[Opensim-dev] Authentication and oAuth
Diva Canto
diva at metaverseink.com
Sun Mar 1 19:00:27 UTC 2009
There's also a very nice paper about it here.
http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf
Tommi Laukkanen wrote:
> Thanks :) I stand corrected
>
> On Sun, Mar 1, 2009 at 8:27 PM, Diva Canto <diva at metaverseink.com
> <mailto:diva at metaverseink.com>> wrote:
>
> Just to keep the record straight, the Capabilities concept is
> about 50 years old. It was devised at about the same time as ACLs.
> For a number of reasons, ACLs have dominated the field. See here
> for a nice historical perspective:
> http://www.nabble.com/On-the-Spread-of-the-Capability-Approach-to5608409.html
>
> Tommi Laukkanen wrote:
>> Hi Diva
>>
>> Thanks for the analysis. I have to admit I have only fastly
>> scanned the oAuth spec. They advertise that it works for desktop
>> applications so I assume it should not necessarily be too complex
>> for the end user and not too hard to implement either. Someone
>> would need to study / poc it or get a statement from the oAuth
>> team. If the viewer acts as users and regions are consumers it
>> could be that it can be nicely automated and hidden from the
>> user. This would allow us to use all those identity providers who
>> have adopted oAuth. Personally I think identity management,
>> authentication and authorisation are so well known fields that it
>> would be odd if we had to invent it from scratch. That said we
>> should not try bend a standard to something which is not suitable
>> for.
>>
>> In the end it is important to realise that this is not just about
>> virtual worlds but all identity management in the net. No user
>> wants to upkeep separate credentials just for virtual worlds.
>> Besides web and vws will become more and more entangled in the
>> long run. If we want to have a system which will fly in the near
>> future we should stick our identity eggs to same basket with the
>> rest of the internet crowd.
>>
>> regards,
>> Tommi
>> ------------------------------------------------------------------------
>> _______________________________________________ Opensim-dev
>> mailing list Opensim-dev at lists.berlios.de
>> <mailto:Opensim-dev at lists.berlios.de>
>> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de <mailto:Opensim-dev at lists.berlios.de>
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20090301/6fd070da/attachment-0001.html>
More information about the Opensim-dev
mailing list