From: "Jonathan S. Shapiro" <>
Replying To: Chris Hibbert <>
Date: Sun, 01 Dec 2002 22:51:46 -0500
Subject: Re: [e-lang] Commentary on Wallach's "Extensible Security Architectures for Java"

On Sun, 2002-12-01 at 22:25, chris hibbert wrote:
> Jonathan: read Ping's words again.  He said "communicating conspirators 
> cannot be prevented from delegating authority in any system".  As I 
> read Ping's comments, that's exactly what he meant.  I don't think 
> there's any reasonably charitable interpretation of Ping's words using 
> the concept of "transfer"...

Thank you for the correction.  I think I got trapped by a convention of
the existing literature, and maybe Ping wasn't following that
convention. When the literature speaks of "delegating authority", it
generally means "transferring a token that conveys authority" as opposed
to the type of de facto delegation that we have been discussing. Given
this context, Ping's words become open to misinterpretation in the way
that I did. daw

If this issue wasn't widely misunderstood, Matt Bishop's papers on de
facto vs de jure authority transfer wouldn't have needed to exist. 

Ping: My apologies if I misread you. Just so we all understand, which
way *did* you mean? ping 


e-lang mailing list