[Opensim-dev] User Authentication
Mark Malewski
mark.malewski at gmail.com
Tue Feb 24 02:50:28 UTC 2009
John,
I apologize. I didn't realize that OSgrid.org and uic.edu were both already
running OpenID identity servers. I believe Crista misunderstood what I was
saying (I admit my words were a bit unclear).
This is what I said:
*> This way various grids could all run "openID" servers, and trust
>agreements would need to be established between the various grids.
*
Let me clarify this further, and this is what I meant to say:
This way various grids could each run their own OpenID Identity servers, and
an OpenID Identity would/could be used to establish the "interoperable"
trust agreement (the established identity) between a community of users and
the various grids.
*>I'm not going to act on anything that suggests "trust agreements between
>various grids." *
I was referring to an interoperable "OpenID" Identity (as the cross-grid
identity). I apologize for using the word "trust" or not being clearer.
*> Thank you for letting me be the example. I find this exchange very
stimulating. *
Charles, soon people will be asking for autographs. ;-)
Mark
On Mon, Feb 23, 2009 at 7:12 PM, Hurliman, John <john.hurliman at intel.com>wrote:
> >-----Original Message-----
> >From: opensim-dev-bounces at lists.berlios.de [mailto:opensim-dev-
> >bounces at lists.berlios.de] On Behalf Of Diva Canto
> >Sent: Monday, February 23, 2009 5:06 PM
> >To: opensim-dev at lists.berlios.de
> >Subject: Re: [Opensim-dev] User Authentication
> >
> >Mark Malewski wrote:
> >
> > Just to clarify...
> >
> > > Grids could provide openIDs in the form of
> >"openid.osgrid.org/users/screenname
> ><http://openid.osgrid.net/screenname> "
> >
> > With all grids being independent of one another, or in the example
> >given by John, maybe use an "openid.osgrid.org/users/screenname"
> >
> > http://openid.osgrid.org/users/Charles_Krinke
> >
> >
> >For those of you who don't know, this already exists. Click this:
> >http://osgrid.org:8002/users/charles_krinke
> >or this:
> >http://ucigrid00.nacs.uci.edu:8002/users/crista_lopes
> >
> >
> >
> > Again, in this example Charles happens to have his identity at
> >OSGrid, but that's not a requirement of the exchange. It could just as
> >easily been an identity from another grid.
> >
> > This way various grids could all run "openID" servers, and trust
> >agreements would need to be established between the various grids.
> >
> >I'm not going to act on anything that suggests "trust agreements between
> >various grids." That's an AWG concept that I very much disagree with,
> >and want no part in. I have no problem with companies cutting corners on
> >security in order to be able to exchange agents on a lawyer-backed up
> >trust basis. But that's not what I'm doing here, and that's not what a
> >lot of people want OpenSim to be.
> >
> >The goal is to be able to go from my home standalone to *any* sim out
> >there that I know nothing about, and still be sure that nothing bad will
> >happen to my belongings. Anything less than this is not acceptable as a
> >goal, for me.
> >
> >Crista
> >
>
> Mark, could you elaborate on what you meant here? As long as the default
> setup of a grid allows foreign visitors, I don't think any explicit trust
> mapping needs to happen. As Diva said, this kind of explicit mapping was the
> goal of the AWG and is now the goal of the MMOX group, which doesn't get us
> any closer to secure interoperability. A crucial part of any solution is
> going to be making sure there is a good default setting that enables
> Hypergrid-like behavior.
>
> John
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20090223/c1e1c2f6/attachment-0001.html>
More information about the Opensim-dev
mailing list