[E-Lang] Java 2 "Security" (was: Re: Welcome Chris Skalkaand ScottSmith of Johns Hopkins)

Ben Laurie ben@algroup.co.uk
Sat, 20 Jan 2001 13:11:34 +0000


"Jonathan S. Shapiro" wrote:
> 
> Ben Laurie wrote:
> > Furthermore, in a distributed capability
> > system, then capabilities are inherently forgeable, aren't they?
> 
> This is what public key crypto/signature is for. It's one of the reasons
> that EROS capabilities at the OS level are intentionally not designed to
> be distributed without an additional layer.

I understand that, but the signature doesn't make them unforgeable - it
just reduces the risk of forgery. Of course, the fact that the private
key is also protected by a capability system is comforting :-)

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff