Re: [ogpx] Protocol for permitting policy decisions
David W Levine <dwl@us.ibm.com> Mon, 05 October 2009 20:32 UTC
Return-Path: <dwl@us.ibm.com>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 17C763A6A36; Mon, 5 Oct 2009 13:32:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.794
X-Spam-Level:
X-Spam-Status: No, score=-5.794 tagged_above=-999 required=5 tests=[AWL=0.804, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FcgsygYiAIqk; Mon, 5 Oct 2009 13:32:05 -0700 (PDT)
Received: from e4.ny.us.ibm.com (e4.ny.us.ibm.com [32.97.182.144]) by core3.amsl.com (Postfix) with ESMTP id 3C67B3A6A34; Mon, 5 Oct 2009 13:32:05 -0700 (PDT)
Received: from d01relay04.pok.ibm.com (d01relay04.pok.ibm.com [9.56.227.236]) by e4.ny.us.ibm.com (8.14.3/8.13.1) with ESMTP id n95KQGlV013891; Mon, 5 Oct 2009 16:26:16 -0400
Received: from d01av01.pok.ibm.com (d01av01.pok.ibm.com [9.56.224.215]) by d01relay04.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id n95KXe5h189980; Mon, 5 Oct 2009 16:33:40 -0400
Received: from d01av01.pok.ibm.com (loopback [127.0.0.1]) by d01av01.pok.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id n95KXdsn013036; Mon, 5 Oct 2009 16:33:39 -0400
Received: from d01ml605.pok.ibm.com (d01ml605.pok.ibm.com [9.56.227.91]) by d01av01.pok.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id n95KXdco013027; Mon, 5 Oct 2009 16:33:39 -0400
In-Reply-To: <3a880e2c0910051239t3dcae895x4f6d5f4bf5d64cd@mail.gmail.com>
References: <983F17705339E24699AA251B458249B50CC48CAEBF@EXCHANGE2K7.office.nic.se> <3a880e2c0910051239t3dcae895x4f6d5f4bf5d64cd@mail.gmail.com>
To: Infinity Linden <infinity@lindenlab.com>
MIME-Version: 1.0
X-KeepSent: E55CFEA3:6AD0DA74-85257646:006FC774; type=4; name=$KeepSent
X-Mailer: Lotus Notes Release 8.0.2 HF623 January 16, 2009
Message-ID: <OFE55CFEA3.6AD0DA74-ON85257646.006FC774-85257646.0070F176@us.ibm.com>
From: David W Levine <dwl@us.ibm.com>
Date: Mon, 05 Oct 2009 16:33:38 -0400
X-MIMETrack: Serialize by Router on D01ML605/01/M/IBM(Build V851_08302009|August 30, 2009) at 10/05/2009 16:33:39, Serialize complete at 10/05/2009 16:33:39
Content-Type: multipart/alternative; boundary="=_alternative 0070F17685257646_="
Cc: ogpx-bounces@ietf.org, "ogpx@ietf.org" <ogpx@ietf.org>, Magnus Zeisig <magnus.zeisig@iis.se>
Subject: Re: [ogpx] Protocol for permitting policy decisions
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual Worlds and the Open Grid Protocol <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2009 20:32:07 -0000
I want to point out an important related concept for much of this discussion. If one's goal is to *know* that someone actually is following a policy one has, especially a policy with real world implications, the process has to ground out in provable statements. In fact, for cases where the policy covers legal liabilities, it has to ground out in legally meaningful stuff. I studied distributed systems, not law, so don't take any of this as a legal pronouncement, but.. If I'm going to trust a third party Agent Domain to tell me something that has legal consequences, I'm probably going to want that statement tied down with a digital signature or similar proof, that links to a real world document. So.. My personal suspicion is that what we'll see comes much closer to this: "In order to have rights beyond "guest" on this region, you, or your agent domain, on your behalf, needs to have signed the TOS document. I will demand a digitally signed proof of this, as metadata when you request acess to my region." - David ~ Zha Infinity Linden <infinity@lindenlab.com> Sent by: ogpx-bounces@ietf.org 10/05/2009 03:39 PM To Magnus Zeisig <magnus.zeisig@iis.se> cc "ogpx@ietf.org" <ogpx@ietf.org> Subject Re: [ogpx] Protocol for permitting policy decisions right. this is similar to what i was talking about in one of the previously mentioned options. i mentioned that the region might need to call back into the agent domain to get more information about a particular agent. to me it looks like you're suggesting a two-message handshake instead of the region turning around and querying the agent domain. lemme draw some diagrams: "name" and "age" are bits of data that, like you might expect, are an account identifier and the account holder's age. "rez cap" is the capability used to establish the agent's presence in that region. "age > X? cap" is a capability granted to the agent domain that's supposed to be used by the agent domain only if the agent domain agrees that the account holder is older than X. option 1: information push AD ------------ ( name, age ) ---------> RD AD <------------- (rez cap) ------------ RD option 2: RD queries the AD AD --------------- (name) -------------> RD AD <----- (is name older than X?) ------ RD AD -------------- (yes/no) ------------> RD AD <------------ (rez cap) ------------- RD option 3: multi-message handshake AD --------------- (name) -------------> RD AD <-------- (X, age > X? cap) --------- RD