IETF Logo Mail Archive

Re: [ogpx] Protocol for permitting policy decisions

Magnus Zeisig <magnus.zeisig@iis.se> Tue, 06 October 2009 10:00 UTC

Return-Path: <magnus.zeisig@iis.se>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7B89628C309 for <ogpx@core3.amsl.com>; Tue, 6 Oct 2009 03:00:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.961
X-Spam-Level:
X-Spam-Status: No, score=-4.961 tagged_above=-999 required=5 tests=[AWL=-0.716, BAYES_00=-2.599, HELO_EQ_SE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, TRACKER_ID=2.003]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v0a97u0JjfkK for <ogpx@core3.amsl.com>; Tue, 6 Oct 2009 03:00:49 -0700 (PDT)
Received: from cleaner.prod.iis.se (cleaner.prod.iis.se [212.247.7.212]) by core3.amsl.com (Postfix) with ESMTP id 7F55628C30C for <ogpx@ietf.org>; Tue, 6 Oct 2009 03:00:48 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by cleaner.prod.iis.se (Postfix) with ESMTP id 2AD10A802A; Tue, 6 Oct 2009 10:02:25 +0000 (UTC)
Received: from cleaner.prod.iis.se ([127.0.0.1]) by localhost (cleaner.prod.iis.se [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 14325-07; Tue, 6 Oct 2009 10:02:11 +0000 (UTC)
Received: from pgpkeys.office.nic.se (pgpkeys.office.nic.se [212.247.204.14]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by cleaner.prod.iis.se (Postfix) with ESMTP id E55DCA8017; Tue, 6 Oct 2009 10:02:11 +0000 (UTC)
Received: from EXCH2K7HUB-RV.office.nic.se ([212.247.204.21]) by pgpkeys.office.nic.se (PGP Universal service); Tue, 06 Oct 2009 12:02:11 +0200
X-PGP-Universal: processed; by pgpkeys.office.nic.se on Tue, 06 Oct 2009 12:02:11 +0200
Received: from Exchange2k7.office.nic.se ([169.254.1.222]) by EXCH2K7HUB-RV.office.nic.se ([212.247.204.21]) with mapi; Tue, 6 Oct 2009 12:02:10 +0200
From: Magnus Zeisig <magnus.zeisig@iis.se>
To: Infinity Linden <infinity@lindenlab.com>, David W Levine <dwl@us.ibm.com>
Date: Tue, 6 Oct 2009 12:02:09 +0200
Thread-Topic: [ogpx] Protocol for permitting policy decisions
Thread-Index: AcpGFQ29+H0N0AJpQxiuUJKbc7ZePgAVSOAQ
Message-ID: <983F17705339E24699AA251B458249B50CC48CB1CB@EXCHANGE2K7.office.nic.se>
References: <983F17705339E24699AA251B458249B50CC48CAEBF@EXCHANGE2K7.office.nic.se> <3a880e2c0910051239t3dcae895x4f6d5f4bf5d64cd@mail.gmail.com> <OFE55CFEA3.6AD0DA74-ON85257646.006FC774-85257646.0070F176@us.ibm.com> <3a880e2c0910051638p393b20d1vc12763b59ae17e00@mail.gmail.com>
In-Reply-To: <3a880e2c0910051638p393b20d1vc12763b59ae17e00@mail.gmail.com>
Accept-Language: sv-SE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-pgp-encoding-version: 2.0.2
x-pgp-mapi-encoding-version: 2.5.0
x-pgp-encoding-format: Partitioned
x-pgp-universal-saved-content-codepage: utf-8
acceptlanguage: sv-SE
MIME-Version: 1.0
Content-Language: sv-SE
Content-Type: multipart/alternative; boundary="_000_983F17705339E24699AA251B458249B50CC48CB1CBEXCHANGE2K7of_"
X-Virus-Scanned: Debian amavisd-new at cleaner.prod.iis.se
Cc: "ogpx-bounces@ietf.org" <ogpx-bounces@ietf.org>, "ogpx@ietf.org" <ogpx@ietf.org>
Subject: Re: [ogpx] Protocol for permitting policy decisions
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual Worlds and the Open Grid Protocol <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Oct 2009 10:00:50 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I try to follow the philosophical discussions on this list, but I must admit I'm probably a too much down to earth tech guy to fully appreciate them. Therefore, it's possible I miss some of the fine nuances or problems in them. My basic interest is trying to translate the problems I see into (meta)protocol. Exact nomenclature and syntax, e.g. "domain" or "service", "access" or "caps", I prefer leaving to those better called to define it. I hope this doesn't cause too much confusion.

