Talk:Walnut/Secure Distributed Computing
(Suggested alternate wording for Proof of Purchase)
Latest revision as of 14:02, 26 January 2011
Proof of Purchase
I found the explanation puzzling at first, because it mixes two separate issues: security and convenience. I suggest the following alternate end for the section. NowhereMan 21:37, 29 March 2008 (CDT)
Since we have a convenient trusted third party available that already had authority over all the panels anyway (the javax.swing.Component class object), we can use the "proof of purchase" pattern instead. We could define a globally available transferFocus function accepting two arguments:
- the panel that contains the focus
- the target panel that should receive the focus
With this function, the target panel would not need to receive excess authority anymore to be able to get the focus.
For practicality, we provided a Component.transferFocus method that, instead of the panel containing the focus, accepts as its first argument a list of panels that the client believes to contain, somewhere in their subpanel hierarchies, the focus. In the common case where a whole window lies inside a single trust realm, the client can simply present a reference to the whole window and be confident that the focus will be transferred.
The interesting thing about Component.transferFocus is that the recipient does not actually need the client's authority to reach the component that already has the focus. The Component class already has that authority. The client must send the authority merely to prove he has it, too.