Fwd: VCs - zCaps / OCap a Discussion

Forgot to Reply All.

--------------
Alan Karp


---------- Forwarded message ---------
From: Alan Karp <alanhkarp@gmail.com>
Date: Mon, Dec 7, 2020 at 2:59 PM
Subject: Re: VCs - zCaps / OCap a Discussion
To: David Chadwick <D.W.Chadwick@kent.ac.uk>


David Chadwick <D.W.Chadwick@kent.ac.uk> wrote:

>
> On 07/12/2020 22:22, Alan Karp wrote:
> >
> >     As a boss, if I revoked an employee's permission I would want all
> >     instances of this to be revoked.
> >
> >
> > You need a different mechanism for that.  The solution is to give Bob
> > an ocap to use a Bob-agent, which holds all the ocaps that have been
> > delegated to Bob.  When Bob gets fired you revoke his Bob-agent ocap.
> > This solution also works in the case in which the boss gets fired.  If
> > you didn't do something like this, every delegation the boss made
> > would be revoked, and nobody would be able to get any work done.
> >
> We seem to be getting rather complex here. Does this mean that every
> user has two "selfs". His real self that is directly given ocaps, and an
> agent-self that is only given delegated ocaps?


This example shows that the answer depends on who is in charge.  In the
enterprise case, Bob, the person, doesn't have permissions to company
resources; only Bob, the employee, has those permissions.  The Bob-agent,
access to which is controlled by the company, is the way you represent that
fact.  In the personal space, Bob has permissions to his house, car, bank
account, etc., some of which were delegated to him personally.

--------------
Alan Karp

Received on Monday, 7 December 2020 23:14:14 UTC