[Opensim-dev] Trust & distributed grids

Marc Adored marc at inworlddesigns.com
Tue Nov 24 16:53:41 UTC 2009 

I suggest a centralized system thats decentralized :P kind of like a
cloud computing setup. It all seems centralized to the naked eye but a
lot of decentralized things go on. This can be done 2 ways as I see
it. Both ways require OpenSim to allow multiple authentication
servers. 1 way which would work for not breaking compatibility with
current viewers would be to have a central domain they connect to that
is adjusted to different authentication servers based on load. Like a
round robin setup but controlled by OpenSim. This like I said is best
for not breaking current viewers but requires some type of interaction
with a dns server. The second would be to modify the viewers to simply
query the routing server which would tell the viewer which
authentication server would be best to use at that moment. This would
also work pretty well with the asset servers too but I believe this
topic is about authentication methods.

OpenID I don't have an opinion on it because it doesn't really benefit
the project load and scalability wise because it would still need to
be matched to an existing account on the grid. If anything it adds
another step to the authentication process which can create more load.

My knowledge in cloud computing is rather new so maybe some of this
doesn't make sense but hopefully you guys will get what i am saying. A
lot of scalability can be added by using a database system that scales
well. MySQL is notoriously not scalable and a load monster. I know
that there is already some stuff in there for different database
systems so this might be already on its way.



On Tue, Nov 24, 2009 at 9:59 AM, Impalah Shenzhou <impalah at gmail.com> wrote:
> Ok, maybe it's a misunderstood. I will try to explain what I wanted to know:
>
> Imagine 100000 region servers pretending to be a grid.
>
> What I understood from Morgaine comment:
>
>             Opensim needs decentralized / distributed mechanisms for
> identity,
>
> was
>
> "I have entered that grid, my authentication was managed by one region
> server. When I try to jump to another region in the same grid I have to
> authenticate again in the region server and that region server must contain
> my data to authenticate me again".
>
> Nowadays is like: Enter in a grid, being authenticated by a common user
> server, when I want to jump to another region in the grid, I don't need to
> authenticate me again.
>
> What I understand with "descentralized" is: each opensim servers has the
> mechanisms to authenticate an user even when it is part of a grid.
>
> And that is what I don't understand: why? why not to surrogate the
> authentications to specialized and centralized servers.
>
> And that was the reason for my question about OpenID, maybe this is a system
> considered "decentralized".
>
>
> Anyway I can't see anything bad on centralized servers. If anyone wants to
> enter in my server he/she have to follow my rules; if I have 1000 servers, I
> provide you with a common auth mechanism for accessing all of them.
>
> Or maybe I am completelly wrong.
>
>
> Greetings
>
>
>
>
>
> 2009/11/24 Robert A. Knop Jr. <rknop at pobox.com>
>>
>> I don't know that this really *is* offtopic, unless it's already a
>> settled issue amongs the OpenSim devs.
>>
>> On Tue, Nov 24, 2009 at 02:19:20PM +0100, Impalah Shenzhou wrote:
>> > I could trust in you, but you need to tell me "you are really you" with
>> > a
>> > local login (i.e. email headers can be altered to impersonate as another
>> > person) or someone I trust should tell it to me (i.e. OpenID).
>>
>> Do you have any personal web pages anywhere?  Do you run any CGI or any
>> PHP there?  Do you identify everybody who comes there?  That's the
>> analogy we should think about.  Yes, we need a secure infrastructure so
>> that only the small number of people you *really* trust can do scary
>> things.  But at the level of running regions -- well, you may be using a
>> hosting provider, or you may be hosting yourself, but you don't need
>> full and complete trust that everybody is who they claim to be just to
>> connect to the world.
>>
>> --
>> --Rob Knop
>>  E-mail:    rknop at pobox.com
>>  Home Page: http://www.pobox.com/~rknop/
>>  Blog:      http://www.sonic.net/~rknop/blog/
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (GNU/Linux)
>>
>> iD8DBQFLC+pcfEn1oMJSrdsRApVqAKCGz8o5gt7vEqvl3HJK07jftpLi5wCg56g+
>> oq1mcfGvljoH5K0Y6X/WX9M=
>> =bh/M
>> -----END PGP SIGNATURE-----
>>
>> _______________________________________________
>> Opensim-dev mailing list
>> Opensim-dev at lists.berlios.de
>> https://lists.berlios.de/mailman/listinfo/opensim-dev
>>
>
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>

More information about the Opensim-dev mailing list