There is an important development that Solid community and core team should know about. One that is likely to have impact on Solid’s future one way or another, if not taken into consideration. Note that this may already have happened, then this post is a just-in-case.
(Because this was buried in another thread, I created this top-level topic to ensure it gets everyone’s attention.)
Christopher Lemmer Webber, co-author of the W3C ActivityPub specification has just joined the forum. Welcome here, @cwebber
He gave some additional information to things I had just learned from him regarding ACL’s at the AP Conference and posted as a FYI to @happybeing.
Well, I’ll not repeat everything. Just read:
2 Likes
This is just a FYI to keep you in the loop of things @cwebber is doing and writing related to Object Capabilities and touching on the subject of ACL’s. In a recent toot he referred to a W3C list entry he just wrote:
Hygiene for a computing pandemic: separation of VCs and ocaps/zcaps
Hygiene for a computing pandemic: separation of VCs and ocaps/zcaps from Christopher Lemmer Webber on 2020-12-05 (public-credentials@w3.org from December 2020)
Maybe the most important thing I’ve ever written (at least about computing) is this long mailing list post. I should probably clean it up and put it somewhere more general.
I leave it to you to decide the relevance in relation to Solid, but the mail contains the paragraph “ACLs Considered Harmful” and has another reference to the PDF “ACLs Don’t”.
2 Likes
@cwebber is saying that there should be a clear separation of concerns between actions or commands and identity, but he admits that these worlds cannot be fully separated.
He goes on to criticize ACLs because of their proven security problems but also because ACLs attempt to fully integrate the concerns of actions and identity. But he doesn’t mention other approaches that might partially integrate those concerns.
There may be other approaches to generative identity that he has not considered, that might more successfully combine the concerns of actions vs. identity. Maybe there are other ways to incorporate into identity actions or commands that don’t fall into any credential category. Certainly we do that every day when we identify people or groups of people. Our survival depends on it. It would just be harder to standardize that.
I don’t understand why he would call any and all such attempts ‘unhygienic’ but maybe I missed something or am not understanding things.
1 Like
Via a HN thread on Goblins (April 2021) I bumped into this great video explaining the benefits of Object Capabilities and contrasting them to common ACL practices.
June 22, 2016
Thanks for joining us for Drew’s talk on Designing secure systems with Object-Capabilities, Python, and Cap’n Proto by Drew Fisher.
Object-capability security is a technique for designing systems that lets us apply object-oriented design principles to security policies, reducing cognitive overhead and risk of errors that lead to vulnerabilities. In this talk, Drew will explain capabilities, how they work, and what cool things they make possible for your systems, with real-world examples from Sandstorm.io.
Very comprehensive and recommended watch.
2 Likes