IETF Logo Mail Archive

Re: [vwrap] Removing first name / last name assumptions?

Meadhbh Hamrick <ohmeadhbh@gmail.com> Mon, 05 April 2010 20:29 UTC

Return-Path: <ohmeadhbh@gmail.com>
X-Original-To: vwrap@core3.amsl.com
Delivered-To: vwrap@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 421F83A69E5 for <vwrap@core3.amsl.com>; Mon, 5 Apr 2010 13:29:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.949
X-Spam-Level:
X-Spam-Status: No, score=-1.949 tagged_above=-999 required=5 tests=[AWL=0.650, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I5Td+FPfotSX for <vwrap@core3.amsl.com>; Mon, 5 Apr 2010 13:29:53 -0700 (PDT)
Received: from mail-qy0-f181.google.com (mail-qy0-f181.google.com [209.85.221.181]) by core3.amsl.com (Postfix) with ESMTP id 5921C3A6A85 for <vwrap@ietf.org>; Mon, 5 Apr 2010 13:25:45 -0700 (PDT)
Received: by qyk11 with SMTP id 11so4333495qyk.13 for <vwrap@ietf.org>; Mon, 05 Apr 2010 13:25:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:received:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=WhZaalJyOsW01cp/FNTTCr1rp0YELtM9ICIAwT0gHAg=; b=YbBI8ZGK6tbicwGU1NKwolsSLbKo7rmzfUOwrQcn488UBHatfGzxB2rMmDRy9wlJgd YZWaAMnbR/P+k/TwGqFY44C3nCtUq70AZWJb6uzbGl67O4uCl7Q+Dvos2Y7ci7ZEP7ZP sAFCl6uqc14fJteE4stshFbno0xG2Cen2EQ48=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; b=r3E+CjXnxskakcv12kK5GksTLA2QmFp39Q8nG0SZFgx7sziF7uh5PrSshOYdi9OvAf 7JVdlLRq+VHgH26ATrliL5bzcLmFxWyPGvXfHzNrg+urKAOqeDnKB9QyV0SXvWqZNuDj tm1O9j1KQodamHjKQKJcDao9eY2zIskyrp2Zk=
MIME-Version: 1.0
Received: by 10.229.247.72 with HTTP; Mon, 5 Apr 2010 13:25:19 -0700 (PDT)
In-Reply-To: <32F75F62-9787-4453-B0FE-561B312336E2@bbn.com>
References: <62BFE5680C037E4DA0B0A08946C0933DCB738C13@rrsmsx506.amr.corp.intel.com> <t2jb325928b1004051220i5f1d8f04od2602f26f758f3da@mail.gmail.com> <CDB96FF3-A282-40B3-94D8-A9B6A00D8AF5@bbn.com> <x2qb325928b1004051246pac527c9bj8084672f796ec34c@mail.gmail.com> <32F75F62-9787-4453-B0FE-561B312336E2@bbn.com>
From: Meadhbh Hamrick <ohmeadhbh@gmail.com>
Date: Mon, 5 Apr 2010 13:25:19 -0700
Received: by 10.229.242.3 with SMTP id lg3mr2226657qcb.102.1270499139115; Mon, 05 Apr 2010 13:25:39 -0700 (PDT)
Message-ID: <u2wb325928b1004051325ld0e3b175h941d63307188efe0@mail.gmail.com>
To: Richard Barnes <rbarnes@bbn.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: "vwrap@ietf.org" <vwrap@ietf.org>
Subject: Re: [vwrap] Removing first name / last name assumptions?
X-BeenThere: vwrap@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual World Region Agent Protocol - IETF working group <vwrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/vwrap>, <mailto:vwrap-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vwrap>
List-Post: <mailto:vwrap@ietf.org>
List-Help: <mailto:vwrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vwrap>, <mailto:vwrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Apr 2010 20:29:55 -0000

VWRAP is a protocol intended to support some legacy implementations
like OpenSim and Second Life. in at least one of these implementations
there are first and or last names that somehow managed to get spaces
and periods (and if i remember correctly, some commas got in there
too.)

if we wanted to construct an entity identifier by concatenating the
first name, a separator and a last name, we would have to find a
separator that was not currently in use.

imagine the case of having the first name "le roy" and the last name
of "barr", if we used a blank as a separator, our identifier would be
"le roy barr". when it came time to parse this, there would be an
ambiguity as to whether the first name was "le" and the last name "roy
barr" or the first name "le roy" and the last name "barr".

so rather than cancel these accounts or rename them, we created an
optional identifier in the protocol that used two distinct strings to
identify the first and last names.

