[e-lang] web services constraints and capabilities workshop

Tyler Close list at waterken.net
Fri Jul 16 11:38:51 EDT 2004

David Hopwood wrote:
> bry at xdocs.dk wrote:
>> not sure if everyone here has seen this:
>> http://xml.coverpages.org/ni2004-07-01-a.html
> Doesn't sound as if they mean "capabilities" in the security sense, but we
> don't need to let that stop us.
>> might be nice to get some E or mozart papers there, especially as it 
>> would give
>> me ammo for arguing with all the soap-heads around here. ;)
> A position paper about the Web Calculus would be a Good Thing (Tyler?) --

If I were to write a paper for this workshop, it would probably be about 
how capability-based security can be used to implement authorization 
without any changes to the application interaction patterns or data 
formats. For example, today's WWW browsers are fully functional clients 
of a web-calculus application.

Since the application interaction patterns don't change, there's no need 
for a framework to describe the changes, or which changes are being used 
by a particular service. The whole quagmire can be deftly avoided.

Unfortunately, I doubt the sponsors or participants of this workshop 
would be receptive to this message. The host organization has gone to a 
lot of effort to create security extensions and would probably not be 
thrilled by the message that this work is more problem than solution.

The workshop is being held at a very convenient location for me, so I 
could make an attempt of some kind. Any thoughts on what we might hope 
to achieve and how best to accomplish it?


The web-calculus is the union of REST and capability-based security.

More information about the e-lang mailing list