[ogpx] Fwd: Context for Service Establishment in OGP
Infinity Linden <infinity@lindenlab.com> Mon, 01 June 2009 18:04 UTC
Return-Path: <infinity@lindenlab.com>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 0E4163A68B5 for <ogpx@core3.amsl.com>;
Mon, 1 Jun 2009 11:04:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.955
X-Spam-Level:
X-Spam-Status: No, score=-0.955 tagged_above=-999 required=5 tests=[AWL=1.022,
BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0g-8QRQajQ7q for
<ogpx@core3.amsl.com>; Mon, 1 Jun 2009 11:04:22 -0700 (PDT)
Received: from an-out-0708.google.com (an-out-0708.google.com
[209.85.132.243]) by core3.amsl.com (Postfix) with ESMTP id 1D85F3A682F for
<ogpx@ietf.org>; Mon, 1 Jun 2009 11:04:22 -0700 (PDT)
Received: by an-out-0708.google.com with SMTP id c3so5686002ana.4 for
<ogpx@ietf.org>; Mon, 01 Jun 2009 11:04:20 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.47.10 with SMTP id u10mr7612804anu.17.1243879460636;
Mon, 01 Jun 2009 11:04:20 -0700 (PDT)
In-Reply-To: <3a880e2c0906011103y2ad4482bh42a688eacb3876d7@mail.gmail.com>
References: <3a880e2c0906010249n34bf1b3di1aa588a6ba9b9bde@mail.gmail.com>
<62BFE5680C037E4DA0B0A08946C0933D90EA7AC2@rrsmsx506.amr.corp.intel.com>
<3a880e2c0906011103y2ad4482bh42a688eacb3876d7@mail.gmail.com>
Date: Mon, 1 Jun 2009 11:04:20 -0700
Message-ID: <3a880e2c0906011104l5969aedatc7b93e89a19f5aca@mail.gmail.com>
From: Infinity Linden <infinity@lindenlab.com>
To: "ogpx@ietf.org" <ogpx@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [ogpx] Fwd: Context for Service Establishment in OGP
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual Worlds and the Open Grid Protocol <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2009 18:04:23 -0000
whoops... sent "reply" instead of "reply to all"... ---------- Forwarded message ---------- From: Infinity Linden <infinity@lindenlab.com> Date: Mon, Jun 1, 2009 at 11:03 AM Subject: Re: [ogpx] Context for Service Establishment in OGP To: "Hurliman, John" <john.hurliman@intel.com> kk. david and i are threatening to just go off and hack OpenSim to handle the X.509 client certiness. i think we're probably going to do a few more rounds of thought experiments and documenting before we run off and do that, though. we might want to all three meet in world somewhere (with the agenda and minutes of the meeting posted here so other interested peeps can participate) and come up with a plan for merging your OAuth stuff with the X.509 stuff we're doing. in theory... at the end of this process, we'll have a document that describes what we've been doing; what worked; what didn't. we then get to add that to a draft somewhere and declare victory. -cheers On Mon, Jun 1, 2009 at 10:43 AM, Hurliman, John <john.hurliman@intel.com> wrote: > Great to see these ideas written down and being refined. I'm eager to see the client cert + OAuth example. > > John > >> -----Original Message----- >> From: ogpx-bounces@ietf.org [mailto:ogpx-bounces@ietf.org] On Behalf >> Of Infinity Linden >> Sent: Monday, June 01, 2009 2:50 AM >> To: ogpx@ietf.org >> Subject: [ogpx] Context for Service Establishment in OGP >> >> whoops... that last message went out without context... >> >> i've been talking with John Hurliman about OAuth and David Lavine >> regarding X.509, and at some point it made sense to abstract the three >> different authentication / authorization schemes into a single "service >> establishment pattern." The message I just sent out really describes >> only the mechanism (and only enough mechanism to understand the >> concept.) over the next couple of weeks, i'd like to add some more >> detail to this and integrate it into the OGP : Authentication document. >> So feedback will definitely be welcomed. >> >> to recap: >> >> * there are three different types of authentication / authorization: >> password, X.509 and OAuth * password auth is appropriate for user -> >> server authentication * X.509 is appropriate for server <-> server >> authentication, and * OAuth is appropriate for server -> distant peer >> (whom you may not have an explicit trust relationship with.) * in all >> cases, you start with an authenticator (a password, a certificate or a >> token) and by presenting it to a server at a well defined service >> establishment URL, you'll get a seed cap back * with that seed cap, you >> can request those specific capabilities you require >> >> more details and examples forthcoming. >> >> -cheers >> -meadhbh >> _______________________________________________ >> ogpx mailing list >> ogpx@ietf.org >> https://www.ietf.org/mailman/listinfo/ogpx > _______________________________________________ > ogpx mailing list > ogpx@ietf.org > https://www.ietf.org/mailman/listinfo/ogpx >
- [ogpx] Context for Service Establishment in OGP Infinity Linden
- Re: [ogpx] Context for Service Establishment in O… Hurliman, John
- [ogpx] Fwd: Context for Service Establishment in … Infinity Linden
- Re: [ogpx] Fwd: Context for Service Establishment… Hurliman, John
- Re: [ogpx] Fwd: Context for Service Establishment… Infinity Linden
- Re: [ogpx] Fwd: Context for Service Establishment… Hurliman, John
- Re: [ogpx] Context for Service Establishment in O… Christian Scholz
- Re: [ogpx] Context for Service Establishment in O… David W Levine
- Re: [ogpx] Context for Service Establishment in O… Infinity Linden
- Re: [ogpx] Context for Service Establishment in O… Hurliman, John