From: "Karp, Alan" <alan_karp@hp.com>
Date: Mon, 9 Dec 2002 08:54:23 -0800
Subject: RE: [e-lang] Naming Capability Systems
 

Dean Tribble wrote:
>
>         People 
> don't learn much about capabilities now because they think Lampson 
> discredited the entire area;
>

I don't believe that Lampson discredited capabilities, nor do I think that was his intent.   In "Protection" he says

  We observe that a directory is not too much different from a domain in
  structure.   The access key method of obtaining access is, however, quite 
  different in spirit from the capability method.  It is also likely to be more 
  expensive, and many systems have a hybrid implementation in which an object 
  can be accessed once by access key to abtain a capability, which is then used 
  for subsequent accesses.  This process when applied to files is usually 
  called opening a file.

This paragraph is significant in two regards.  First, Lampson is not discrediting capabilities; he is recommending their use.  Second, he expects capabilities to have better performance than ACLs.  The people I talk to believe that capabilities are too expensive to use in production systems, e.g., Joel Birnbaum, who was invovled in IBM's FS (Future System) project that produced little for its $1B investment.  My reading of the history, which is spotty at best, is that perceived performance is the culprit, not Lampson. 

Lampson is clearly unaware of any flaws in his description of capability systems.  IMHO, he believes he is accurately reporting what has gone before.  There are certain points in Dennis and Van Horn (DVH) that are obscured by their description, and I believe that Lampson simply missed the subtleties.  In particular, I thought that DVH described ambient capabilities until Tyler asked me to prove it.  Only then did I note an extra index in the grant method that is only there because the DVH system is not an ambient one.   (Tyler, I'm still working on my reply to you.)

_________________________
Alan Karp
Principal Scientist
Decision Technology Department
Hewlett-Packard Laboratories MS 1141
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-6278
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp/
 
 
_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang