Tue, 23 Nov 1999 18:14:38 -0800
Chip Morningstar, <firstname.lastname@example.org>, writes:
> I think you have a point here, whether or not that it was the point
> that Ralph intended. What you describe is indeed a valid and useful
> distinction and it does make me realize another implicit, and very
> important, assumption that I (and, I suspect, many of us besides me,
> but I'll let others speak for themselves on this) had been making which
> warrants declaration. That assumption is that the world the Net is taking
> is to is a world in which the "legal" sense of a right, as you describe
> it, no longer has an enforceable hold on things and so we are forced to
> make do with technology. What we are trying to do is make it possible
> for all of the evolved mechanisms of commerce and contract to continue
> to be useful levers for productive cooperation in the world, in spite of
> the disintermediating effects of technology on the world's legal systems.
Yes, that makes sense, but perhaps "legal" wasn't quite the right word
for what I was trying to describe. "Legitimate" might better capture the
idea that a "right" is an access which the system is supposed to allow.
I meant to distinguish between the intended, designed and planned-for
behavior of the system, and its actual behavior. Accesses which are in
accordance with the security design are "rights". Accesses in general,
even those which violate the security design, are "abilities" or "powers".
A system with broken security gives people the power to do things that
they don't have the right to do.
Now, of course from the point of view of the attacker, his accesses are
intended, designed and planned-for, and from his perspective perhaps they
could be said to be rights. But it is still useful to look at things from
the position of the system designer and his hoped-for security properties.