AD ------------------------------------> RD (age > X? cap) AD <------------ (rez cap) ------------- RD option 3 here is my attempt to model what magnus is talking about, but with a RESTful capability system. -cheers -meadhbh On Mon, Oct 5, 2009 at 1:55 AM, Magnus Zeisig <magnus.zeisig@iis.se> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > If I register with an agent domain, or authentication service, whichever > should be the proper name for it, I will most probably hand them some pieces > of information about myself that I don't want disseminated to anyone. > Therefore, I think the protocol for granting access to regions and other > services should not include such information explicitly, but rather let the > agent domain/authentication service just answer questions from the other > domain/service if the parameters are within acceptable range. > > Instead of the revealing (meta-handshake): > > Agent domain: > request access for > user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org > age: 18 > gender: male > sexuality: bi > country: pt > languages: pt, es, en, de > length: 1.82 > weight: 122 > color of socks: blue > > Region domain: > access granted for > user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org > > The handshake should instead be: > > Agent domain: > request access for > user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org > > Region domain: > require parameter values > languages: es AND (de OR hb OR ru) > length: [1.21-2.42] > color of socks: pink OR blue OR black > hairdo: shaved OR ponytail > > Agent domain: > required parameter values > languages: yes > length: yes > color of socks: yes > hairdo: n/a > > After which the region domain might decide that the missing hairdo parameter > is not crucial and grant access, or refuse access because of it: > > Region domain: > access denied for > user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org > > This has the benefit of permitting service providers to require what user > parameters they think are important, be it age or color of socks, but the > disadvantage of some extra overhead and the risk of balkanization because of > requirements of "odd" parameters only supported by few services. The latter, > however, I believe will become self-eliminating, because such services will > probably not find many users. Either way, I don't think the protocol in > itself should require any particular parameters, like age or color of socks, > just provide the means to communicate any parameters, and perhaps suggest a > list of possible, but not required, parameters and formats for values, like > options, ranges and enumerations. The same kind of handshake could also be > used when requesting access to asset services and the like, even if > parameters like "object types" and "ip agreements" may be more important > than "color of socks" there. > > Best regards, > > Magnus > > > -----BEGIN PGP SIGNATURE----- > Version: 9.8.3 (Build 4028) > Charset: utf-8 > > wsBVAwUBSsm0cO5MlU9XyaiSAQgEgAgAiNiznZa4fJN+iIm4Lul4iUpPNytexn9g > rJWLZ4oevewngvSCOwhslseXKN+OTCUpSPq0vGxRIl58n+u9P56q0X4pYBZ5wsqc > YAPdd6zGtQpR+21XQ8oWM948LEdGxba8mNO1gDygqtIyx0suBYkvYUWyYitwlDpu > ofvDew+JT140ApmX/d1dTyglxyYv6qnDf8iDsHsNiWYI1ImB5a/hvPK0TkCVFvzr > vLXfL5BfCXK0I3tJbLpv/OoUFEn5/emzehu3uavuQfQqQM0uBpw8WVSQGXqZziKb > 6i8YpDvBrIkNL4syGhmAs7ZLUqpZEfoWq2LbGasqhVMmDCBkakrPpg== > =H2Fj > -----END PGP SIGNATURE----- > > > _______________________________________________ > ogpx mailing list > ogpx@ietf.org > https://www.ietf.org/mailman/listinfo/ogpx > > _______________________________________________ ogpx mailing list ogpx@ietf.org https://www.ietf.org/mailman/listinfo/ogpx
- [ogpx] Protocol for permitting policy decisions Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Siobhan
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Hamrick
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Hamrick
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Joshua Bell
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Hamrick
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Meadhbh Hamrick
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- [ogpx] VWRAP future (mostly out of protocol rambl… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Joshua Bell
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden (Meadhbh Hamrick)
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… Dickson, Mike (ISS Software)
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Magnus Zeisig
- Re: [ogpx] VWRAP future (mostly out of protocol r… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Infinity Linden (Meadhbh Hamrick)
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca
- Re: [ogpx] Protocol for permitting policy decisio… Carlo Wood
- Re: [ogpx] Protocol for permitting policy decisio… David W Levine
- Re: [ogpx] Protocol for permitting policy decisio… Morgaine
- Re: [ogpx] Protocol for permitting policy decisio… Vaughn Deluca