I don't have time to browse your website.
>While this is undoubtedly a failing on my part, you might wish to consider
>that other people you wish to influence will have the same problem.

I was proposing Pluribus's transformation simply to provide needed
specificity.  Rather than examine in detail what transformation Pluribus
provides, and whether it provides a security benefit, it's probably more
productive all around for you to describe more clearly the transformation
you are proposing, and (especially!) what additional security properties it
is supposed to provide.

I know you are busy, we all are.  But this issue is central and crucial to
understanding what kind of cryptographic capability system we should all be
building and using.  And thanks much (!!) for the time you have already put
into this matter.

>You may have an unrealized security if you indeed have an authenticated
>transforming interconversion.  Whether you *believe* that it enhances
>security is another discussion.
>
>Whether you have such transformations is not germaine to whether such
>transformations enhance security.

Agreed, let us avoid discussing whether I believe X.  Let us instead discuss
whether X is true.  How is such a transformation supposed to enhance security.
And it would be great if you could explain what you mean by partitioning.


Btw, congratulations on the slashdot announcement!!!  I think GPL is
probably a very good choice for EROS.  Feel free to send an announcement to
the e-lang list.


         Cheers,
         --MarkM