[E-Lang] Java 2 "Security" (was: Re: Welcome Chris Skalkaand
ScottSmith of Johns Hopkins)
Ben Laurie
ben@algroup.co.uk
Sat, 20 Jan 2001 13:11:34 +0000
"Jonathan S. Shapiro" wrote:
>
> Ben Laurie wrote:
> > Furthermore, in a distributed capability
> > system, then capabilities are inherently forgeable, aren't they?
>
> This is what public key crypto/signature is for. It's one of the reasons
> that EROS capabilities at the OS level are intentionally not designed to
> be distributed without an additional layer.
I understand that, but the signature doesn't make them unforgeable - it
just reduces the risk of forgery. Of course, the fact that the private
key is also protected by a capability system is comforting :-)
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff