[E-Lang] Hash Chaining & Capabilities, Proposal #2d: Deputizi ng Remote Vats

Karp, Alan alan_karp@hp.com
Tue, 2 Jan 2001 08:38:13 -0800

A bearer certificate, as I understand your meaning, is a bag of bits that
can be passed by any means, including leaving a printed version on the bus.
I couldn't leave an e-speak key on the bus because it has no meaning out of
band.  I could take an explicit action to make the name available to someone
else, but that's not the same thing.  The e-speak key is like a bearer
certificate only in the sense that its user's identity is not a part of
allowing its use.  E-speak 3.0 capability certificates are issued to a
specific public key and do not have this property.

Alan Karp
Principal Scientist
Decision Technology Department
Hewlett-Packard Laboratories MS 1U-2
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-6278

> -----Original Message-----
> From: Ben Laurie [mailto:ben@algroup.co.uk]
> Sent: Saturday, December 30, 2000 3:47 AM
> To: Karp, Alan
> Cc: 'Mark S. Miller'; Bill Frantz; E Language Discussions; Nikita
> Borisov; Adrian Perrig; Dawn Song; David Wagner
> Subject: Re: [E-Lang] Hash Chaining & Capabilities, Proposal #2d:
> Deputizing Remote Vats
> "Karp, Alan" wrote:
> > 
> > You didn't miss anything.  I didn't say that e-speak keys are bearer
> > certificates, just that anyone who could name one could use it.
> You said: 'I would imagine that the term "bearer certificate" implies
> that the answer is no, since a bearer certificate I leave on 
> the bus can
> be used by whomever finds it.  That is exactly what we had 
> with e-speak
> Beta 2.2 keys; having a name bound to one gave you all the permissions
> it unlocked.  However, we didn't need any secret to go along 
> with it, so
> it's not exactly what you're talking about.'
> So now I'm _really_ confused.
> Cheers,
> Ben.
> --
> http://www.apache-ssl.org/ben.html
> "There is no limit to what a man can do or how far he can go if he
> doesn't mind who gets the credit." - Robert Woodruff