- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Wed, 26 Sep 2012 13:10:56 -0400
- To: Ben Laurie <benl@google.com>
- CC: Henry Story <henry.story@bblfish.net>, "public-webid@w3.org" <public-webid@w3.org>, Andrei Sambra <andrei@fcns.eu>
- Message-ID: <50633720.9030304@openlinksw.com>
On 9/26/12 11:48 AM, Ben Laurie wrote: > No, the point you are missing is that in capabilities the_only_ > authority I need to access a resource is the name of that resource - > the URI in your case. You can seriously believe I am missing that point while also espousing the virtues of hyperlinks as denotation mechanisms for a global web of linked data. That doesn't compute. That's a contradiction. > Security derives from the unforgeability of the > URI, rather than an independent system that decides if some principal > has permission. Security is not derived from the persistence of a URI, its derived from the values exposed directly or indirectly via URI which logic handling routing. I can have many identifiers, but relationship semantics ultimately determine if I can access a resource at an address, directly or indirectly (i.e., name based indirection). > > The problem that best shows the critical difference betweens caps and > ACLs is the confused deputy problem: > http://en.wikipedia.org/wiki/Confused_deputy_problem. Not at all! I can sign claims about co-reference by name or value. That's why we have semantics for equivalence by name, ditto. inverse functionality. These matters have been long addressed in computer science. We are at a point where there is a ubiquitous Web that let's us reapply what already exists in newer and more profound context. At this juncture, my position hasn't changed. You haven't introduced a new insight that incongruent with what's possible via the Web today. -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Wednesday, 26 September 2012 17:11:23 UTC