I was aware that the KeyKOS answer was "no". The question concerned
rationale: is there a good synopsis of *why* this answer should be no?
>Consider now two capabilities naming the same object with distinct
>interfaces (e.g. a client capability and an administrator capability for
>the same object). Are there negative security implications to being able
>to ask the object-EQ question (i.e. do these two capabilities name the
same
>object, irrespective of what authority they convey)?
[#] The KeyKOS answer is no. Separate authorities are represented by different keys. If indeed the two keys are to the same underlying implementation, the EQ operation will still show them as "not equal". In KeyKOS, the data byte of the key was most often used to represent different authorities to the same domain.