[Opensim-dev] Authentication and oAuth

Diva Canto diva at metaverseink.com
Sun Mar 1 19:00:27 UTC 2009 

There's also a very nice paper about it here.
http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf

Tommi Laukkanen wrote:
> Thanks :) I stand corrected
>
> On Sun, Mar 1, 2009 at 8:27 PM, Diva Canto <diva at metaverseink.com 
> <mailto:diva at metaverseink.com>> wrote:
>
>     Just to keep the record straight, the Capabilities concept is
>     about 50 years old. It was devised at about the same time as ACLs.
>     For a number of reasons, ACLs have dominated the field. See here
>     for a nice historical perspective:
>     http://www.nabble.com/On-the-Spread-of-the-Capability-Approach-to5608409.html
>
>     Tommi Laukkanen wrote:
>>     Hi Diva
>>      
>>     Thanks for the analysis. I have to admit I have only fastly
>>     scanned the oAuth spec. They advertise that it works for desktop
>>     applications so I assume it should not necessarily be too complex
>>     for the end user and not too hard to implement either. Someone
>>     would need to study / poc it or get a statement from the oAuth
>>     team. If the viewer acts as users and regions are consumers it
>>     could be that it can be nicely automated and hidden from the
>>     user. This would allow us to use all those identity providers who
>>     have adopted oAuth. Personally I think identity management,
>>     authentication and authorisation are so well known fields that it
>>     would be odd if we had to invent it from scratch. That said we
>>     should not try bend a standard to something which is not suitable
>>     for.
>>      
>>     In the end it is important to realise that this is not just about
>>     virtual worlds but all identity management in the net. No user
>>     wants to upkeep separate credentials just for virtual worlds.
>>     Besides web and vws will become more and more entangled in the
>>     long run. If we want to have a system which will fly in the near
>>     future we should stick our identity eggs to same basket with the
>>     rest of the internet crowd.
>>      
>>     regards,
>>     Tommi
>>     ------------------------------------------------------------------------
>>     _______________________________________________ Opensim-dev
>>     mailing list Opensim-dev at lists.berlios.de
>>     <mailto:Opensim-dev at lists.berlios.de>
>>     https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
>     _______________________________________________
>     Opensim-dev mailing list
>     Opensim-dev at lists.berlios.de <mailto:Opensim-dev at lists.berlios.de>
>     https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20090301/6fd070da/attachment-0001.html>

More information about the Opensim-dev mailing list