[Cryptography] Do capabilities work? Do ACLs work?
Tony Arcieri
bascule at gmail.com
Wed Feb 11 15:36:36 EST 2015
On Wed, Feb 11, 2015 at 9:49 AM, Nico Williams <nico at cryptonector.com>
wrote:
> In particular, ACLs can be audited, while auditing capability tokens
> requires looking at running state of entire systems. One of these is
> not practical!
>
This isn't true at all. You are making it sound like it's impossible to
know who has a given capability because you're imaging some strawman system
that has no confinement or revocation abilities.
I again invite you to read Capability Myths Demolished:
http://zesty.ca/capmyths/usenix.pdf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150211/64d78374/attachment.html>
More information about the cryptography
mailing list