[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Java programs, etc.
-----BEGIN PGP SIGNED MESSAGE-----
At 01:56 PM 4/8/97 EDT, Ron Rivest wrote:
>
>I guess I wasn't clear again. My intention in writing
>
> (* program java <hash-of-java-program>)
>
>was to write a PREDICATE that matched a certain set of byte-strings
>(or S-expressions), just as
>
> (* range date 1997-01-01_00:00:00 1998-01-01_00:00:00)
>
>matching a certain set of byte strings.
>
>I did NOT propose that the java program be one that takes intersections
>of various forms. Indeed, I think THAT is INSECURE!
Ron,
Matt is going to write up his version of this, but my view is that a (*
program ...) tag set represents a set of tags (as does any other * form).
You can do that by having a program generate a full set of tags -- maybe as
a (* set ...) -- or you can make the program a little more intelligent. It
could take as a parameter one explicit (tag ) and generate the subset of its
set of tags which intersect with the explicit tag. It might also take a set
of 5-tuples and generate a different set of tags depending on the input
5-tuples. Such a program is, in fact, what PolicyMaker does and is
equivalent to taking intersections (or worse). If you think this is
insecure, then that's a topic for discussion -- especially with MAB -- but I
don't see how to distinguish (* program ) from something that takes
intersections.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBM1KWqlQXJENzYr45AQFMFQQAjmFR0ZNsesxPKu7p12PU+Ahv4asHND1Y
/I9aif4z6GIh6QgjbZhK85hTKEhVFYzPz+trP0dxp+r9wmZv1yzDKeDnUngFylKu
r//6U9Rz6nrEwJ35gobLHcBLFmhY3R5SLlY0AGRQf9kcFnv7BiZVfylzyg4nu06R
3gY0UEnb8IY=
=GTKL
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: