[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Delegate

I'm not sure it makes much of a difference.  I think it's mostly how
you define the semantics.  I think a boolean is probably better
semantics.  If I allow you to delegate your authority, I don't
necessarily know how you are going to delegate it, nor how your
delegations might further delegate it.  Since I trust you with the
authority to delegate in the first place, that means I trust that you
will use that authority properly.

One benefit of using an integer is to limit the number of recursions
of delegation.  If it gets 20 hops away, I might not trust that chain.
However if someone needs to delegate to get their job done, they will
do so no matter how the technology limits them, even if it means
letting someone else use their credentials.

So, yes, I think boolean is a better choice.  But I'm willing to go
either direction right now.


Carl Ellison <cme@cybercash.com> writes:

> At 05:49 PM 12/16/96 -0500, Derek Atkins wrote:
> >On the other hand, if Alice trusts Bob to delegate to Charlie, there
> >is nothing stopping Charlie from allowing Doug to use his (Charlie's)
> >credentials.  So, a boolean has the same effect.
> So, does that mean you vote for boolean?
>  - Carl
> +------------------------------------------------------------------+
> |Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
> |CyberCash, Inc.                      http://www.cybercash.com/    |
> |207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
> |Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
> +------------------------------------------------------------------+

       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board (SIPB)
    Home page: http://www.mit.edu:8001/people/warlord/home_page.html
       warlord@MIT.EDU    PP-ASEL     N1NWH    PGP key available

Follow-Ups: References: