[E-Lang] Hash Chaining & Capabilities, Proposal #2d: Deputizing
Tue, 02 Jan 2001 17:10:43 +0000
"Karp, Alan" wrote:
> A bearer certificate has two properties. Anyone holding it can use it, and
> the system has no way of tracking who might be holding it. E-espeak Beta
> 2.2 keys had the first property, but not the second; e-speak Beta 3.0 SPKI
> capabilities have the second property but not the first.
> By the way, I don't think the issue of unforgeable certificates is tracking
> who has the certificate;
That's not what I'm saying - I'm saying you have to either track them or
make them unforgeable.
> it's one of keeping the certificate safe. One way
> is crypto, but another is keeping the certificate in the TCB of the resource
> it controls and only giving out a handle to it.
Then the handle has to either be unforgeable, or trackable, surely?
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff