[Date Prev][Date Next][Thread Prev][Thread Next][Author Index][Date Index][Thread Index]
- To: <mark>
- Subject: Doc Stuff
- From: Eric Dean Tribble <tribble>
- Date: Sun, 29 Oct 89 23:27:29 PST
- Cc: <bobp>, <dean>, <ravi>, <XTech>
- In-reply-to: <MarkS.Miller'smessageofSun>,55 PST <8910300222.AA03691@xanadu>
Agoric Stuff: I can't answer your agoric question till I design
Archiving. I think we know how to implement such resource management.
I think it may be the simplest thing to do. We'll see. I hadn't
originally made the connection between funding and preservation of
read permission. I can imagine preserving read-permission only on
documents that you are funding. Probably won't work, but interesting.
Permissions vs. protections: I recall strongly advocating supporting
protections vs. permissions. It may just be lingering feelings, but I
get real uncomfortable whenever I consider supporting anything to
represent unenforceable permissions information. It will be an
interesting discussion (after first product!).
As a quick example, I'll sketch my reaction to your internal documents
example. A document that is 'internal' should remain exactly that.
The company machine should know that it cannot transfer the document
to any other machine. When the employee leaves, he no longer has
access to his *account* on the machine, so he can no longer read the
document. This scenario gets much deeper than I want to dwell on till
after first rpoduct, so don't tempt me by responding. The more
sophisticated version has to deal with protections between machines,
transitivity of protections, anonymous accounts, etc.