[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xdi] A quick link contract riddle
On Mon, Jul 15, 2013 at 11:36 AM, Markus Sabadello <markus.sabadello@xdi.org> wrote:I thought I'd share this with the list:Let's say we have this graph:=a*b<+c>&/&/"hello"=a/+friend/=xAnd this link contract in the same graph:$do/$get/=a*bNow let's look at the following two messages:Message 1:=sender[$msg]!1$do/$get/(=a/+friend/=x)=sender[$msg]!1/$do/$doMessage 2:=sender[$msg]!1$do/$get/(=a/()/*b)=sender[$msg]!1/$do/$doMessage 1 will obviously fail, because the link contract doesn't cover the requested statement.Now my question is, will Message 2 fail or succeed? Anyone?It should succeed. Reason: If the link contract authorizes the sender (which you didn't show any policy for) to get =a*b, then I believe it should authorize the sender to discover that =a has a subcontext *b. In otherwise, implicit context statements should be included in the authorization policy.If it ends out being a security issue, I could see us adding a policy statement covering whether discovery of implicit statements is allowed under the link contract or not.Is that what you are asking?=Drummond
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]