From: "Mark S. Miller" <markm@caplet.com>
Replying To: Tyler Close <tyler@waterken.com>
Date: Sun, 08 Dec 2002 16:34:21 -0800
Subject: Re: [e-lang] "Capability Myths Demolished" (was: Software security workshop)
 

At 08:07 AM 12/8/2002 Sunday, Tyler Close wrote:
>My only source of information on CAL-TSS is the summary in Levy's
>capability book. Based on this summary I have some doubts about
>parts of its design. That CAL-TSS did not have protected
>procedures is a definite warning signal about the theory that went
>into it. If anyone could provide me with additional sources of
>information on this system, I would appreciate it.

See reference 15 at 
http://research.microsoft.com/lampson/Publications.html  (You must have 
Javascript turned on to follow the links).  Reference 7 looks like it is also 
about CAL-TSS, but isn't online. tyler norm


>Where and when did Norm's sense come from? Has Norm already
>written something about this? Does Norm have additional
>information on this topic that may be useful?

Norm? 


>What else do you know about the history that makes you concur?

Mostly my sense that Lampson is currently dismissive of capabilities.  After 
FC2000, I had a bit of private correspondence with Ron Rivest who was 
excited about the Ode for a while (recall the email he let me resend to 
e-lang). The end of the private correspondence was when he said he showed 
the Ode to Lampson, whose reaction was "it's just capabilities". After this, 
I was never able to get Rivest's attention again.

Someone on the list had a more recent conversation with Lampson (you know 
who you are).  It may be inappropriate for them to report this conversation 
publicly, but if it's ok, I'm sure we'd all enjoy hearing about it. ;)

In any case, we should avoid too much concern with Lampson the person, and 
stay focused on the abstract issues. 


>Is there anything in "Protection", or elsewhere, to suggest that
>Lampson intentionally made an inaccurate model? Given the purpose
>of his model, I can see no reason for the inaccuracies.

No, I never imagined the inaccuracies were intentional, and there's no need 
to question anyone's motives.  I'm sure everyone paved the road to hell with 
the best of intentions. tyler


----------------------------------------
Text by me above is hereby placed in the public domain

        Cheers,
        --MarkM

_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang