IETF Logo Mail Archive

Re: [ogpx] Protocol for permitting policy decisions

Meadhbh Siobhan <meadhbh.siobhan@gmail.com> Mon, 05 October 2009 16:31 UTC

Return-Path: <meadhbh.siobhan@gmail.com>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2561D28C20F for <ogpx@core3.amsl.com>; Mon, 5 Oct 2009 09:31:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.531
X-Spam-Level:
X-Spam-Status: No, score=-2.531 tagged_above=-999 required=5 tests=[AWL=0.068, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9BKGvFYW-nxR for <ogpx@core3.amsl.com>; Mon, 5 Oct 2009 09:31:03 -0700 (PDT)
Received: from mail-pz0-f174.google.com (mail-pz0-f174.google.com [209.85.222.174]) by core3.amsl.com (Postfix) with ESMTP id 5329328C22F for <ogpx@ietf.org>; Mon, 5 Oct 2009 09:31:02 -0700 (PDT)
Received: by pzk4 with SMTP id 4so3060460pzk.32 for <ogpx@ietf.org>; Mon, 05 Oct 2009 09:32:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=3yiraq0iWXWtsIF6dmd6DjWgGc8mjW8R3Q24lmu3rUI=; b=WRoZ2x9gJmEZLFH1ak8vfZ3W+val5NZy6YVCqjawFUxuoTLEmTvYEcYXwyVwqHioqM kRAqbBAUenlGD83VBgFMkNSAvC21ZMSXtS7XRWHIrugQmIX6oel2yD5As8yLXtUzhkjU W1v/pbN9n1xohSsW5QW1+NmLQAOpdWtdFGxJE=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=SS8PL0LNv6Yqy4p7KtSfNql0VKm7s5Vef6fS6PHPwHoXraqgf+TsLURXkbTTxvYC7h /jdR2tGCH2GS8nieQi6GZ/8Bimxhy4qDSCa6t0C4205UFXQD5X23H832Ectqe9HA4Udf A6BUp0QKXlA5Jb8QwUeqwHFOH06wYDQJbi2Ss=
MIME-Version: 1.0
Received: by 10.114.86.2 with SMTP id j2mr319153wab.159.1254760354910; Mon, 05 Oct 2009 09:32:34 -0700 (PDT)
In-Reply-To: <4646639E08F58B42836FAC24C94624DD771A0D8521@GVW0433EXB.americas.hpqcorp.net>
References: <983F17705339E24699AA251B458249B50CC48CAEBF@EXCHANGE2K7.office.nic.se> <4646639E08F58B42836FAC24C94624DD771A0D8521@GVW0433EXB.americas.hpqcorp.net>
Date: Mon, 5 Oct 2009 09:32:34 -0700
Message-ID: <b8ef0a220910050932m4afb62eh1221cbb377695093@mail.gmail.com>
From: Meadhbh Siobhan <meadhbh.siobhan@gmail.com>
To: "Dickson, Mike (ISS Software)" <mike.dickson@hp.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Cc: "ogpx@ietf.org" <ogpx@ietf.org>, Magnus Zeisig <magnus.zeisig@iis.se>
Subject: Re: [ogpx] Protocol for permitting policy decisions
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual Worlds and the Open Grid Protocol <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2009 16:31:04 -0000

again, this is a matter of policy, not a matter of protocol.

let me give you a counter example. some trusted organization, maybe
the new zealand sea scouts, decides it wants a virtual social space to
teach seamanship, knot tying and whatever else scouts are taught these
days.

the sea scouts organization is not really known for it's ability to
maintain a reasonably large networking and system infrastructure, so
instead of building the service themselves, they outsource.

at this point, there are a couple of options open to them. they can
give their entire user database to a third party and hope for the
best. or they can give portions of their user database (name, email
address, adult / minor boolean.) or they could put a VWRAP
authentication service that they maintain in front of their user
database. each are valid options.

one would hope that in the first two options, they worked out with the
third party some pretty hard-core data retention and privacy policies.

so what if they did the third option? what would the protocol have to
do? the sea scout's agent domain would only allow agents to enter a
private virtual world. the sea scouts would negotiate with their
region domain provider to ensure that adult content was not allowed in
the regions accessible by the sea scout agent domain. moreover, the
region domain provider could ensure that ONLY agents with accounts
from the sea scouts would get access to the sea scouts virtual spaces.

so the answer to the question of "what does the protocol have to do?"
is that it only has to convey information about the identity of the
agent domain to the region provider. it also has to have a mechanism
for the agent domain to identify the region.

but the protocol itself does not impose restrictions as to the
identity of either party. that is a policy issue.

in other words, if you don't want to use an agent domain  / region
domain pair that provides information about you to a trusted third
party, don't give that information the the agent domain in the first
place. or double check that the agent domain's privacy policy requires
third parties to which it reveals information to  treat that
information with due care.

that being said, some people's paranoia level is higher than others,
so maybe we could have multiple techniques defined for sharing
sensitive information, none of which are mandatory.