in the future, Second Life COULD use single string identifiers like
the examples you give below, but it currently only supports first /
last authentication.

it is likely that before SL uses single string IDs to identify users,
they will simply add a VWRAP interface to the existing implementation.
an implementation that needs both a first name and a last name.

while i agree with you that it would be preferential to have a single
string identifier (which is why we're having this discussion),
REQUIRING it's use would REQUIRE Linden to invest a fair amount of
effort before any return on supporting the standard would be realized.

by defining two identifiers (or using an array for identifiers and LL
telling everyone "we map that as first name and last name") and giving
deployers the choice of which to use, we can have a protocol that will
be deployed more quickly by a large virtual world. deploying faster
means we'll get experience faster and will be able to potentially
modify the standard to prevent us from specifying ourselves into a
corner.

please remember, there is absolutely NOTHING in the spec that REQUIRES
an authentication service in an agent domain to support the "two
string identifier" use case. the requirement is... if you use two
distinct strings to identify an agent, you must do it in a way that
adheres to whatever specification we come up with here for two string
identifiers.

may i ask which implementation has the requirement that identifiers
used in authentication NOT use two distinct strings?

-cheers
-meadhbh
--
meadhbh hamrick * it's pronounced "maeve"
@OhMeadhbh * http://meadhbh.org/ * OhMeadhbh@gmail.com



