[E-Lang] Java 2 "Security" (was: Re: Welcome ChrisSkalkaandScottSmith of Johns Hopkins)

Ben Laurie ben@algroup.co.uk
Sun, 21 Jan 2001 12:40:37 +0000


Chris Hibbert wrote:
> 
> Ben Laurie wrote:
> > You misunderstand me. I agree that if B makes copies of capabilities,
> > that is not forgery. My point was that someone who has stolen B's keys
> > is _also_ in a position to make copies, and it is that that I am
> > referring to as forgery.
> 
> In this case, the someone already has B's keys, and has no need to make
> an unauthorized copy.  In fact, in the capability world, by having
> possession of the keys, he does have authority to make the copies.
> Stealing and forgery are different things, and the case you've described
> is one of theft.

Fair enough. Nevertheless, this is something you can't defend against in
a distributed capability system, which was my point. IIRC.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff