OpenID / OAuth is not a bad choice for a decentral login / delegated credentials system, they wre the first system of its kind and is gaining some traction now, however for this project I would strongly recommend looking at FOAF and SSL
http://esw.w3.org/topic/foaf+ssl FOAF is a global solution (using XML/RDF) for describing person data, backed by the w3c, and is extremely extensible. It has been around for over 10 years and there are about 100 million FOAFs out there. This allows you to keep a global version of, say, your avatar and allow other grids (and systems) to pick it up immediately. You also will be able to get the benefit of semantically marking up data (not only avatar data) which allows its reuse in other systems, and aslo the ability to import, for example from openstreetmap etc. SSL is a well established mechanism for authentication built in to most clients. Using X.509 client certificates you can avoid some of the nasty problems of phishing and reliance on a 3rd party identity provider, because the authentication goes on in the well established TLS handshake that comes with every browser, and uses strong PKI to ensure ownership of an avatar. Combining these 2 techniques, is a relatively new but evolving strategy, and will likely fit very well with what opensim is trying to do, and should be extensible to match opensim's long term goals. It is considerably less complex than OpenID, and will be backwards compatible with both OpenID and Oauth, so in theory you should be able to get a flavour of OpenID and Oauth for free, but you'll be able to do much richer things than OpenID sreg / attribute exchange. I would encourage opensim developers to look at this, as it evolves, and am happy to answer any questions. _______________________________________________ Opensim-dev mailing list [email protected] https://lists.berlios.de/mailman/listinfo/opensim-dev
