Re: speaks_for stuff in N3Logic from Jonathan Rees on 2009-12-21 (public-awwsw@w3.org from December 2009)

From: Jonathan Rees <jar@creativecommons.org>
Date: Mon, 21 Dec 2009 18:17:43 -0500
To: Dan Connolly <connolly@w3.org>
Cc: public-awwsw@w3.org
Message-ID: <760bcb2a0912211517h7768f464id785e4ba09e358c@mail.gmail.com>

I'd be careful about getting anywhere near security with this stuff,
since it's inherently authority-based and if the checks are done at
the wrong time it will suffer along the lines of Tyler Close's "ACLs
don't" paper. I don't think that's what you have in mind, but I'd say
this stuff is best marketed as empirical and inherently non-secure,
not prescriptive.

Jonathan

On Sun, Dec 20, 2009 at 8:15 PM, Dan Connolly <connolly@w3.org> wrote:
> I've been having lots of fun with this stuff; I'm pretty
> happy with the overall model; I've got reasonable prose
> around most of it, including three examples that have
> formal proofs to go along with them:
>
> A Model of Authority in the Web
> http://www.w3.org/2001/tag/dj9/story.html
> Revision: 1.21 Date: 2009/12/20 23:41:32
> Contents
>     1. Decision making in ABLP logic introduces ABLP logic using
>        ordinary decision making.
>     2. Speech acts in HTTP relates HTTP requests and replies to ABLP
>        speech acts.
>     3. the new constraint goes here social aspects of HTTP
>     4. Indirection needs Redirection logically supports intuitive
>        notions about redirection using the new contraint. TODO: discuss
>        InformationResource vs Principal.
>     5. in progress: Mashup Speech Acts - example XSRF case (done) -
>        same origin policy; scripts from fedex run on behalf of fedex
>        (TODO) - then look at ways to opt-out of SOP, i.e. CORS and UM
>        (TODO)
>     6. Appendixes
>              * TODO RDFS, pD*, and OWL2 stuff. raw form: owl2.n3
>              * ABLP axioms and utility theorems
>              * TODO Common sense about events. raw form: time.n3
>
> I know reviewers get used up after one thorough read;
> I've got more to write, but I hope it's mostly just adding new stuff
> and not changing what's there... so I'm willing to chance it now.
>
> I'm interested to talk about it in a teleconference.
>
> Jonathan says "We're on for the 22nd unless you hear otherwise."
>  -- http://lists.w3.org/Archives/Public/public-awwsw/2009Dec/0015.html
>
> Zakim data suggests the time will be 9am Boston time (8am where I am).
>
> How about putting this on the agenda? Are a few people willing to read
> it on Monday and discuss it on Tuesday?
>
> --
> Dan Connolly, W3C http://www.w3.org/People/Connolly/
> gpg D3C2 887B 0F92 6005 C541  0875 0F91 96DE 6E52 C29E
>
>
>

Received on Monday, 21 December 2009 23:18:16 UTC