Announcing Droplets

Tyler Close
Mon, 27 Sep 1999 09:11:59 -0400

> I trust that the encoded 128 bit numbers are
> encoded on a per-client basis?

They are, but this is done to support garbage collection,
not for any security considerations. Perhaps you can clarify
the security issue that concerns you.

> It appears to me that these capabilities are not
> secure.  Any web walker can
> find them and subsequently use them.  They
> therefore appear to provide neither
> caller authentication nor access control.

I am not familiar with the term "web walker"; however, I
assume it is some slang for eavesdropping software. Since
the link between the server and the client machine is
encrypted using SSL, an eavesdropper would have to
compromise either the server or client machine in order to
"find" a cap. Droplets assumes that the server and client
machines have been properly secured. It is impossible to do
anything without making this assumption.

> Perhaps I have misunderstood.  If so, can you clarify?

I challenge your assertion that the caps can be found
(without grabbing your computer).

The caps are only meant to provide access control. I don't
believe caps are in general meant to provide authentication.
If you've got 'em, your allowed to use 'em. No
authentication required.