Re: [ogpx] Context for Service Establishment in OGP
Christian Scholz <cs@comlounge.net> Tue, 02 June 2009 19:22 UTC
Return-Path: <cs@comlounge.net>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 662E828C24B for <ogpx@core3.amsl.com>;
Tue, 2 Jun 2009 12:22:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5
tests=[BAYES_00=-2.599, J_CHICKENPOX_36=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Re3DNoDl8z9p for
<ogpx@core3.amsl.com>; Tue, 2 Jun 2009 12:22:57 -0700 (PDT)
Received: from post.comlounge.net (post.comlounge.net [85.214.59.142]) by
core3.amsl.com (Postfix) with ESMTP id 2D5BF28C186 for <ogpx@ietf.org>;
Tue, 2 Jun 2009 12:22:57 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by post.comlounge.net
(Postfix) with ESMTP id 2CFD71CE00DF; Tue, 2 Jun 2009 21:22:56 +0200 (CEST)
Received: from post.comlounge.net ([127.0.0.1]) by localhost
(h1346004.stratoserver.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
id Y6LcYbKwp3UZ; Tue, 2 Jun 2009 21:22:55 +0200 (CEST)
Received: from [192.168.2.101] (p5B3D7B56.dip.t-dialin.net [91.61.123.86]) by
post.comlounge.net (Postfix) with ESMTP id 3C5041CE002B;
Tue, 2 Jun 2009 21:22:55 +0200 (CEST)
Message-ID: <4A257C13.20407@comlounge.net>
Date: Tue, 02 Jun 2009 21:22:59 +0200
From: Christian Scholz <cs@comlounge.net>
User-Agent: Thunderbird 2.0.0.21 (Windows/20090302)
MIME-Version: 1.0
To: Infinity Linden <infinity@lindenlab.com>
References: <3a880e2c0906010249n34bf1b3di1aa588a6ba9b9bde@mail.gmail.com>
In-Reply-To: <3a880e2c0906010249n34bf1b3di1aa588a6ba9b9bde@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Cc: "ogpx@ietf.org" <ogpx@ietf.org>
Subject: Re: [ogpx] Context for Service Establishment in OGP
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual Worlds and the Open Grid Protocol <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2009 19:22:58 -0000
Hi! First of all great to see some action again :-) And who is actually coming to Stockholm? > i've been talking with John Hurliman about OAuth and David Lavine > regarding X.509, and at some point it made sense to abstract the three > different authentication / authorization schemes into a single > "service establishment pattern." The message I just sent out really > describes only the mechanism (and only enough mechanism to understand > the concept.) over the next couple of weeks, i'd like to add some more > detail to this and integrate it into the OGP : Authentication > document. So feedback will definitely be welcomed. > > to recap: > > * there are three different types of authentication / authorization: > password, X.509 and OAuth > * password auth is appropriate for user -> server authentication > * X.509 is appropriate for server <-> server authentication, and > * OAuth is appropriate for server -> distant peer (whom you may not > have an explicit trust relationship with.) > * in all cases, you start with an authenticator (a password, a > certificate or a token) and by presenting it to a server at a well > defined service establishment URL, you'll get a seed cap back > * with that seed cap, you can request those specific capabilities you require I personally would prefer it more if OAuth would replace those caps (as you probably know). Are there any plans to do more than just the initial step? Also what problem we are trying to solve here? What is an example use case? I think that would help me to understand the context even more :-) -- Christian -- COM.lounge GmbH http://comlounge.net Hanbrucher Strasse 33, 52064 Aachen Amtsgericht Aachen HRB 15170 Geschäftsführer: Dr. Ben Scheffler, Christian Scholz email: info@comlounge.net fon: +49-241-4007300 fax: +49-241-97900850 personal email: cs@comlounge.net personal blog: http://mrtopf.de/blog personal podcasts: http://openweb-podcast.de, http://datawithoutborders.net
- [ogpx] Context for Service Establishment in OGP Infinity Linden
- Re: [ogpx] Context for Service Establishment in O… Hurliman, John
- [ogpx] Fwd: Context for Service Establishment in … Infinity Linden
- Re: [ogpx] Fwd: Context for Service Establishment… Hurliman, John
- Re: [ogpx] Fwd: Context for Service Establishment… Infinity Linden
- Re: [ogpx] Fwd: Context for Service Establishment… Hurliman, John
- Re: [ogpx] Context for Service Establishment in O… Christian Scholz
- Re: [ogpx] Context for Service Establishment in O… David W Levine
- Re: [ogpx] Context for Service Establishment in O… Infinity Linden
- Re: [ogpx] Context for Service Establishment in O… Hurliman, John