[sldev] [Auth] [OpenID] OpenID and AWG

dirk husemann hud at zurich.ibm.com
Mon Oct 8 02:11:07 PDT 2007

Previous message: [sldev] [Auth] [OpenID] OpenID and AWG
Next message: [sldev] [META][WEB] Platform-specific developer pages?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dzonatas wrote:
> Should AWG focus on this first as discussion?
i think that would be a good starting point. also, i think AWG should
focus their discussions :-) 3.5hrs chat log is nice and dandy but serves
no real purpose from a spec point of view. chat log without summary and
write up is pretty much wasted...

    dirk

>
> After I read that long long wiki log...hmmm..., I think this is
> something that can be tackled easier and have more of an immediate impact.
>
> Matthew Dowd wrote:
>> I've already covered this scenario in other posts to the list.
>>  
>> There is a lot of work on  brokered id validation, which could use
>> OpenID or similar as the foundation piece.
>>  
>> A feature an OpenID provider can do is to provide an attribute look
>> up service (similar to Shibolleth), so that SL (or others) can send
>> back queries such as Age, Over18Status, Address.
>>  
>> You can control how much or how little is revealed to a particular
>> provider (so SL may be able to ask Over18Status but not Age; your web
>> service provider may be able to ask for MobilePhoneNumber etc.)
>>  
>> It terms of validating - this is done by third party brokers - so
>> your bank may sign the Age and Over18Status properties (using
>> certificates or similar) - there is some industry interest in
>> providing such services.
>>  
>> This validation is therefore completely independent of who the OpenID
>> provider is.
>>  
>> If this gets off the ground, on LL's side, it becomes a case of which
>> identity providers they are willing to trust (say some major league
>> banks).
>>  
>> On the users side, LL gets to access *only* the information they need
>> (i.e. Over18Status), whilst all the supporting information for this
>> only needs to go to someone who trust or have already trusted with
>> this information (e.g. your bank). In essence this is a digital
>> automated equivalent of a notary signing a "this person is over
>> eighteen" statement...
>>  
>> Yes - there is still a lot of work outstanding on the above, and it
>> will only fly if there's enough momentum behind it, but this is a
>> direction that is attracting a lot of interest in the online
>> verification debate.
>>  
>> Matthew
>>  
>>
>>
>> > Date: Sun, 7 Oct 2007 02:14:54 -0400
>> > From: gigstaggart at gmail.com
>> > To: kamilion at gmail.com; sldev at lists.secondlife.com
>> > Subject: Re: [sldev] [Auth] [OpenID] OpenID as SL Authentication
>> Solution
>> >
>> > Kamilion wrote:
>> > > I've been doing some surfing on OpenID, and found out a lot about it.
>> >
>> > So I set up gigstaggart.com/openid as my own provider. I claim to be
>> > Bill Clinton. Second Life has no way of knowing I'm not Bill Clinton,
>> > since my provider (me) doesn't do any strong authentication of who
>> I am.
>> >
>> > Replace Bill Clinton with "over 18", if you want the age
>> verification angle.
>> >
>> > Basically, OpenID is only as strong as the provider in terms of real
>> > authentication. The only OpenID provider that would be acceptable for
>> > Second Life would be Linden Lab. Back to square 1.
>> >
>> > -Jason
>> > _______________________________________________
>> > Click here to unsubscribe or manage your list subscription:
>> > /index.html
>>
>>
>> ------------------------------------------------------------------------
>> Get free emoticon packs and customisation from Windows Live. Pimp My
>> Live! <http://www.pimpmylive.co.uk>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Click here to unsubscribe or manage your list subscription:
>> /index.html
>>   
>
> -- 
> Power to Change the Void
> ------------------------------------------------------------------------
>
> _______________________________________________
> Click here to unsubscribe or manage your list subscription:
> /index.html
>   


-- 
dr dirk husemann, pervasive computing, ibm zurich research lab
--- hud at zurich.ibm.com --- +41 44 724 8573 --- SL: dr scofield

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.secondlife.com/pipermail/sldev/attachments/20071008/e963be73/attachment.htm

Previous message: [sldev] [Auth] [OpenID] OpenID and AWG
Next message: [sldev] [META][WEB] Platform-specific developer pages?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the SLDev mailing list