First proposal: what should LispOS feel like?
Alaric B. Williams
alaric@abwillms.demon.co.uk
Fri, 2 May 1997 22:27:43 +0000
On 2 May 97 at 10:59, lispos@math.gatech.edu wrote:
> Alaric B. Williams writes:
> > How about - object IDs are represented as network addresses
> > and local addresses with a large enough range to make
> > scanning for valid addresses next to impossible - and
> > grant privileges by passing obejct IDs to people, so they
> > can then see them?
> Problem: object ID is bound to the objects [current] location. If you
> wish your objects could migrate from hosts to others, then you do not
> want to have absolute network addresses in their IDs!
Lads! Lads! I didn't propose it as a /good/ idea! I said that
because I didn't see how one could implement scope-based
access nicely!
IMHO object IDs and security systems should be relatively unrelated.
The operation of talking to an object is the only thing that
brings them together.
=> we would have object IDs that are opaque to the applications;
the underlying network topography dictates them.
For a large network, they would be host:location pairs,
with the proviso that if an object migrates, it leaves a
pointer. A host finding that redirector returned would
change the old object ID to the new one and then follow it,
or just follow the redirector.
For a smaller private network, there could be a namespace type server,
where an object ID is allocated by the server, and it remembers where
the object lives.
For even smaller networks, or ones with vast numbers of rarely accessed
objects (large databases), some kind of broadcast datagram would be
used to find which system housed a given object.
IE, make it implementation dependent!
> Antti (Antti.Huima@hut.fi)
ABW
--
Alaric B. Williams (alaric@abwillms.demon.co.uk)
---<## OpenDOS FAQ ##>---
Plain HTML: http://www.delorie.com/opendos/faq/
http://www.deltasoft.com/faq.html
Fancy HTML: http://www.deltasoft.com/faq0000.html