[Opensim-dev] OAuth as authentication and authorisation (capability) specification
Tommi Laukkanen
tommi.s.e.laukkanen at gmail.com
Sat Apr 25 15:09:59 UTC 2009
Hello
>
> Oauth is not an authentication system, it is delegated credentials
> system via a third party.
>
Authentication and authorisation with delegated credentials is what we
need as identities will be provided by identity providers and assets
from asset providers in distributed model. We need the client to be
able to authenticate against indentity provider acquire tokens and
provide them to region for authentication on region level, access to
profile information and assets etc. It is not good idea to pass
credentials to the region server directly.
> FOAF+SSL (aka Secure Web ID), is a much newer 3.0 techonology which
> has less complex interactions (no third party authentication or
> passwords required, it is a client server). In a nutshell it uses the
> well established SSL protocol for authentication, and FOAF to makup a
> public key in your profile.
You can use OAuth for 2 legged authentication but your suggestion
sounds interesting as well. One would like to be able to use existing
networks hosting user identities but time will rectify that for any
new technologies as they gain popularity.
-tommi
More information about the Opensim-dev
mailing list