-cheers
-meadhbh

On Mon, Oct 5, 2009 at 7:48 AM, Dickson, Mike (ISS Software)
<mike.dickson@hp.com> wrote:
> I think Magnus’ message is a good synopsis of the requirements, IMO.  I see
> a need to negotiate *both* capabilities and constraints in the protocol
> where both should be ideally attributes in an extensible list (that is the
> list isn’t hard coded in the protocol definition).  So, IMO, authentication
> isn’t enough.  Beyond authenticating there’s an exchange around caps and
> constraints that needs to take place.  I’d use that mechanism to handle
> “Adult only” regions, membership in a group where the group is defined
> outside the scope of the protocol, etc.
>
>
>
> Mike
>
>
>
> From: ogpx-bounces@ietf.org [mailto:ogpx-bounces@ietf.org] On Behalf Of
> Magnus Zeisig
> Sent: Monday, October 05, 2009 3:55 AM
> To: ogpx@ietf.org
> Subject: [ogpx] Protocol for permitting policy decisions
>
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Hash: SHA256
>
>
>
> If I register with an agent domain, or authentication service, whichever
> should be the proper name for it, I will most probably hand them some pieces
> of information about myself that I don't want disseminated to anyone.
> Therefore, I think the protocol for granting access to regions and other
> services should not include such information explicitly, but rather let the
> agent domain/authentication service just answer questions from the other
> domain/service if the parameters are within acceptable range.
>
>
>
> Instead of the revealing (meta-handshake):
>
>
>
> Agent domain:
>
> request access for
>
> user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org
>
> age: 18
>
> gender: male
>
> sexuality: bi
>
> country: pt
>
> languages: pt, es, en, de
>
> length: 1.82
>
> weight: 122
>
> color of socks: blue
>
>
>
> Region domain:
>
> access granted for
>
> user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org
>
>
>
> The handshake should instead be:
>
>
>
> Agent domain:
>
> request access for
>
> user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org
>
>
>
> Region domain:
>
> require parameter values
>
> languages: es AND (de OR hb OR ru)
>
> length: [1.21-2.42]
>
> color of socks: pink OR blue OR black
>
> hairdo: shaved OR ponytail
>
>
>
> Agent domain:
>
> required parameter values
>
> languages: yes
>
> length: yes
>
> color of socks: yes
>
> hairdo: n/a
>
>
>
> After which the region domain might decide that the missing hairdo parameter
> is not crucial and grant access, or refuse access because of it:
>
>
>
> Region domain:
>
> access denied for
>
> user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org
>
>
>
> This has the benefit of permitting service providers to require what user
> parameters they think are important, be it age or color of socks, but the
> disadvantage of some extra overhead and the risk of balkanization because of
> requirements of "odd" parameters only supported by few services. The latter,
> however, I believe will become self-eliminating, because such services will
> probably not find many users. Either way, I don't think the protocol in
> itself should require any particular parameters, like age or color of socks,
> just provide the means to communicate any parameters, and perhaps suggest a
> list of possible, but not required, parameters and formats for values, like
> options, ranges and enumerations. The same kind of handshake could also be
> used when requesting access to asset services and the like, even if
> parameters like "object types" and "ip agreements" may be more important
> than "color of socks" there.
>
>
>
> Best regards,
>
>
>
> Magnus
>
>
>
>
>
> -----BEGIN PGP SIGNATURE-----
>
> Version: 9.8.3 (Build 4028)
>
> Charset: utf-8
>
>
>
> wsBVAwUBSsm0cO5MlU9XyaiSAQgEgAgAiNiznZa4fJN+iIm4Lul4iUpPNytexn9g
>
> rJWLZ4oevewngvSCOwhslseXKN+OTCUpSPq0vGxRIl58n+u9P56q0X4pYBZ5wsqc
>
> YAPdd6zGtQpR+21XQ8oWM948LEdGxba8mNO1gDygqtIyx0suBYkvYUWyYitwlDpu
>
> ofvDew+JT140ApmX/d1dTyglxyYv6qnDf8iDsHsNiWYI1ImB5a/hvPK0TkCVFvzr
>
> vLXfL5BfCXK0I3tJbLpv/OoUFEn5/emzehu3uavuQfQqQM0uBpw8WVSQGXqZziKb
>
> 6i8YpDvBrIkNL4syGhmAs7ZLUqpZEfoWq2LbGasqhVMmDCBkakrPpg==
>
> =H2Fj
>
> -----END PGP SIGNATURE-----
>
>
>
>
>
> _______________________________________________
> ogpx mailing list
> ogpx@ietf.org
> https://www.ietf.org/mailman/listinfo/ogpx
>
>

v2.8.7 | Report a Bug | By Email