[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Clever delegation ??

At 7:30 AM -0800 4/7/97, Brian M. Thomas wrote:
>I apologize in advance if I'm just muddying the water here, but it still
>looks to me as though the thing we're trying to model in chain reduction
>is necessarily intersection.  Therefore, intersection is the only proper
>means of accomplishing it.  This follows from the basic intent that no
>principal can grant permissions which it does not possess.  Doing unions
>would only be meaningful where the same issuer grants multiple permissions
>to the same subject, and in this case, again there seems to be no question
>about how it must be done.

My principle issue is that people who build certs in the system must
understand how the delegation logic works.  When that logic is simple, I
don't see an issue.  As it gets more complex, then I think we have to think
about how we educate the users so they don't make mistakes.  That's all.

Bill Frantz       | I have taken a real job at | Periwinkle -- Consulting
(408)356-8506     | Electric Communities as a  | 16345 Englewood Ave.
frantz@netcom.com | capability security guru.  | Los Gatos, CA 95032, USA