shoot, i meant to say, also: the corresponding classic problem of capability credentials (now that i'm thinking about them, it occurs to me there are lots of historical examples!) is the possibility that the capability you're looking at isn't distributed in the population the way you think it is. maybe some stranger turns up from a far-off land who turns out to be just as strong as odysseus-- oops. i think fairy tales are full of this sort of event.
but they still work great for situations where what you actually care about is not specific identity, but that the person authenticated *have* a capability that's associated with the one you're testing, i think.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
branchandroot
no subject
Date: 2008-12-11 04:55 pm (UTC)but they still work great for situations where what you actually care about is not specific identity, but that the person authenticated *have* a capability that's associated with the one you're testing, i think.