Re: WebID questions -- was: [dane] Call for Adoption: "Using Secure DNS to Associate Certificates with Domain Names For S/MIME" from Ben Laurie on 2012-09-26 (public-webid@w3.org from September 2012)

From: Ben Laurie <benl@google.com>
Date: Wed, 26 Sep 2012 13:06:18 +0100
To: Kingsley Idehen <kidehen@openlinksw.com>
Cc: Henry Story <henry.story@bblfish.net>, "public-webid@w3.org" <public-webid@w3.org>, Andrei Sambra <andrei@fcns.eu>
Message-ID: <CABrd9SR4QAsvn3gx5ABn+CZqFQsx_R-YRqRqypuOEsjLVN9s1g@mail.gmail.com>

On 26 September 2012 12:54, Kingsley Idehen <kidehen@openlinksw.com> wrote:
> On 9/26/12 4:42 AM, Ben Laurie wrote:
>>
>> You realise that I'm not a big fan of ACLs, right? IMO, object
>> capabilities are the better way to go. WebIDs could probably also do
>> those, but then you'd be in the business of managing a very large
>> number of them.
>
>
> Do you have a pointer to a document that sheds light on "object
> capabilities" ? Hopefully, I might be able to triangulate back to WebID
> etc..

http://en.wikipedia.org/wiki/Object-capability_model gives an overview.

My own paper: http://www.links.org/files/capabilities.pdf

E, a language designed from the ground up to be capability friendly:
http://erights.org/index.html

Capabilities in FreeBSD: http://www.cl.cam.ac.uk/research/security/capsicum/

>
> --
>
> Regards,
>
> Kingsley Idehen
> Founder & CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter/Identi.ca handle: @kidehen
> Google+ Profile: https://plus.google.com/112399767740508618350/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>
>
>
>
>

Received on Wednesday, 26 September 2012 12:06:46 UTC