[e-lang] A broken brand?

Mark Miller erights at gmail.com
Thu Mar 13 21:06:01 EDT 2008


On Thu, Mar 13, 2008 at 2:56 PM, Toby Murray
<toby.murray at comlab.ox.ac.uk> wrote:
>  I fear that without one, object-cap engineering cannot be taken
>  seriously. My understanding is that work in crypto protocols really
>  blossomed once formal statements of their security properties were able
>  to be written and their (abstract) implementations verified against
>  these properties (under standard e.g. Dolev-Yao assumptions about the
>  abilities of an attacker). It would be nice to be able to do likewise to
>  object-cap patterns.

We can rephrase the problem, the various solution (both correct and
incorrect), and the attack in crypto protocol terms. Does this lead to
any insight about how one might specify the properties that a crypto
protocol must have to correctly solve this problem?


-- 
Text by me above is hereby placed in the public domain

 Cheers,
 --MarkM


More information about the e-lang mailing list