Christopher Allen <ChristopherA@lifewithalacrity.com> wrote: > > I’d love to see just that narrow scenario, as a series of narrated slides > saved as a video. I really don’t like the car keys example, and this one is > practical example of the problem with an example of failure & an example of > success leveraging ocap. > I have a slide deck. Now all I have to do is find it. -------------- Alan Karp On Wed, Apr 7, 2021 at 11:03 AM Christopher Allen < ChristopherA@lifewithalacrity.com> wrote: > On Wed, Apr 7, 2021 at 10:55 AM Alan Karp <alanhkarp@gmail.com> wrote: > >> I believe that any system that can handle the example in >> https://www.hpl.hp.com/techreports/2008/HPL-2008-204R1.pdf is general >> enough. (It won Best Paper at ARES 2010, so you don't think I'm blowing >> smoke.) >> >> In that scenario, Alice wishes to use Bob's backup service, which relies >> on Carol's copy service. We show that authentication-based schemes can >> lead to bad results. For example, Alice specifies a file she is not >> allowed to read, and Bob specifies a file he does not have permission to >> write. Nevertheless, Carol reads the input and writes it to the >> output, potentially destroying one of her files. These problems cannot >> arise with capabilities. >> > > I’d love to see just that narrow scenario, as a series of narrated slides > saved as a video. I really don’t like the car keys example, and this one is > practical example of the problem with an example of failure & an example of > success leveraging ocap. > > — Christopher Allen [via iPhone] > >>
Received on Wednesday, 7 April 2021 21:01:39 UTC