During : What are the downsides of ?
@cwebber : Well, they can be delegated really easily (but so can ACLs by proxy so ACLs are misleading)

me (in my head) : noooo, ACLs are difficult to delegate in practice and that's what counts. BUT ocaps can also be made difficult to delegate by requiring each action to be signed using a key that is also used for other things !

@cwebber
My boarding pass is an ocap, I could indeed delegate it but it's *bound* to my passport which is also an ocap. Yes, I could delegate my passport (to someone who looks like me) but I'll be damned if I'm going to do that because it's important to me for so many other things.

@cjd @cwebber
but what if you could make infinitely many perfect copies of your passport infinitely cheaply?

@Wolf480pl @cjd I assume that question is directed at me?

The goal of Mark's keynote is to show that we can still bind identity in a meta way on top of ocaps, and yes they can be infinitely copied (*some* passport information already can be), but that also means we'll take more responsibility in how we delegate them, since we will can now be personally held accountable by others.

@cwebber
that was question directed at @cjd

I weren't at APConf, I haven't seen Mark's ketynote, don't know who Mark is, and generally barely know that ocaps are a thing. I know how capabilities work in centralized systems (eg. in SeL4, or FDs in Unix), I know what cryptographic primitives are available. I was hoping CJD's analogy would help me understand OCaps without reading the whitepaper.

Follow

@Wolf480pl @cwebber
My favorite explanation of ocaps (ever) is Lazy Programmer's Guide to Secure Computing
youtu.be/eL5o4PFuxTY?t=60

@cjd @cwebber
>1h video

ok, now reading the whitepaper starts to sounds like not that bad an idea...

@Wolf480pl
If you can grok formal logic then the papers on this stuff are great, personally I would be lost without that video.

@cjd
Behold, for I'm a Haskell-wielding programmer, who enjoys strict type systems and is not afraid of formal logic.

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!