[sldev] [Auth] [OpenID] OpenID as SL Authentication Solution

Matthew Dowd matthew.dowd at hotmail.co.uk
Sun Oct 7 01:36:36 PDT 2007

Previous message: [sldev] [Auth] [OpenID] OpenID as SL Authentication Solution
Next message: [sldev] Populating the Resident Chooser dialog with people within chat distance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've already covered this scenario in other posts to the list.
 
There is a lot of work on  brokered id validation, which could use OpenID or similar as the foundation piece.
 
A feature an OpenID provider can do is to provide an attribute look up service (similar to Shibolleth), so that SL (or others) can send back queries such as Age, Over18Status, Address.
 
You can control how much or how little is revealed to a particular provider (so SL may be able to ask Over18Status but not Age; your web service provider may be able to ask for MobilePhoneNumber etc.)
 
It terms of validating - this is done by third party brokers - so your bank may sign the Age and Over18Status properties (using certificates or similar) - there is some industry interest in providing such services.
 
This validation is therefore completely independent of who the OpenID provider is.
 
If this gets off the ground, on LL's side, it becomes a case of which identity providers they are willing to trust (say some major league banks).
 
On the users side, LL gets to access *only* the information they need (i.e. Over18Status), whilst all the supporting information for this only needs to go to someone who trust or have already trusted with this information (e.g. your bank). In essence this is a digital automated equivalent of a notary signing a "this person is over eighteen" statement...
 
Yes - there is still a lot of work outstanding on the above, and it will only fly if there's enough momentum behind it, but this is a direction that is attracting a lot of interest in the online verification debate.
 
Matthew
 
> Date: Sun, 7 Oct 2007 02:14:54 -0400> From: gigstaggart at gmail.com> To: kamilion at gmail.com; sldev at lists.secondlife.com> Subject: Re: [sldev] [Auth] [OpenID] OpenID as SL Authentication Solution> > Kamilion wrote:> > I've been doing some surfing on OpenID, and found out a lot about it.> > So I set up gigstaggart.com/openid as my own provider. I claim to be > Bill Clinton. Second Life has no way of knowing I'm not Bill Clinton, > since my provider (me) doesn't do any strong authentication of who I am.> > Replace Bill Clinton with "over 18", if you want the age verification angle.> > Basically, OpenID is only as strong as the provider in terms of real > authentication. The only OpenID provider that would be acceptable for > Second Life would be Linden Lab. Back to square 1.> > -Jason> _______________________________________________> Click here to unsubscribe or manage your list subscription:> /index.html
_________________________________________________________________
Celeb spotting – Play CelebMashup and win cool prizes
https://www.celebmashup.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.secondlife.com/pipermail/sldev/attachments/20071007/91e47716/attachment.htm

Previous message: [sldev] [Auth] [OpenID] OpenID as SL Authentication Solution
Next message: [sldev] Populating the Resident Chooser dialog with people within chat distance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the SLDev mailing list