From: Tyler Close <>
Replying To: David Wagner <>
Date: Fri, 6 Dec 2002 11:16:35 -0400
Subject: Re: [e-lang] "Capability Myths Demolished" (was: Software security workshop)

On Thursday 05 December 2002 20:25, David Wagner wrote:
> Oh dear.  I think somehow I've failed again to convey my point.  I'm a
> little depressed by this

I think I could have done a better job of drawing the link between
your last email and my thoughts on it.  I believe I understand the
point you are making. I just have some problems with it. It's
tricky to nod your head using email. daw

> , but since I'm stubborn, may I try again?

Of, course you can. This is necessary for communication. I am
saddened that you are giving up on this conversation already.  As I
tried to point out in my last email, there are things here that
need your involvement.

> Tyler Close  wrote:
> On Tuesday 03 December 2002 22:05, David Wagner wrote:
> > I'm not sure whether I understand your position.
> >
> > Let's suppose, for the sake of argument, that the entire security
> > community understands the term "capability" to mean one thing.
> > Let's assume this was prompted by a misunderstanding, but is now an
> > established usage.
> You hold a position of respect within the security community. I
> think it would be useful for you to take a position on this issue.

On Thursday 05 December 2002 20:25, David Wagner wrote:
> I don't know enough about the history to have a position on the history.
> In any case, I'd be delighted if someone were to write a paper making
> the case for (E-style) capabilities, so that I can point others to the
> paper, use the paper as a teaching aid, and so on.  I'm probably not the
> one to write such a paper, but I'd be happy to help figuring out how to
> make as convincing a case as possible.

Over the course of this email discussion,  I've made a case that
Lampson's "Protection" paper created an erroneous view of
capabilities.  Some others have explicitly agreed with this case
and asked that I write a paper. I have agreed to do so. daw

As MarcS has pointed out, Butler Lampson has a god-like position
within the security community.  The security community is not a
free forum for the exchange of ideas. It is a highly politicized
community. I have seen these politics first hand. I expect a great
deal of difficulty in getting people to even acknowledge my views.
I do not believe that it is only random chance that has created
this 30 year gap. All the information is just sitting there,
staring us in the face. I do not have any kind of special access
to information. I wasn't even alive when this stuff happened.
There is a reason why no one else has written a paper yet. daw

As you've said, in actions and in words, you are friendly to the
capability view.  If I am unable to get even you to drop the
hypotheticals and agree that Lampson was in error, then it would
seem I have an impossible task. daw

All I am looking for is an evaluation on the evidence presented to
date. What part of the evidence do you find lacking?  What issues
make you want to retain the hypotheticals? daw

I would like to address the other content in your last message;
however,  I think I'll wait a bit to see if you can be drawn back
into the conversation. daw

e-lang mailing list