[Opensim-dev] Authentication and oAuth

Diva Canto diva at metaverseink.com
Sun Mar 1 20:30:35 UTC 2009 

I strongly recommend reading that paper I sent the reference to.

The cool thing about CAPs on the web (and the reason why I'm excited 
about it, after knowing _of_ CAPs for 20 years and never really getting 
them) is that CAPs are URLs that can come and go dynamically. Most of 
the CAPs literature is within the field of operating systems, which is 
slightly different. Think of CAPs here as URLs that are dynamically 
created and revoked. If the URL is not there, you can't access the 
service even if you know about the URL.

So yes, region A can get a one-time CAP for an item, and instead of 
using it, it passes it to region B. You have the same problem with 
Tokens: region A gets the authorized token, but instead of using it, 
passes it to region B. This is, as you say, a matter of certifying the 
receiver, which is a separate matter.

It would be nice to have some security experts in this discussion...
On my end I'm really excited with this idea of URLs that come and go in 
shared-secret URLs instead of fixed URLs+authentication+authorization.

Tommi Laukkanen wrote:
> Hello
>  
> After reading a bit of that article and wikipedia about capabilities 
> based security it looks to me that the capability model requires quite 
> severe assumptions about environment they are used in. If I understand 
> the system correctly the capability framework has to be in control of 
> the client process capability list to stop it from forging 
> capabilities or altering them. This would work inside one operating 
> system but not in the internet? Even if there is somekind of 
> encryption scheme to avoid forgery the capabilities can be passed 
> around by internet client programs if they are not controlled somehow. 
> Thus if you give capability A to Alice, she can pass it to Bob. I 
> guess you can still work around this by signing the capability to 
> Alice. In the end this becomes quite complex way of writing a 
> certificate for Alice to do thing 1,2,3 to object X. If you consider 
> using this in any real system you end up with huge amount of these 
> capabilities (combination of subject, abilities and resource) which 
> you need to process.
>  
> Is there a document on SL capabilities so I could knock some knowledge 
> in my head?
>  
> regards,
> Tommi
> ------------------------------------------------------------------------
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20090301/43c2a703/attachment-0001.html>

More information about the Opensim-dev mailing list