[E-Lang] Java 2 "Security" (was: Re: Welcome Chris Skalkaand
ScottSmith of Johns Hopkins)
Sat, 20 Jan 2001 13:11:34 +0000
"Jonathan S. Shapiro" wrote:
> Ben Laurie wrote:
> > Furthermore, in a distributed capability
> > system, then capabilities are inherently forgeable, aren't they?
> This is what public key crypto/signature is for. It's one of the reasons
> that EROS capabilities at the OS level are intentionally not designed to
> be distributed without an additional layer.
I understand that, but the signature doesn't make them unforgeable - it
just reduces the risk of forgery. Of course, the fact that the private
key is also protected by a capability system is comforting :-)
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff