[Opensim-dev] Proposal for using OpenID in OpenSim

Gryc Ueusp gryc.ueusp at gmail.com
Fri Mar 28 03:21:42 UTC 2008 

Perhaps using a Jabber server to authenticate is an option?  It seems to cover 
all of your fears and provide the ability to include a link to data somewhere 
else via the user's profile.

On Thursday 27 March 2008 10:01:32 pm The Burnman wrote:
> My concern, much like what Melanie stated, is that I do not want to be
> forced to use a 3rd party service to use OpenSim.  If OpenID is not an
> optional module, I will drop OpenSim from my toolset and move on to
> something else.
>
> Aside from the idea of being forced to use 3rd party services, two concerns
> I have about using OpenID are:
>
> 1) Data security and integrity - With no control over authentication or
> storage of related data, what's to say data won't be stolen or corrupted,
> thus causing my clients/users distress and thus causing me a nightmare?
>
> 2) Service perpetuality (I might have made that word up) - What guarantees
> OpenID will remain in business in a year, considering how volatile the
> Internet business world is?  How much downtime do I have to deal with
> because of maintenance or hardware failure?
>
> In fact, I don't know why people think OpenID is a good idea at all.  The
> whole concept is based on trusting a 3rd party to remain up 100% of the
> time, completely secure, and functioning efficiently.  Using OpenID takes
> any control of those variables out of my hands, and if they have an issue,
> my service is offline.
>
> Sure, it allows some level of interoperability, but I don't consider it
> worth the risk for my projects.  Just do a Google search for "OpenID
> security" (or similar search parameters) and read about the concerns a lot
> of people have about OpenID.
>
> On Thu, Mar 27, 2008 at 9:33 PM, Ryan McDougall <ryan at 3di.jp> wrote:
> > My understanding is that, like OpenID is currently used on the web,
> > which is you could use OpenID if you have one, or the old-fashion type
> > if you don't.
> >
> > However, with OpenID > 1.0, it is possible to add attributes, so OpenID
> > in OpenSim is a means of avatar portability, since one of the attributes
> > would be a URL to where your avatar can be found.
> >
> > That can't be done the old fashioned way.
> >
> > What specifically is your concern about OpenID?
> >
> > Cheers,
> >
> > On Wed, 2008-03-26 at 23:57 -0400, The Burnman wrote:
> > > And I take it we are still on the "optional module" page in reference
> > > to OpenID, yes?
> > > _______________________________________________
> > > Opensim-dev mailing list
> > > Opensim-dev at lists.berlios.de
> > > https://lists.berlios.de/mailman/listinfo/opensim-dev
> >
> > --
> > Software Engineer
> > http://www.3di.jp
> >
> > The opinions expressed herein represent those of the individual, and do
> > not constitute company policy unless expressly stated.
> >
> > _______________________________________________
> > Opensim-dev mailing list
> > Opensim-dev at lists.berlios.de
> > https://lists.berlios.de/mailman/listinfo/opensim-dev

More information about the Opensim-dev mailing list