Thoughts: Docker, Sociology, Mathematical Models of Security, Word Choice, and Death

Multi-container docker configuration is presently mired in complexity (examples: confd, gantryd) in part because docker makes it hard to deterministically assign addresses to containers. As a result, service- discovery must be done via dynamic control and agreement at “network run time”instead of at “network compile time”. Potential solutions:
1. dnshash
2. enable deterministic address assignment
Translation, “problematisation”, “interessement”, “enrolment”, “mobilisation”, “boundary objects”, “data-information-knowledge-control”, and friends:
Impossibility results, information flow control, non-interference, and inference control:
- “A Hundred Impossibility Proofs for Distributed Computing”, Lynch, 1989
- “Protecting Privacy using the Decentralized Label Model”, Myers & Liskov, 2000
- “Security Policies and Security Models”, Goguen & Meseguer, 1982
- “Unwinding and Inference Control”, Goguen & Meseguer, 1984
Most of the world uses unfortunate definitions for words like “identity” and “authentication” but my current preferred definitions:
- identity: a cluster of nyms
  - intuition: to me, an exemplary primitive ascription of identity is a claim like “one of the authors of message 23 is also a recipient of message 47”. As a result, I view “identities” as being particularly interesting subgraphs – e.g., those identified by interesting closure operators – on the graph of “evidence linking nyms to messages”.
- authentication: a guarantee that, at the end of a protocol, some principals agree on a mapping of symbols to values

are way too surprising to reasonably be called "identity" or "authentication". (What to do!?)

Somehow, I’ve never found traditional explanations of death very satisfying. Thus: if “life” is usefully undertsood as a particularly interesting collection of emergent properties, then what would a CAST analysis of some particular organism’s death look like?