My basic suggestion of a handshake protocol permitting policy decisions (http://www.ietf.org/mail-archive/web/ogpx/current/msg00475.html) could (strictly technically) handle the debated issues of authentication, "adult content" and TOSes:

Agent domain:
request access for
user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org

Region domain:
require parameter values for
user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org
authentication: PASSPORT OR USSSN OR EUID OR JPVER
accept adult content: YES
accept nudity: YES
accept sexual acts: YES
accept profane language: YES
terms of service: ((FRLAWINFO2006:128 AND EULAWIP2008:2) OR USLAWTELECOM2005:1) AND (VWTOS1.2 OR MVTOS2.3 OR MYTOS1.0)
user signature: TOKEN

Agent domain:
required parameter values for
user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org
authentication: yes
accept adult content: yes
accept nudity: yes
accept sexual acts: yes
accept profane language: no
terms of service: yes
user signature: 238158-2356257-238658-23596

Region domain:
access denied for
user: Title.FirstName.Initials.LastName.ExtraSomething@agentdomain.org
(outside protocol: since not accepting profane language)

Using this method, one could decide to let the agent domain manage the acceptance of "adult content" entirely, by the region domain not asking for age but let the agent domain automatically set accept for e.g. "adult content", "nudity", "sexual acts" and "profane language" to NO for those underage and as options YES/NO for those of age. One could also either ask for acceptance of "adult content" in general or for more specific parameters often associated with "adult content", giving great flexibility in policy making. But once again, that is policy outside protocol level.

Best regards,

Magnus

- -----Ursprungligt meddelande-----
Från: Infinity Linden [mailto:infinity@lindenlab.com]
Skickat: den 6 oktober 2009 01:39
Till: David W Levine
Kopia: Magnus Zeisig; ogpx@ietf.org; ogpx-bounces@ietf.org
Ämne: Re: [ogpx] Protocol for permitting policy decisions

On Mon, Oct 5, 2009 at 1:33 PM, David W Levine <dwl@us.ibm.com> wrote:



        "In order to have rights beyond "guest" on this region, you, or your agent domain, on your behalf, needs to have signed the TOS document. I will demand a digitally signed proof of this, as metadata when you
        request acess to my region."

        - David
        ~ Zha




i think i grok what you're trying to say here, but i would also add... "a given agent domain MAY choose to deny you ANY service (including anonymous or guest access) if you don't provide some form of authenticator and assert that you have read and understand the domains terms of use."

- -cheers
- -meadhbh


-----BEGIN PGP SIGNATURE-----
Version: 9.8.3 (Build 4028)
Charset: utf-8

wsBVAwUBSssVoe5MlU9XyaiSAQjgswgApysemtDE8npKhTSCUGHMxFnGxsdUvJfs
/4z6Iribd7w2lmD20cx8xUB1/ojV5ABEEArCRdJmWbf5aGHBeF8nrv8cxlFOxWYB
37cZmEY7zAwbY6XNGB0NIpG2rnZWSW9sGJUOwVs4lW/DJKcDmuqgywtwtl5705u8
W3G8y06I4sek/oukgGczqBBIG2Zny1qgbP/fr2AsewrHXYfYlMN2HnmzxQR60vry
wJuV+gBe8RVC/ppHH+carOLMTmwZP8jbGnCy3+wUwI5H8+QbUuptdYNnJ8Fw0F/u
yC2IesKerMmIlF0Z2Q93GyzGo02mn4dviLINYZ0M9kNYXhEe3OkypQ==
=S0LC
-----END PGP SIGNATURE-----

v2.8.7 | Report a Bug | By Email