[tahoe-dev] question about sharing...
Greg Troxel
gdt at ir.bbn.com
Sat Jun 4 07:03:11 PDT 2011
"Zooko O'Whielacronx" <zooko at zooko.com> writes:
> On Wed, Jun 1, 2011 at 11:52 AM, Greg Troxel <gdt at ir.bbn.com> wrote:
>>
>> Yes, they could. What you are missing is
>>
>> 1) that this is a capability system, not an ACL system.
>
> This is true, but I want to caution that what we've designed so far is
> based on what we think is safe and useful, rather than being limited
> to a specific dogma.
>
> In other words, if someone comes up with a new access control scheme
> for Tahoe-LAFS which is safe and which provides something that real
> users want, then we'll definitely implement that, regardless of
> whether it is called "a capability system" or "an ACL system" (or
> something else).
Fair enough. But capabilities seem central to tahoe's design, where
servers are untrusted. Perhaps not so much in the permission-to-store
aspect, but in the confidentiality aspect. I look forward to reading
about new ideas...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20110604/81ed0b8c/attachment.pgp>
More information about the tahoe-dev
mailing list