On Wed, Apr 7, 2021 at 10:55 AM Alan Karp <alanhkarp@gmail.com> wrote: > I believe that any system that can handle the example in > https://www.hpl.hp.com/techreports/2008/HPL-2008-204R1.pdf is general > enough. (It won Best Paper at ARES 2010, so you don't think I'm blowing > smoke.) > > In that scenario, Alice wishes to use Bob's backup service, which relies > on Carol's copy service. We show that authentication-based schemes can > lead to bad results. For example, Alice specifies a file she is not > allowed to read, and Bob specifies a file he does not have permission to > write. Nevertheless, Carol reads the input and writes it to the > output, potentially destroying one of her files. These problems cannot > arise with capabilities. > I’d love to see just that narrow scenario, as a series of narrated slides saved as a video. I really don’t like the car keys example, and this one is practical example of the problem with an example of failure & an example of success leveraging ocap. — Christopher Allen [via iPhone] >Received on Wednesday, 7 April 2021 18:03:30 UTC
This archive was generated by hypermail 2.4.0 : Wednesday, 7 April 2021 18:03:31 UTC