I'll weigh in on a few of these, though others will have to cover the
C++ specific details; I've mostly used the Go and Haskell
implementations.
Quoting 'Newbugreport' via Cap'n Proto (2019-10-22 06:01:02)
> 2. The documentation describes capnp as a capability based system. This
> is a new concept to me, but Wikipedia says capabilities are object
> references that can't be forged. The implementation looks more like
> interface pointers. From my naive perspective this looks like a simple
> concept made difficult to understand by describing it in unfamiliar
> terms.
More or less, though the thing that seems to be harder to convey to
people is how these can be used as robust, flexible security mechanism,
and the implications of that. I recommend reading this if you're
interested:
http://habitatchronicles.com/2017/05/what-are-capabilities/
..which maybe the page should actually link to? I think it's a better
reference than either of the things referred to now (I believe the above
post is more recent than the rpc docs page).
> 2a. I assume in capnp this reference is just the interfaceId in the
> [1]rpc protocol, which would refer to an address or table entry on the
> server.
At the protocol level, the reference would actually map to the
import/answer IDs, where as interfaceId is just used in identifying
which method to call on a given object. If you're interested in the gory
details, see the discussion in the section "The Four Tables", and the
definition and use of the MessageTarget struct.
> Is capnp doing anything to make the ids difficult to
> guess/forge/eavesdrop?
Because the ids are indices into a table that is per-connection, they
don't have to be secret to be unforgeable. Think of them like file
descriptors: If I have a file open under fd #5, then knowing that
doesn't help you gain access to the file yourself -- it's an index into
*my* process's fd table, and your fd #5 is different (if it exists). So
all that remains is to secure the connection itself, which you can do
with TLS.
> 7. A [3]link on the [4]RPC page to Google Groups is not accessible
> without an account. Could you move or open that document?
Not sure I follow? Isn't that just a link to the mailing list?
--
You received this message because you are subscribed to the Google Groups
"Cap'n Proto" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/capnproto/157176369637.836.16868351363297625054%40localhost.localdomain.
