<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
There's also a very nice paper about it here. <br>
<a class="moz-txt-link-freetext" href="http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf">http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf</a><br>
<br>
Tommi Laukkanen wrote:
<blockquote
cite="mid:ad15b9430903011038o794affc6pdeb94d568db1c2cf@mail.gmail.com"
type="cite">Thanks :) I stand corrected<br>
<br>
<div class="gmail_quote">On Sun, Mar 1, 2009 at 8:27 PM, Diva Canto <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:diva@metaverseink.com">diva@metaverseink.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="border-left: 1px solid rgb(204, 204, 204); margin: 0px 0px 0px 0.8ex; padding-left: 1ex;">
<div text="#000000" bgcolor="#ffffff">Just to keep the record
straight, the Capabilities concept is about 50 years old. It was
devised at about the same time as ACLs. For a number of reasons, ACLs
have dominated the field. See here for a nice historical perspective: <a
moz-do-not-send="true"
href="http://www.nabble.com/On-the-Spread-of-the-Capability-Approach-to5608409.html"
target="_blank">http://www.nabble.com/On-the-Spread-of-the-Capability-Approach-to5608409.html</a><br>
<br>
Tommi Laukkanen wrote:
<blockquote type="cite">
<div>
<div class="Wj3C7c">
<div>Hi Diva</div>
<div> </div>
<div>Thanks for the analysis. I have to admit I have only fastly
scanned the oAuth spec. They advertise that it works for desktop
applications so I assume it should not necessarily be too complex for
the end user and not too hard to implement either. Someone would need
to study / poc it or get a statement from the oAuth team. If the viewer
acts as users and regions are consumers it could be that it can be
nicely automated and hidden from the user. This would allow us to use
all those identity providers who have adopted oAuth. Personally I think
identity management, authentication and authorisation are so well known
fields that it would be odd if we had to invent it from scratch. That
said we should not try bend a standard to something which is not
suitable for. </div>
<div> </div>
<div>In the end it is important to realise that this is not just
about virtual worlds but all identity management in the net. No user
wants to upkeep separate credentials just for virtual worlds.
Besides web and vws will become more and more entangled in the long
run. If we want to have a system which will fly in the near future we
should stick our identity eggs to same basket with the rest of the
internet crowd.</div>
<div> </div>
<div>regards,</div>
<div>Tommi</div>
</div>
</div>
<pre><hr size="4" width="90%"><div class="Ih2E3d">
_______________________________________________
Opensim-dev mailing list
<a moz-do-not-send="true" href="mailto:Opensim-dev@lists.berlios.de"
target="_blank">Opensim-dev@lists.berlios.de</a>
<a moz-do-not-send="true"
href="https://lists.berlios.de/mailman/listinfo/opensim-dev"
target="_blank">https://lists.berlios.de/mailman/listinfo/opensim-dev</a>
</div></pre>
</blockquote>
<br>
</div>
<br>
_______________________________________________<br>
Opensim-dev mailing list<br>
<a moz-do-not-send="true" href="mailto:Opensim-dev@lists.berlios.de">Opensim-dev@lists.berlios.de</a><br>
<a moz-do-not-send="true"
href="https://lists.berlios.de/mailman/listinfo/opensim-dev"
target="_blank">https://lists.berlios.de/mailman/listinfo/opensim-dev</a><br>
<br>
</blockquote>
</div>
<br>
<pre wrap="">
<hr size="4" width="90%">
_______________________________________________
Opensim-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Opensim-dev@lists.berlios.de">Opensim-dev@lists.berlios.de</a>
<a class="moz-txt-link-freetext" href="https://lists.berlios.de/mailman/listinfo/opensim-dev">https://lists.berlios.de/mailman/listinfo/opensim-dev</a>
</pre>
</blockquote>
<br>
</body>
</html>