User:Dzonatas Sol/AWG Identity
< User:Dzonatas Sol
Jump to navigation
Jump to search
Revision as of 16:58, 19 October 2007 by Dzonatas Sol (talk | contribs) (Project:AWG/Identity moved to AWG Identity: moved from "Project:AWG/" to "AWG " per guideline and in the likeness of LSL pages)
- identity should be pluggable
- [Please build a list of desired identity verification systems]
- OpenID
- various grades of verification should be possible
- RL Identity Verification:
- "Is the user exactly who he/she claims he/she is?"
- Very strong verification. Permanently links ID of account to real-world ID of user.
- Age Verification:
- "Is the user old enough to be on this system?"
- Weak verification. Minimum amount needed to maintain compliance with child online access laws.
- Unique Verification:
- "Is this user unique, or is it an Alt?"
- Weak verification. Minimum needed to enforce bans due to TOS violations.
- Very difficult to enforce due to ease of changing commonly-used identifiers: IP address, MAC address, hardware serial numbers/profiles, etc.
- Virtual Identity Verification:
- In a multi-site, multi-grid, multi-world and multi-national distributed architecture, RL verification is not feasible.
- Multi-national ID verification might be provided through means such as OpenID provided by the user's ISP, such as what Orange Telecom has done in France.
- RL identity must be safeguarded for residents living under conditions where human rights are not protected.
- Relevant question: "Is this person XXXX the same XXXX I was talking to yesterday on a different world?"
- RL Identity Verification:
- Verification must not require sensitive data to pass through insecure systems or require storage of sensitive data (link virtual identity <--> RL identity is sensitive data, too)
- It should be possible to attach an unlimited amount of agent from different domains to one identity