- From: Adam Barth <w3c@adambarth.com>
- Date: Mon, 14 Dec 2009 00:03:29 -0800
- To: "Mark S. Miller" <erights@google.com>
- Cc: Jonas Sicking <jonas@sicking.cc>, Arthur Barstow <Art.Barstow@nokia.com>, Tyler Close <tyler.close@gmail.com>, Ian Hickson <ian@hixie.ch>, Maciej Stachowiak <mjs@apple.com>, Anne van Kesteren <annevk@opera.com>, public-webapps <public-webapps@w3.org>
I'm not really sure what we're discussing anymore. Do you have any new information to add, or are we just going in circles? On Sun, Dec 13, 2009 at 1:29 PM, Mark S. Miller <erights@google.com> wrote: > On Sun, Dec 13, 2009 at 12:26 PM, Adam Barth <w3c@adambarth.com> wrote: >> On Sun, Dec 13, 2009 at 8:54 AM, Mark S. Miller <erights@google.com> >> wrote: >> > On Sat, Dec 12, 2009 at 7:17 PM, Adam Barth <w3c@adambarth.com> wrote: >> >> I agree with Jonas. It seems unlikely we'll be able to >> >> design-by-commitee around a difference in security philosophy dating >> >> back to the 70s. >> > >> > Hi Adam, the whole point of arguing is to settle controversies. That is >> > how >> > human knowledge advances. If after 40 years the ACL side has no defenses >> > left for its position, ACL advocates should have the good grace to >> > concede >> > rather than cite the length of the argument as a reason not to >> > resolve the >> > argument. >> >> I seriously doubt we're going to advance the state of human knowledge >> by debating this topic on this mailing list. The scientific community >> is better equipped for that than the standards community. > > AFAICT, the last words on this debate in the scientific literature are the > Horton paper Is your position that the academic community has resoundingly decided that object-capabilities are superior to access control? That seems unlikely to me. [...] > In either of the first two cases, since you are a member both of the > scientific community and of this standards committee, if you don't respond > in the scientific literature, please don't cite merely the lack of response > in the scientific literature in support of your points. As I said before, I don't know of any experiments we can run or data we can measure to settle this issue, which is why science hasn't made much progress in answering these questions in the past 40 years and why we won't make much progress resolving them here either. With respect to your specific question, here's a recent paper of mine about the dangers of mixing object-capabilities and access control in a single system, which is exactly what we'd be doing by mixing UniMess with the same-origin policy: http://www.adambarth.com/papers/2009/barth-weinberger-song.pdf In any case, I don't think spamming this list with a bunch of citations to hundreds of pages of dense prose that no one is going read will help us make progress. Adam
Received on Monday, 14 December 2009 08:04:34 UTC