On Mon, Apr 5, 2010 at 12:59 PM, Richard Barnes <rbarnes@bbn.com> wrote:
> I'm still trying to understand the use case you're trying to support.
>  Here's another guess:
>
> 1. I have an agent/account with vwrap.example.com, which has assigned me the
> identifier "foobar123@vwrap.example.com" and allows me to set whatever
> display name I want; I pick "f00b@r" (no "firstname lastname")
>
> 2. I want to take the agent with this identifier into SL, i.e., authenticate
> to SL using that identifer.
>
> 3. SL requires all agents to be identified / authenticated with "Firstname
> Lastname"
>
> Am I understanding the problem correctly?
>
> If so, it seems like you could treat the "Firstname Lastname" as a mapped
> identifier, with the VWRAP interface to SL (since that will have to be new
> code anyway) providing the translation.
> 1. When an unknown ID shows up, ask them to pick a new SL name (in UI)
> 2. VWRAP layer stores binding between VWRAP ID and SL name for repeat logins
> 3. VWRAP layer authenticates client to SL as SL name
>
> --Richard
>
>
>
> On Apr 5, 2010, at 3:46 PM, Meadhbh Hamrick wrote:
>
>> yes. you can have those with a single opaque identifier. the problem
>> is that the large exemplar of the legacy use case does not support
>> those identifiers at the moment, and it's unknown when it will in the
>> future.
>>
>> you COULD simply say that the identifier is:
>>
>> first_name "dot" last_name
>>
>> but then what do you do with names with dots in them? change them in
>> the system? use a blank? what about the names with blanks in them.
>>
>> i think it's an INSANELY GREAT idea to define an entity identifier for
>> agents and account holders, but at the moment and in the near term,
>> there is a requirement that we carry information in a way in which the
>> first name and last name are separate items in the transfer syntax.
>>
>> again. there is NO REQUIREMENT that new systems support the first_name
>> / last_name semantics, but there is a requirement that it be
>> representable in the protocol to support legacy systems.
>>
>> -cheers
>> -meadhbh
>> --
>> meadhbh hamrick * it's pronounced "maeve"
>> @OhMeadhbh * http://meadhbh.org/ * OhMeadhbh@gmail.com
>>
>>
>>
>> On Mon, Apr 5, 2010 at 12:38 PM, Richard Barnes <rbarnes@bbn.com> wrote:
>>>
>>> Maybe I'm missing something here, but if you just had an opaque "client
>>> identifier" field where you could put an arbitrary name chosen by the
>>> provider, surely, then couldn't you just shove something like "Firstname
>>> Lastname" into that field?
>>>
>>> Also, wasn't there also some discussion in the meeting of separating
>>> display
>>> names from identifiers (as is common in IM and email systems)?  That way
>>> you
>>> could have "Infinity Linden <infinity@example.com>"m>".
>>>
>>> The only reason you would need to have a (Firstname, Lastname) pair in
>>> the
>>> *protocol* is if you expected a need for names to be used in that way
>>> interoperably.  For example, my avatar walks into a new region operated
>>> by a
>>> party I've never met before, and the new region greets me by first name.
>>>  Is
>>> that what you're thinking?
>>>
>>> (Even then, you could address with parsing, if this were not regarded as
>>> a
>>> critical use case.  See Gmail's "first name extraction" in Inbox message
>>> summaries.)
>>>
>>> --Richard
>>>
>>>
>>> On Apr 5, 2010, at 3:20 PM, Meadhbh Hamrick wrote:
>>>
>>>> i thought it did for a little bit
>>>>
>>>> basically here's the rub.
>>>>
>>>> sure, we can remove this bit of SL legacy from the protocol, but
>>>> linden is unlikely to drop support for it from SL. so if it's removed
>>>> from the protocol, then the first name / last name option for
>>>> authentication (which is currently used by both SL and OpenSim) will
>>>> need to be described in a proprietary extension to the auth spec.
>>>>
>>>> is this really what we want?
>>>>
>>>> do we really want to make it HARDER to access existing services run by
>>>> organizations and individuals who are interested in making VWRAP a
>>>> success?
>>>>
>>>> i still don't understand why keeping first name / last name as an
>>>> OPTION is a problem for people. as far as i can tell, the people who
>>>> prefer this course of action are morgaine and carlo, neither of which
>>>> has indicated they will be implementing this specification.
>>>>
>>>> calling for the removal of other people's use cases is a bit rude.
>>>> while this is not an effort to "bless" linden's Second Life model and
>>>> legacy protocol, it is also not an effort to bury it.
>>>>
>>>> the current draft allows for EITHER an account identifier or an agent
>>>> identifier to be used to identify a user for the purpose of
>>>> authentication. if you want to use a single opaque identifier, use the
>>>> account identifier. if you want to use a first name / last name, use
>>>> the agent identifier. there is no requirement that an authentication
>>>> service support both. the requirement is, that if you support the
>>>> agent identifier, you use the map defined in the draft.
>>>>
>>>> as it stands now, the account identifier was intended to be used in
>>>> conjunction with agent identifiers in case a user had multiple avatars
>>>> attached to a single "account." maybe we could change it to this:
>>>>
>>>>  ; agent identifier
>>>>
>>>>  &agent_identifier = {
>>>>  name: [ string, ... ]
>>>>  }
>>>>
>>>>  ; account identifier
>>>>
>>>>  &account_identifier = {
>>>>  type : 'account',
>>>>  agents: [ &agent_identifier, ... ],
>>>>  }
>>>>
>>>> in this proposal, the data used to identify the user is an array. for
>>>> systems like second life and OpenSim that want to use two names to
>>>> identify users' agents can. systems that want to use a single account
>>>> name (like an email address) can.
>>>>
>>>> the account identifier goes back to what it was supposed to be: a way
>>>> for a user with multiple avatars to login with an account credential,
>>>> giving a list of agent identifiers the authentication service should
>>>> explicitly check for maintenance.
>>>>
>>>> so, to recap:
>>>>
>>>> a. please don't dis my use case.
>>>> b. account identifiers actually serve a purpose other than just
>>>> identifying an account, they communicate the client's interest int he
>>>> maintenance state of the agents associated with the account.
>>>> c. sure, i'm hip to dropping the last name / first name thing, but
>>>> only if we can do something that supports our use case. (like doing a
>>>> name array)
>>>> d. servers shouldn't be REQUIRED to implement two string identifiers,
>>>> but that being said, there are services that use them and it's
>>>> probably a very good idea for clients to support this use case.
>>>>
>>>> -cheers
>>>> -meadhbh
>>>>
>>>> --
>>>> meadhbh hamrick * it's pronounced "maeve"
>>>> @OhMeadhbh * http://meadhbh.org/ * OhMeadhbh@gmail.com
>>>>
>>>>
>>>>
>>>> On Mon, Apr 5, 2010 at 11:39 AM, Hurliman, John
>>>> <john.hurliman@intel.com>
>>>> wrote:
>>>>>
>>>>> At the IETF77 meeting there was talk about removing the first name /
>>>>> last
>>>>> name assumptions from the avatar identifier, but it looks like that
>>>>> conversation didn't carry over to the mailing list. Does anyone know
>>>>> exactly
>>>>> which I-Ds (and which sections) reference avatar identifiers as
>>>>> first_name+last_name?
>>>>>
>>>>> John
>>>>> _______________________________________________
>>>>> vwrap mailing list
>>>>> vwrap@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/vwrap
>>>>>
>>>> _______________________________________________
>>>> vwrap mailing list
>>>> vwrap@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/vwrap
>>>
>>>
>
>

v2.8.7 | Report a Bug | By Email