From: frantz@netcom.com (Bill Frantz)
Date: Wed, 29 May 1996 11:17:33 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: Runtime info flow in Java
Message-ID: <199605282216.PAA15909@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:31 PM 5/24/96 -0400, E. ALLEN SMITH wrote:
>From:   IN%"frantz@netcom.com" 24-MAY-1996 21:22:44.97
>>We can use certificates (ref: SPKI) to implement network capabilities. 
>>These certificates make statements of the form: The holder of the secret
>>key which corresponds to this public key is permitted these specific forms
>>of access to this specific resource on this location (e.g. a URL).  These
>>certificates can act like capabilities.  They can be passed by creating a
>>new certificate for the receiver which gives it the privileges implied by
>>the old certificate.  They can be rescinded in any of a number of ways.
>
>        I suppose that the new certificate is created through a message
>signed by the old certificate's private key?

Sounds like a good way to me.  When you want to pass a capability, you can
either get a completely new certificate from the resource's system, or
generate a (possibly temporary) transfer certificate that accompanies a
copy of your certificate.

Bill


------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA