[Cryptography] Do capabilities work? Do ACLs work?
Tony Arcieri
bascule at gmail.com
Tue Feb 10 12:34:30 EST 2015
On Tue, Feb 10, 2015 at 4:52 AM, ianG <iang at iang.org> wrote:
> So my current view is that what is needed is a hybrid. At a limited sense
> one can see this with expiries: a cap with a time limit on it is a cap
> with a "control" on it.
You should really look at Macaroons:
http://research.google.com/pubs/pub41892.html
https://air.mozilla.org/macaroons-cookies-with-contextual-caveats-for-decentralized-authorization-in-the-cloud/
--
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150210/a02e2590/attachment.html>
More information about the cryptography
mailing list