Re: [ogpx] Protocol for permitting policy decisions
Carlo Wood <carlo@alinoe.com> Thu, 08 October 2009 15:44 UTC
Return-Path: <carlo@alinoe.com>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id E18963A6AC5 for <ogpx@core3.amsl.com>;
Thu, 8 Oct 2009 08:44:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.209
X-Spam-Level:
X-Spam-Status: No, score=-1.209 tagged_above=-999 required=5 tests=[AWL=0.221,
BAYES_00=-2.599, HELO_EQ_AT=0.424, HOST_EQ_AT=0.745]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bDlBSbNb+Is7 for
<ogpx@core3.amsl.com>; Thu, 8 Oct 2009 08:44:15 -0700 (PDT)
Received: from viefep12-int.chello.at (viefep12-int.chello.at [62.179.121.32])
by core3.amsl.com (Postfix) with ESMTP id AB45C3A6AA4 for <ogpx@ietf.org>;
Thu, 8 Oct 2009 08:43:58 -0700 (PDT)
Received: from edge03.upc.biz ([192.168.13.238]) by viefep12-int.chello.at
(InterMail vM.7.09.01.00 201-2219-108-20080618) with ESMTP id
<20091008154540.SOEP4394.viefep12-int.chello.at@edge03.upc.biz>;
Thu, 8 Oct 2009 17:45:40 +0200
Received: from mail9.alinoe.com ([77.250.43.12]) by edge03.upc.biz with edge
id qFlc1c09r0FlQed03FleCW; Thu, 08 Oct 2009 17:45:39 +0200
X-SourceIP: 77.250.43.12
Received: from carlo by mail9.alinoe.com with local (Exim 4.69) (envelope-from
<carlo@alinoe.com>) id 1MvvCn-0000Y4-0f; Thu, 08 Oct 2009 17:47:01 +0200
Date: Thu, 8 Oct 2009 17:47:01 +0200
From: Carlo Wood <carlo@alinoe.com>
To: "Dickson, Mike (ISS Software)" <mike.dickson@hp.com>
Message-ID: <20091008154701.GB22204@alinoe.com>
References: <983F17705339E24699AA251B458249B50CC48CAEBF@EXCHANGE2K7.office.nic.se>
<3a880e2c0910051239t3dcae895x4f6d5f4bf5d64cd@mail.gmail.com>
<20091007203535.GA13882@alinoe.com>
<b8ef0a220910071358x17b14245k671d5d41ebdf9ac7@mail.gmail.com>
<4646639E08F58B42836FAC24C94624DD771A1BA1FA@GVW0433EXB.americas.hpqcorp.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <4646639E08F58B42836FAC24C94624DD771A1BA1FA@GVW0433EXB.americas.hpqcorp.net>
User-Agent: Mutt/1.5.18 (2008-05-17)
Cc: Infinity Linden <infinity@lindenlab.com>,
Meadhbh Hamrick <meadhbh.siobhan@gmail.com>, "ogpx@ietf.org" <ogpx@ietf.org>,
Magnus Zeisig <magnus.zeisig@iis.se>
Subject: Re: [ogpx] Protocol for permitting policy decisions
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual Worlds and the Open Grid Protocol <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2009 15:44:18 -0000
On Thu, Oct 08, 2009 at 01:17:01AM +0000, Dickson, Mike (ISS Software) wrote: > Meadbah wrote: > > i still like this scheme because a) it's really similar to the way > seed caps work, b) it adds flexibility to our system(s), and c) it > does what i was hoping... gives the AD the ability to make policy > decisions (like am i going to let this 15 year old user access > material that may land me in hot water with the local authorities.) > > > I may be mis-understanding all this since I’m still trying to come up to speed > but isn’t it the region that’s making the policy decision here to allow/ > disallow a connect given what AD is representing about the user? And yes, I > agree that for this to work there must be trust established between the > services involved. I’m just confused by the above statement since it implies > the AD is making a policy decision while it’s really the RD that has the > content (and hence the possible issue). And the RD and AD may be run by two > different entities…. > > Mike Mike is correct, at least -- that is the way I intended it :p The AD gathers information about a user and tells the RD (in general terms) what information it has. Then the RD tells the AD under what circumstances the user can be allowed in (by giving a list of ranges (or values / reg.exp) that the given data has to match. In the end, the AD does not make the decision therefore. If the authority that runs the AD has a moral problem with letting in users of 15 into a mature region, then they can arrange in ADVANCE with the administration of the region that it either 1) doesn't contain mature content or 2) asks for an age > 18 (or whatever satisfies the AD administration). The real-time protocol exchange and per-user decisions however, are then in principle in the hands of the Region. That is a Good Thing. -- Carlo Wood <carlo@alinoe.com>
- [ogpx] Protocol for permitting policy decisions Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Siobhan
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Hamrick
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Hamrick
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Joshua Bell
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Hamrick
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Hamrick
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- [ogpx] VWRAP future (mostly out of protocol rambl… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Joshua Bell
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden (Meadhbh Hamrick)
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] VWRAP future (mostly out of protocol r… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden (Meadhbh Hamrick)
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca