Re: [ogpx] Context for Service Establishment in OGP
David W Levine <dwl@us.ibm.com> Tue, 02 June 2009 19:32 UTC
Return-Path: <dwl@us.ibm.com>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 42D6A3A6D90; Tue, 2 Jun 2009 12:32:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.998
X-Spam-Level:
X-Spam-Status: No, score=-5.998 tagged_above=-999 required=5
tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_36=0.6,
RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PxBc88coadwl;
Tue, 2 Jun 2009 12:32:17 -0700 (PDT)
Received: from e4.ny.us.ibm.com (e4.ny.us.ibm.com [32.97.182.144]) by
core3.amsl.com (Postfix) with ESMTP id B4ACB28C17E;
Tue, 2 Jun 2009 12:32:13 -0700 (PDT)
Received: from d01relay04.pok.ibm.com (d01relay04.pok.ibm.com [9.56.227.236])
by e4.ny.us.ibm.com (8.13.1/8.13.1) with ESMTP id n52JRZm7012279;
Tue, 2 Jun 2009 15:27:35 -0400
Received: from d01av05.pok.ibm.com (d01av05.pok.ibm.com [9.56.224.195]) by
d01relay04.pok.ibm.com (8.13.8/8.13.8/NCO v9.2) with ESMTP id n52JWDGK115226;
Tue, 2 Jun 2009 15:32:14 -0400
Received: from d01av05.pok.ibm.com (loopback [127.0.0.1]) by
d01av05.pok.ibm.com (8.13.1/8.13.3) with ESMTP id n52JWD54003194;
Tue, 2 Jun 2009 15:32:13 -0400
Received: from d01ml605.pok.ibm.com (d01ml605.pok.ibm.com [9.56.227.91]) by
d01av05.pok.ibm.com (8.13.1/8.12.11) with ESMTP id n52JWDge003188;
Tue, 2 Jun 2009 15:32:13 -0400
In-Reply-To: <4A257C13.20407@comlounge.net>
References: <3a880e2c0906010249n34bf1b3di1aa588a6ba9b9bde@mail.gmail.com>
<4A257C13.20407@comlounge.net>
To: Christian Scholz <cs@comlounge.net>
MIME-Version: 1.0
X-KeepSent: 25AA132B:6AECBFF3-852575C9:006B4B9F; type=4; name=$KeepSent
X-Mailer: Lotus Notes Release 8.0.1 HF105 April 10, 2008
Message-ID: <OF25AA132B.6AECBFF3-ON852575C9.006B4B9F-852575C9.006B51E5@us.ibm.com>
From: David W Levine <dwl@us.ibm.com>
Date: Tue, 2 Jun 2009 15:32:13 -0400
X-MIMETrack: Serialize by Router on D01ML605/01/M/IBM(Release 8.5|December 05,
2008) at 06/02/2009 15:32:13, Serialize complete at 06/02/2009 15:32:13
Content-Type: multipart/alternative;
boundary="=_alternative 006B51E3852575C9_="
Cc: Infinity Linden <infinity@lindenlab.com>, ogpx-bounces@ietf.org,
"ogpx@ietf.org" <ogpx@ietf.org>
Subject: Re: [ogpx] Context for Service Establishment in OGP
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual Worlds and the Open Grid Protocol <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2009 19:32:18 -0000
I will be there. Christian Scholz <cs@comlounge.net> Sent by: ogpx-bounces@ietf.org 06/02/2009 03:22 PM To Infinity Linden <infinity@lindenlab.com> cc "ogpx@ietf.org" <ogpx@ietf.org> Subject Re: [ogpx] Context for Service Establishment in OGP Hi! First of all great to see some action again :-) And who is actually coming to Stockholm? > i've been talking with John Hurliman about OAuth and David Lavine > regarding X.509, and at some point it made sense to abstract the three > different authentication / authorization schemes into a single > "service establishment pattern." The message I just sent out really > describes only the mechanism (and only enough mechanism to understand > the concept.) over the next couple of weeks, i'd like to add some more > detail to this and integrate it into the OGP : Authentication > document. So feedback will definitely be welcomed. > > to recap: > > * there are three different types of authentication / authorization: > password, X.509 and OAuth > * password auth is appropriate for user -> server authentication > * X.509 is appropriate for server <-> server authentication, and > * OAuth is appropriate for server -> distant peer (whom you may not > have an explicit trust relationship with.) > * in all cases, you start with an authenticator (a password, a > certificate or a token) and by presenting it to a server at a well > defined service establishment URL, you'll get a seed cap back > * with that seed cap, you can request those specific capabilities you require I personally would prefer it more if OAuth would replace those caps (as you probably know). Are there any plans to do more than just the initial step? Also what problem we are trying to solve here? What is an example use case? I think that would help me to understand the context even more :-) -- Christian -- COM.lounge GmbH http://comlounge.net Hanbrucher Strasse 33, 52064 Aachen Amtsgericht Aachen HRB 15170 Geschäftsführer: Dr. Ben Scheffler, Christian Scholz email: info@comlounge.net fon: +49-241-4007300 fax: +49-241-97900850 personal email: cs@comlounge.net personal blog: http://mrtopf.de/blog personal podcasts: http://openweb-podcast.de, http://datawithoutborders.net _______________________________________________ ogpx mailing list ogpx@ietf.org https://www.ietf.org/mailman/listinfo/ogpx
- [ogpx] Context for Service Establishment in OGP Infinity Linden
- Re: [ogpx] Context for Service Establishment in O… Hurliman, John
- [ogpx] Fwd: Context for Service Establishment in … Infinity Linden
- Re: [ogpx] Fwd: Context for Service Establishment… Hurliman, John
- Re: [ogpx] Fwd: Context for Service Establishment… Infinity Linden
- Re: [ogpx] Fwd: Context for Service Establishment… Hurliman, John
- Re: [ogpx] Context for Service Establishment in O… Christian Scholz
- Re: [ogpx] Context for Service Establishment in O… David W Levine
- Re: [ogpx] Context for Service Establishment in O… Infinity Linden
- Re: [ogpx] Context for Service Establishment in O… Hurliman, John