Talk:Capability

From Erights

(Difference between revisions)
Jump to: navigation, search
Line 16: Line 16:
be contracted to some single adjective? Using the term "unforgeable or hardly unguessable" is awkward. [[User:Kosik|Kosik]] 10:59, 10 July 2009 (CDT)
be contracted to some single adjective? Using the term "unforgeable or hardly unguessable" is awkward. [[User:Kosik|Kosik]] 10:59, 10 July 2009 (CDT)
-
''I'm afraid you didn't grok. I mean to say that capabilities can be very forgeable and guessable. They simply aren't secure capabilities, or suitable for capability-based security.''
+
''I'm afraid you didn't grok. I mean to say that capabilities may be very forgeable and guessable. They simply aren't secure capabilities, or suitable for capability-based security. And the page still has a heavily '''object-'''capability bias.''

Revision as of 16:23, 10 July 2009

The article can be further improved by given more examples of capabilities from CapROS, EROS and Coyotos systems. What objects can those capabilities designate? Which operations do those capabilities permit their holder to perform with designated objects? Kosik 05:17, 10 July 2009 (CDT)


It seems the article describes an object-capability as though it is the only sort. I understand it is the type of capability used in E and such, but other sorts are used for security.

  • Password Capabilities (SPKI, Certificates) do not need to designate objects
  • Object Capabilities

Further, capability doesn't imply unforgeable unless you're talking about secure capabilities, and capability-based security.


You are right. Some capabilities are indeed unforgeable and some are merly hardly guessable. Cannot these two different terms:

  • unforgeable
  • hardly unguessable

be contracted to some single adjective? Using the term "unforgeable or hardly unguessable" is awkward. Kosik 10:59, 10 July 2009 (CDT)

I'm afraid you didn't grok. I mean to say that capabilities may be very forgeable and guessable. They simply aren't secure capabilities, or suitable for capability-based security. And the page still has a heavily object-capability bias.

Personal tools
more tools