IETF Logo Mail Archive

Re: [ogpx] Feedback to draft-hamrick-vwrap-authentication-00.txt

Morgaine <morgaine.dinova@googlemail.com> Sat, 06 March 2010 20:39 UTC

Return-Path: <morgaine.dinova@googlemail.com>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C561128C1F9 for <ogpx@core3.amsl.com>; Sat, 6 Mar 2010 12:39:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.56
X-Spam-Level:
X-Spam-Status: No, score=-1.56 tagged_above=-999 required=5 tests=[AWL=0.416, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QBilappiZrBw for <ogpx@core3.amsl.com>; Sat, 6 Mar 2010 12:39:33 -0800 (PST)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id C26D328C1D7 for <ogpx@ietf.org>; Sat, 6 Mar 2010 12:39:32 -0800 (PST)
Received: by wyb40 with SMTP id 40so2652555wyb.31 for <ogpx@ietf.org>; Sat, 06 Mar 2010 12:39:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=Ijpy60wzH62tyCHBsJpyHvWXdi0p74GvG+L0JMvnBj4=; b=gbsaBYdsZtZqOh+u+tV2bUlhlsbHU3qmt0zDXlIhgHbTnVikr7TK5NkCIaPLceGEqX Yxz1mtKGwQ2249Z8HjXZ4ZbUwrcrV914ODUYTCIZOhYc9fchdWAzUkgJ0bToT5qhoBA9 PLfn5+Z0WOANqte5wuTw7kAwig1I7Pwvm2DIU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=O2jYj+vgme5f0fTtOyirLJ8qfx+xJCGQxFV+J4sG79uGqMTPALYbhapxPiePRAzGSW Jt3LR0BxNY8/1pw26xGDaGF6Ar7SaM4QM/Jw/ikuOtfRHvIYxHl5camDZ/7bBQHvV1HU pn2pFcwwn/j0qLAbAaNDNxj/7efn+Pru0Y9tE=
MIME-Version: 1.0
Received: by 10.216.170.213 with SMTP id p63mr647215wel.33.1267907972399; Sat, 06 Mar 2010 12:39:32 -0800 (PST)
In-Reply-To: <20100306142607.GB24621@alinoe.com>
References: <20100306142607.GB24621@alinoe.com>
Date: Sat, 06 Mar 2010 20:39:32 +0000
Message-ID: <e0b04bba1003061239n5a0f2957w6a506222b5e533ce@mail.gmail.com>
From: Morgaine <morgaine.dinova@googlemail.com>
To: Carlo Wood <carlo@alinoe.com>
Content-Type: multipart/alternative; boundary="0016363ba6664d81b5048127d4f4"
Cc: ogpx@ietf.org
Subject: Re: [ogpx] Feedback to draft-hamrick-vwrap-authentication-00.txt
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual World Region Agent Protocol - IETF working group <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Mar 2010 20:39:34 -0000

On Sat, Mar 6, 2010 at 2:26 PM, Carlo Wood <carlo@alinoe.com> wrote:

> 2.3.1.  Agent Identifier
> 2.3.2.  Account Identifier
>
> These paragraphs (and possibly further on in the document)
> refer to a first_name and last_name that together identity
> an agent.



The {first_name} + {last_name} concept has no place in VWRAP as a
requirement anyway.  That's a particular property of Second Life.

We've discussed agent naming here on previous occasions, and suggested more
general alternatives to the approach used in SL.  Needless to say, policy on
the names that are visible within any given world is a matter for that world
to decide.

Many worlds will have in-character naming policies which reflect the nature
of their world to preserve immersion, others will enforce narrow RL
worldviews, while others will be entirely free.  It's not our job to dictate
naming policy, but to provide the protocol infrastructure to allow all
technically-viable naming policies to be expressed.

This -00 draft is the original draft which has not yet taken our previous
discussions on this topic into account.  Subsequent drafts will no doubt
reflect our input.



> 1. I propose to remove the notion of "first and last
>   names" from the VWRAP documents. And only speak
>   about Agent Identifier (a single sequence of octets),
>   and Account Identifier (likewise).
>
> 2. Maximum length and the characters that need to
>   be supported should be defined in the document.
>


I agree.

However, don't forget the "@<world>" or "@<identity_provider>" issue which
we've discussed before.  Unadorned names will not be unique by themselves.
It is of course up to users whether other people's fully qualified identity
is displayed in their viewer or not.  No doubt this will become a user
setting.

A region will commonly contain visitors from many different worlds.  Some of
those worlds will run their own name registration service as well, but there
will also be independent name registrars that run no world of their own,
providing identities which can be used with any compatible world.  Again, we
do not set policy, but we expect VWRAP to enable worlds to accept agents
names (as well as full avatars) registered with any compatible service,
should they wish to do so.


Morgaine.





============================

On Sat, Mar 6, 2010 at 2:26 PM, Carlo Wood <carlo@alinoe.com> wrote:

> 2.3.1.  Agent Identifier
> 2.3.2.  Account Identifier
>
> These paragraphs (and possibly further on in the document)
> refer to a first_name and last_name that together identity
> an agent.
>
> The very word 'name', certainly in combination with 'first'
> and 'last', strongly suggest that these two are sequences
> of octets from a restricted set, most notably, that they
> should not contain unprintable characters, punctuation or
> spaces.
>
> * What is missing the definition of what characters each
>  name may be made up of, and what are the maximum lengths
>  that need to be supported.
>
> Moreover, if first_name and last_name may not contain a
> space, and if neither makes ever sense to be used alone
> (which is the case imho), it is not really the business
> of VWRAP to deal with first_name and last_name separately.
>
> Instead one can simply define an opaque sequence of octets
> representing the "Agent Identifier", which in practise
> might or might not be "first_name last_name" (separated
> by a space).
>
> * I miss the point that makes it necessary to take the
>  Agent Identifier apart into two not further defined
>  strings.
>
> Note that if a client application wishes to make an
> explicit difference between the "first name" and "last
> name" part, for example by using two separate input
> fields when the user has to input them, then it can
> still do so, and catenate the two before sending it
> to the agent domain.
>
> 1. I propose to remove the notion of "first and last
>   names" from the VWRAP documents. And only speak
>   about Agent Identifier (a single sequence of octets),
>   and Account Identifier (likewise).
>
> 2. Maximum length and the characters that need to
>   be supported should be defined in the document.
>
> Finally, note that if Second Life (tm) requires
> a First and Last name string internally, they can
> still have those: The Agent Identifier is generated
> by Linden Lab, they can enforce that it exists of
> two names separated by a space. So, it would be
> minor/small change to accept a single string in
> the authentication protocol and than separate that
> again into two tokens upon receipt.
>
> --
> Carlo Wood <carlo@alinoe.com>
> _______________________________________________
> ogpx mailing list (VWRAP working group)
> ogpx@ietf.org
> https://www.ietf.org/mailman/listinfo/ogpx
>

v2.23.0 | Report a Bug | By Email