[e-lang] Granovetter diagrams and capability bags

Sat Jan 25 02:26:04 EST 2003

--- begin forwarded text

Status: RO
Date: Thu, 23 Jan 2003 17:25:37 -0800
To: SPKI List <spki at wasabisystems.com>
From: Bill Frantz <frantz at pwpconsult.com>
Subject: [e-lang] Granovetter diagrams and capability bags
Cc: Ka-Ping Yee <e-lang at zesty.ca>, e-lang at mail.eros-os.org
Sender: owner-spki at wasabisystems.com

Ka-Ping Yee is working on a paper which contrasts a number of security
systems including SPKI.  The paper is being discussed in detail on the E
language list (see headers below for information).  For some background on
the terminology Ping is using see:
http://www.erights.org/elib/capability/ode/index.html

He is now asking questions about how SPKI is used in the real world, which
I can't answer.  Can anyone here help him?

>From: Ka-Ping Yee <e-lang at zesty.ca>
>To: <e-lang at mail.eros-os.org>
>Subject: [e-lang] Granovetter diagrams and capability bags
>Reply-To: e-lang at mail.eros-os.org
>List-Help: <mailto:e-lang-request at mail.eros-os.org?subject=help>
>List-Post: <mailto:e-lang at mail.eros-os.org>
>List-Subscribe: <http://www.eros-os.org/mailman/listinfo/e-lang>,
>	<mailto:e-lang-request at mail.eros-os.org?subject=subscribe>
>List-Id: Discussion of E and other capability languages
><e-lang.mail.eros-os.org>
>List-Unsubscribe: <http://www.eros-os.org/mailman/listinfo/e-lang>,
>	<mailto:e-lang-request at mail.eros-os.org?subject=unsubscribe>
>List-Archive: <http://www.eros-os.org/pipermail/e-lang/>

>Date: Thu, 23 Jan 2003 19:01:38 -0600 (CST)
>
>I am realizing as i write this paper that the Granovetter diagram
>is insufficient in one important way: it does not distinguish
>C-lists-as-sets from C-lists-as-maps.
>
>This is an important distinction between the capabilities-as-keys
>model and the capabilities-as-object-references model.  Often
>(though not always) people talk about storing keys on "keyrings",
>and searching the keyring to find the appropriate key.
>
>The distinction between trying all the keys on your keyring and
>using a key which you have previously labelled bears directly on
>the Confused Deputy problem, but is not visible in a Granovetter
>diagram.
>
>SPKI, for instance, *could* be implemented like C-lists-as-sets
>(upon trying to perform an action, flip through all your
>certificates to find one that names the resource you want).
>Such a mechanism would be vulnerable to Confused Deputy problems.
>
>Bill, do you have any sense of how SPKI certificates are typically
>handled -- are they named with local names, or merely thrown in a
>bag?  (For the sake of this question, naming certificates according
>to the names within them is equivalent to throwing them in a bag.)
>
>To avoid confusion with the term C-list, and also to avoid
>"capability set" since that seems to be already a loaded term,
>how about calling these two structures C-maps and C-bags?
>
>
>-- ?!ng
>
>_______________________________________________
>e-lang mailing list
>e-lang at mail.eros-os.org
>http://www.eros-os.org/mailman/listinfo/e-lang
>

-------------------------------------------------------------------------
Bill Frantz           | Sacred cows make the   | Periwinkle -- Consulting
(408)356-8506         | tastiest hamburgers.   | 16345 Englewood Ave.
frantz at pwpconsult.com |         - David Wagner | Los Gatos, CA 95032, USA

---------------------------------------------------------------------
The SPKI Mailing List
Unsubscribe by sending "unsubscribe spki" to majordomo at wasabisystems.com

--- end forwarded text

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com