[Opensim-dev] User Authentication

Hurliman, John john.hurliman at intel.com
Tue Feb 24 01:12:17 UTC 2009 

>-----Original Message-----
>From: opensim-dev-bounces at lists.berlios.de [mailto:opensim-dev-
>bounces at lists.berlios.de] On Behalf Of Diva Canto
>Sent: Monday, February 23, 2009 5:06 PM
>To: opensim-dev at lists.berlios.de
>Subject: Re: [Opensim-dev] User Authentication
>
>Mark Malewski wrote:
>
>	Just to clarify...
>
>	> Grids could provide openIDs in the form of
>"openid.osgrid.org/users/screenname
><http://openid.osgrid.net/screenname> "
>
>	With all grids being independent of one another, or in the example
>given by John, maybe use an "openid.osgrid.org/users/screenname"
>
>	http://openid.osgrid.org/users/Charles_Krinke
>
>
>For those of you who don't know, this already exists. Click this:
>http://osgrid.org:8002/users/charles_krinke
>or this:
>http://ucigrid00.nacs.uci.edu:8002/users/crista_lopes
>
>
>
>	Again, in this example Charles happens to have his identity at
>OSGrid, but that's not a requirement of the exchange. It could just as
>easily been an identity from another grid.
>
>	This way various grids could all run "openID" servers, and trust
>agreements would need to be established between the various grids.
>
>I'm not going to act on anything that suggests "trust agreements between
>various grids." That's an AWG concept that I very much disagree with,
>and want no part in. I have no problem with companies cutting corners on
>security in order to be able to exchange agents on a lawyer-backed up
>trust basis. But that's not what I'm doing here, and that's not what a
>lot of people want OpenSim to be.
>
>The goal is to be able to go from my home standalone to *any* sim out
>there that I know nothing about, and still be sure that nothing bad will
>happen to my belongings. Anything less than this is not acceptable as a
>goal, for me.
>
>Crista
>

Mark, could you elaborate on what you meant here? As long as the default setup of a grid allows foreign visitors, I don't think any explicit trust mapping needs to happen. As Diva said, this kind of explicit mapping was the goal of the AWG and is now the goal of the MMOX group, which doesn't get us any closer to secure interoperability. A crucial part of any solution is going to be making sure there is a good default setting that enables Hypergrid-like behavior.

John

More information about the Opensim-dev mailing list