[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Is there a capability RFC?
"David L. Nicol" wrote:
> > > For instance, the "ability to flood a calendar system with bogus
> > > requests" could be greatly mitigated by use of capabilities in the
> > > basic archtecture.
> > How? You still need to examine each request to determine whether it's
> > authenticated.
> a capability could, for instance, be associated with an upper limit
> of number of posts can be made with it.
Then you still need to do a database lookup to decide whether that limit's been
There is simply no way for an access control mechanism to prevent DoS attacks,
because an effective attack can be mounted just by making lots of bogus
requests, to force the access control system to come into play. A more
sophisticated access control system may actually be a liability, if it requires
more computrons to evaluate each request.
> > (b) What about events posted by the legitimate user of the capability?
> "... and submitting for re-moderation"
Uh...that's not trivial. Technically simple, yes; but it requires vast amounts
of time from the legitimate user.
> Anyway, what about entities that are not individual people? Wedging
> them into "user accounts" is standard practice, yes, but that doesn't
> make it elegant.
Elegant? You want elegant? Have you *looked* at the syntax of iCalendar? :-) Or
MIME, or LDAP? These things are not elegant at all; that's not the design goal.
But they work, where some more elegant proposals have died away. If you want
the IETF to spend time on capabilities, elegance won't be enough of a reason.
In any case, I don't think this WG can afford to take on more work right now.
Maybe in another year.
|John Stracke | http://www.ecal.com |My opinions are my own.|
|Chief Scientist |=============================================|
|eCal Corp. |Help stamp out vi in our lifetime! |