Re: WebID questions -- was: [dane] Call for Adoption: "Using Secure DNS to Associate Certificates with Domain Names For S/MIME" from Ben Laurie on 2012-09-27 (public-webid@w3.org from September 2012)

From: Ben Laurie <benl@google.com>
Date: Thu, 27 Sep 2012 14:39:56 +0100
To: Kingsley Idehen <kidehen@openlinksw.com>
Cc: public-webid@w3.org
Message-ID: <CABrd9SQL+aAFwKA2XREC1yqMYXRhbJGW7RmTz1uwakJDnrM+hw@mail.gmail.com>

On 27 September 2012 14:36, Kingsley Idehen <kidehen@openlinksw.com> wrote:
> On 9/27/12 7:26 AM, Ben Laurie wrote:
>>>>
>>>> So, the point is this: object capabilities are a security mechanism,
>>>> >>like ACLs. Their purpose is to restrict access to resources to only
>>>> >>the intended accessors.
>>>
>>> >
>>> >
>>> >A security mechanism can be an object capability.
>>
>> What do you mean by this?
>
>
> There is a relationship between an resource owner entity, a document entity,
> and an acl rule (another entity) that enables resource access control, which
> in my world view is a capability.

This is pointless. Capabilities have an accepted definition and they
are provably not equivalent to ACLs.

Received on Thursday, 27 September 2012 13:40:33 UTC