[Opensim-dev] User Authentication

[Diva Canto]

Thanks for all these ideas. As usual, talking throws everything up in 
the air, then it's up to whoever wants to act to pick up the interesting 
bits. Here's my summary and proposed action items.

User authentication / security is a critical thing in interoperability, 
and it requires a serious commitment from that cloudy component called 
"the viewer". Given the background of this project, we have 3 options:
a) reuse the LL Viewer as-is and hack the heck of out it;
b) write a new viewer designed for open VW systems from the onset;
c) use what we can from the LL Viewer and move the [security-critical] 
1D and 2D components out to more secure, possibly standard, clients 
which can then be accessed either through a regular Web browser or 
through the embedded browser;

As Stefan put it to me, we, as a community, need to do all of the above 
at the same time :-)
Option b), however, is the least actionable as a strategy, unless 
someone is willing to invest a lot of time/money. And even then... it's 
probably a better idea to do c) first.

So here's my plan, as user authentication and security goes:

* Within a few days: write a simple [optional] UserAuthenticationModule 
along the lines of option a) that does the following: upon a 
NewUserConnection, regions will check with the incoming user's User 
server that the declared user exists and is logged into the system. 
Furthermore, upon AddNewClient (which happens shortly after), regions 
will challenge the incoming client with 3 UDP Ping messages having 
random seq numbers, to which the incoming client must respond correctly 
(look at it as the Bridge of Death in Monty Python and the Holy Grail). 
This will prevent spoofing and other kinds of false impersonations to 
which OpenSim is vulnerable right now. This Authentication module will 
likely go away as we rethink the whole thing seriously around option c). 
But it will be a good exercise around the topic of authentication, while 
making things more secure right now.

* Within the next month: write wrapper modules around inventory and 
Scene.Inventory to implement the concept of the Suitcase. That is, at 
"home" (a concept which can be extended to many regions) the user can 
access inventory via the LL Viewer as normal; outside those regions, the 
user can only access a few folders. This is a simple idea whose 
implementation will require a serious incursion into option a), the art 
of hackery. But the good thing is that this general idea will also serve 
option c) well: once we have a web interface to the user's inventory, 
the user will be able to safely access the entirety of her inventory no 
matter where she is, via the embedded web browser. The Suitcase 
folder(s) can still be accessed via the LL Viewer, for convenience. So 
the user can do things like this: "Oh, shoot, I forgot to pack that 
object that I want to give you. Hold on. <Moves item from private folder 
to Suitcase folder via inventory web page> <Drags from Suitcase folder 
to friend on the LL Viewer> There you have it."

So, not the grand vision yet; just small feasible steps towards it.

Comments?

Crista