3 Parts of Security

[Mark S. Miller]

I have just posted at http://www.erights.org/elib/capability/3parts.html an 
excellent essay by Bill Frantz, which originally appeared on the SPKI list 
and has since been reposted by Jonathan on one of the EROS lists, where I 
saw it.  With Bill's permission, I've now published it as a web page.  (The 
title is also mine, but Bill, feel free to tell me to change it.)  

This is perhaps the clearest statement I've seen about the dangers of 
implicitly confusing a person with the programs that supposedly execute on 
their behalf -- the implicit assumption behind "Principle"-based 
architectures.  Also relevant is 
http://www.mediacity.com/~norm/CapTheory/Principal.html by Norm.

     Enjoy,
     --MarkM