Re: [ogpx] A Review of Multi-Domain Use Cases [Was: Re: OpenID and OGP : beginning the discussion ...]
Morgaine <morgaine.dinova@googlemail.com> Tue, 30 June 2009 07:03 UTC
Return-Path: <morgaine.dinova@googlemail.com>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 992763A6E17 for <ogpx@core3.amsl.com>;
Tue, 30 Jun 2009 00:03:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.976
X-Spam-Level:
X-Spam-Status: No, score=-1.976 tagged_above=-999 required=5
tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pmQTXEREpItU for
<ogpx@core3.amsl.com>; Tue, 30 Jun 2009 00:03:10 -0700 (PDT)
Received: from mail-ew0-f210.google.com (mail-ew0-f210.google.com
[209.85.219.210]) by core3.amsl.com (Postfix) with ESMTP id F1CF728C144 for
<ogpx@ietf.org>; Tue, 30 Jun 2009 00:03:09 -0700 (PDT)
Received: by ewy6 with SMTP id 6so6352260ewy.37 for <ogpx@ietf.org>;
Tue, 30 Jun 2009 00:03:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma;
h=domainkey-signature:mime-version:received:in-reply-to:references
:date:message-id:subject:from:to:cc:content-type;
bh=txxOxppDqA6O9W7fzJ7+q8SGucWQvfDDpKlG/YAnCW8=;
b=dfQdhVo7DFxaJrDeQ0iD5gO1+uJZ4RdXc+A5XHhcTzfd1RMDw2S/w50AMRtEtaIfEW
Nkov83EBiqEYwS7HnLnDolhPMUn+pI3tlcpM0q7jwdqWDbs5G6bxKeJDTkpKrJXB1B7Y
etxDXwZp2E8GgtV0WgM+d+m0x62/UoBNAxesw=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:cc:content-type;
b=bmD8YqudV1onFIrLKNQB4BsA6zUpv83fOSWtQZbawJUbYrr4747d9hXh8F3dxVf5ZQ
rH1VumUV6KpbqXkkKQXZX4f5lvfkgfMfur1p9MD0gowXqFhPWoZEJIDjq5t2w6N/luLX
gl9MwiQW8U6Y032unBFU/qZ8XEuaQJ7PkBxpE=
MIME-Version: 1.0
Received: by 10.216.52.76 with SMTP id d54mr2353524wec.119.1246345408672;
Tue, 30 Jun 2009 00:03:28 -0700 (PDT)
In-Reply-To: <4A4926EE.5060509@lindenlab.com>
References: <3a880e2c0906280906i2cdcdaa3m3c1b1ef54e4e5fcb@mail.gmail.com>
<b8ef0a220906290413u5a7358eao300c2ff8ee1ab709@mail.gmail.com>
<20090629114512.GC1053@alinoe.com>
<b8ef0a220906290751s5131c401h1d55ace39348c89e@mail.gmail.com>
<20090629161121.GA17251@alinoe.com> <20090629161815.GB17251@alinoe.com>
<591737.89462.qm@web82608.mail.mud.yahoo.com>
<3a880e2c0906291219t1990272fkb276979ebc97d292@mail.gmail.com>
<897153.73396.qm@web82601.mail.mud.yahoo.com>
<4A4926EE.5060509@lindenlab.com>
Date: Tue, 30 Jun 2009 08:03:28 +0100
Message-ID: <e0b04bba0906300003y18207430k95f9b8e901dcff87@mail.gmail.com>
From: Morgaine <morgaine.dinova@googlemail.com>
To: Joshua Bell <josh@lindenlab.com>
Content-Type: multipart/alternative; boundary=0016e6d9675159f37b046d8b6728
Cc: ogpx@ietf.org
Subject: Re: [ogpx] A Review of Multi-Domain Use Cases [Was: Re: OpenID and
OGP : beginning the discussion ...]
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual Worlds and the Open Grid Protocol <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>,
<mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2009 07:03:11 -0000
On Mon, Jun 29, 2009 at 9:41 PM, Joshua Bell <josh@lindenlab.com> wrote: > Be aware that (firstname, lastname) as a unique identifier within a service > is a quirk of Second Life, and not necessarily something that every OGP > provider must use. One could imagine services that use single field account > identifiers (like most email providers), or allow more flexibility in name > choice to match real-world conventions. > +1 > > It sounds like we're all agreeing, though - there will be some N-part > unique identifier (which may be easily human readable, but may not) issued > by an authoritative domain to a user, and given that the domain almost > certainly has a globally unique identifier of its own (i.e. DNS name) there > is a composition of the two that can give a globally unique identifier for > the agent. > +1 > > We should also be explicit that these identifiers are not necessarily also > used as authentication credentials. Some service providers may want > two-factor authentication (e.g. hardware key fob) or private login > credentials distinct from any public identifiers for additional security. > The 3-tuple login credentials (firstname, lastname, password) which Second > Life uses today should not be viewed as the only allowable mechanism. > +1 Joshua, you've provided a very concise and precise summary of the overall requirement --- I agree with this entirely. Condensing it even further, we need 3 things, and they are quite independent of each other: 1. Arbitrary in-world name tags, which have only one intent: to provide a customer-satisfying visual name. 2. Globally unique identifiers, either UUID or formed by composition of N-part local name @ issuing authority. 3. Entirely separate authentication credentials, in other words, unrelated to 1) or 2). Keeping these 3 things entirely disjoint would serve us well in many ways, particularly in the key areas of scalability, flexibility, uniqueness, and user-friendliness / appropriateness. Morgaine.
- [ogpx] A Review of Multi-Domain Use Cases [Was: R… Infinity Linden
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Carlo Wood
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Meadhbh Siobhan
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Carlo Wood
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Mike Dickson
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Christian Scholz
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Carlo Wood
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Meadhbh Siobhan
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Meadhbh Siobhan
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Infinity Linden
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Carlo Wood
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Carlo Wood
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Charles Krinke
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Infinity Linden
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Charles Krinke
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Infinity Linden
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Joshua Bell
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Morgaine
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Nexii Malthus
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Carlo Wood
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Infinity Linden
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Carlo Wood
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Infinity Linden
- Re: [ogpx] A Review of Multi-Domain Use Cases [Wa… Kajikawa Jeremy