OpenID is a great start, I would absolutely love to see a virtual world with a decentralized login system, and I think millions of others would too.
But due to you having to type in your credentials each time, OpenID can get a bit user unfriendly when moving from one HG to another. However using a client SSL Certificate, you can directly query the authenticity of a user using SSL and no other user interaction. It is also possible to tie the public key to a global identity, for example, this is solved with a relatively new technology called FOAF +SSL: http://esw.w3.org/topic/foaf+ssl This is also operates as backwards compatible with OpenID, so that if you get OpenID working, it sould be possible to try out a passwordless experience teleporting between worlds. On Feb 23, 9:19 pm, Toni Alatalo <ant...@kyperjokki.fi> wrote: > this kinda sounds like trying to achieve what rexauth does, no? > > perhaps someone could write how it is w.r.t to that case? i might be > able, but too tired now and probably busy tomorrow. > > also John Hurliman is planning new auth stuff with openid and some > openid related token thing (i forgot the name) which is basically 'same > as rexauth but standards instead of Finnish magic', like he said the > other day :) .. so perhaps he replies his plan there, seems to be online > at least. > > ~Toni > > > > [ Attached Message ]From:Diva Canto > <d...@metaverseink.com>To:opensim-...@lists.berlios.dedate:Mon, 23 Feb 2009 > 11:47:19 -0800Local:Mon, Feb 23 2009 8:47 pmSubject:[Opensim-dev] User > AuthenticationHi, > > I'm about to start tightening the ropes for the Hypergrid in order to > make it safer, and also make safer some loose ends of OpenSim without > HG, and I would appreciate feedback on this. > > The first issue that needs to be addressed is the issue of user > authentication. The regions need to be able to verify that the agent > that claims to be representing charles.kri...@osgrid.org is, indeed, > representing charles.kri...@osgrid.org. (As you know, right now this > is... err... a bit overlooked... *coughs*... and not just in the HG... > *more coughs*). > > Having looked at OpenID, I came to the conclusion that it's not enough > to know that osgrid.org has a user named "Charles Krinke", and we > certainly don't want Charles to be constantly typing his password > everytime he moves; the region needs to know that this user is already > logged in to the system AND the region also needs to know that the agent > that is representing this user is a legitimate agent. > > OK, so the part about being logged in is easy; the user server already > knows that, to some approximation. > > However, the part about the agent being legitimate is a bit more tricky. > Here's the bad thing that can happen: Charles logs in to OSgrid, and TPs > to this intriguing region called "Sports Illuminated Swimming Suite > Edition". That region happens to be up to no good. It grabs Charles > current notion of identity (all the current identifiers we use), it > crashes Charles' viewer so that the user server never knows about it, > and proceeds to impersonate Charles using all those stolen identifiers; > for example, it can go back to Charles's regions and erase them > completely pretending to be Charles. > > So, what can we do to detect the legitimacy of agents? > > Having scratched my head over this, I came to the conclusion that the > most promising element that can be used to identify agents is the > Viewer's EndPoint. This is what happens down in the LLUDPServer (I'm > sure something similar happens in other viewers' packet handlers): > > if (packet != null) > { > if (packet.Type == PacketType.UseCircuitCode) > AddNewClient((UseCircuitCodePacket)packet, epSender, > epProxy); > else > ProcessInPacket(packet, epSender); > } > > The EndPoint epSender comes directly from the socket and I'm assuming it > can't be faked, at least the IP part. Is this correct? This is a > critical assumption. > > So, back to the "Sports Illuminated" scenario: that sim would then try > to launch an agent at Charles' region. It can fake everything except > being Charles' viewer machine. When Charles' region does that code > above, it asks the User server for authentication of an agent with all > those identifiers and the given EndPoint, and the User server tells back > that Charles wasn't using that EndPoint to start with, so the > authentication fails, and an alarm is rang. > > Thoughts? > > Crista > > Disclaimer: I'm not an expert in security, I'm just using my brain in > context. > > _______________________________________________ > Opensim-dev mailing list > opensim-...@lists.berlios.dehttps://lists.berlios.de/mailman/listinfo/opensim-dev --~--~---------~--~----~------------~-------~--~----~ http://groups.google.com/group/realxtend http://www.realxtend.org -~----------~----~----~----~------~----~------~--~---
