AW Groupies/Chat Logs/AWGroupies-2008-08-19

[9:32] Bartholomew Kleiber: Hi all
[9:32] Latha Serevi: woof!
[9:37] Teravus Ousley: hai
[9:37] Tess Linden: hello
[9:37] Bartholomew Kleiber: hi
[9:37] Tess Linden: I haven't been to this meeting for a while, what's been going on?
[9:38] Teravus Ousley: 0.o, me either.. been 'stuck' at 1st life work for a month and a half.
[9:39] Latha Serevi: Most of the excitement has been around the open grid protocol tests...
[9:39] Bartholomew Kleiber: same here
[9:39] Bartholomew Kleiber: but I'll habe a rl meeting with tao this week
[9:39] Bartholomew Kleiber: have*
[9:40] Tess Linden: the pyogp work or separate from that?
[9:41] Latha Serevi: Well, the whole "teleport across grids" thing, which involves both a client (pyogp/LL) and server (opensim)
[9:41] Tess Linden: ah okay
[9:41] Saijanai Kuhn: hey tess
[9:41] Teravus Ousley: heh, client/server rolls blur :D
[9:42] Tess Linden: the Beta folks have been working on figuring out next steps for making teleports work, but aside from that, there's been lots of discussion at Zero's office hours with regards to trust related to off-grid permissions
[9:43] Teravus Ousley: Yes, I'm interested in the revision 3 draft.
[9:43] Tess Linden: ah, I just spoke with Zero this morning about the status of draft 3
[9:43] Tess Linden: we have a meeting this afternoon to walk through more of what we've changed, but we don't want to publish anything that hasn't been vetted
[9:44] Tess Linden: the timeline is approx 1-2 weeks before draft 3 is published
[9:44] Bartholomew Kleiber: on aside note: Tao released a beta of syntronik.de btw which is a proof of concept agent domain.
[9:44] Teravus Ousley: ok, cool. Gives me time to get OGP into modules so it it's a configuration option instead of a patch..
[9:44] Multi Gadget: v2.0.3b by Timeless Prototype, '/44 info'
[9:44] Teravus Ousley: (for opensimulator)
[9:44] Tess Linden: One of the things we want to work through is how to note in the doc what is deployed in correctly and what is truly spec
[9:45] Bartholomew Kleiber: speaking of the devil :-)
[9:45] Tess Linden: I'm almost leaning towards leaving that completely out of the doc and having Jira bugs filed on the incorrect parts
[9:45] Tao Takashi: HI
[9:45] Saijanai Kuhn: though really, given how the AD works, its not so much a a proof of concept as a prototype. The AD registers and performs introductions and the like. It doesn't need to be a huge serer form all by itself
[9:45] Tess Linden: that would be awesome Teravus. Have you been going to Whump's office hours or the Beta huddles?
[9:46] Tess Linden: I think I saw you there -- just wanna make sure people are talkign ot each other
[9:46] Tao Takashi: is very much in favor of the AD not being a huge thing, mostly a service directory
[9:47] Teravus Ousley: started going yesterday.. did the OGP test.. updated the OGP patch to the latest svn revision at the time.. (published on forge.opensimulator.org)
[9:47] Tess Linden: has there been any docs written up on the current status of the trust discussion?
[9:47] Teravus Ousley: .. getting people talking about a few differences that need to be resolved...
[9:47] Tess Linden: I saw that email fly by :)
[9:47] Latha Serevi: Tao, I'm curious about your comment on a small AD, since I imagined that I'd store my objects in my AD
[9:48] Tao Takashi: we discussed already that the inventory service might actually be separate
[9:49] Tao Takashi: and in fact it might store maybe some list of your personal inventory servers in some service discovery document
[9:50] Latha Serevi: Tess, there are Infinity's trust pages on the wiki...
[9:50] Tao Takashi: as for trust I think people added to Infinity's page on it
[9:50] Tess Linden: Latha: do you have a link?
[9:51] Latha Serevi: [1]
[9:52] Latha Serevi: ...but trust issues could use some clarity. If there were anyone in whose head they were clear.
[9:53] Tao Takashi: esp. for objects nothing is too clear I guess ;-)
[9:53] Tao Takashi: so we still need use cases
[9:54] Tao Takashi: and we need to see how far we get with what we discussed which basically came down to using SSL to make sure the one you talk to is the component it claims to be
[9:54] Saijanai Kuhn: well its easy to define the extremes for trust. Its the middle ground that is hard to describe
[9:54] Tao Takashi: and let policy be implemented as domains like to
[9:54] Tess Linden: Latha: which section needs more clarification? I can take some notes to ask Infinity later
[9:54] Tess Linden: or we can discuss them here
[9:54] Tao Takashi: and in the distributed object situation it maybe depends where objects can go to
[9:54] Tess Linden: use cases for objects
[9:55] Tao Takashi: like will it stay on one inventory server or will it be copied to the person's server who e.g. bought it
[9:55] Tao Takashi: would prefer the latter
[9:55] Latha Serevi: Tess, it isn't that Infty's stuff is unclear; it's that we as a community haven't really written down the Three Laws of Trust. Defining different layers, etc.
[9:55] Tao Takashi: but that will make it harder to control things
[9:55] Saijanai Kuhn: ah, and someone mentioned this to me yesterday and it seems to be relevant: [2]
[9:56] Saijanai Kuhn: guy developed a computer language specifically to address distributed trust issues
[9:56] Saijanai Kuhn: lots of background links referenced on that website
[9:56] Latha Serevi: My approach might be, start with a few basic use cases, and assume that each participant has a locally (magically maintained) trust map; try to figure out what kind of loookups into that map would need to happen. Okay, I'm about to rezz an object. I need to look up whether the region I'm in can be trusted with teh bits of the object according to me (object owner) and it (object creator) ...
[9:56] Tao Takashi: I think what it mainly needed is to think through some scenarios and see what is needed or if the things discussed will work
[9:58] Latha Serevi: ...;the region needs to look up whether I (or my AD) may rezz objects in this sim; and (if there are permissions on this region) whether I have the needed group memberships; ...
[9:59] Latha Serevi: After we get a few of these use cases down and try to enumerate the trust checks that might happen for each participant, then we can try to work out a preliminary model for how to implement all those that might conceivably satisfy the needs. Nobody has done that yet as far as I can tell.
[10:00] Tao Takashi: yep, I agree
[10:00] Tao Takashi: and we might see how much is implementation specific and how much needs to be in the protocol
[10:01] Mirt Tenk: accepted your inventory offer.
[10:02] Tess Linden: do we need a matrix?
[10:02] Tess Linden: I'm not sure what the "three layers of trust" is
[10:02] Latha Serevi: Yes on the matrix, but I don't think any of us can confidently write it down. I just made up the "three layers of trust" just now, it doesn't exist.
[10:03] Tess Linden: Latha: were you refrring to Infinity's Trust "Layers" section 6?
[10:03] Tess Linden: oh ok
[10:03] Tess Linden: hm... no content there
[10:03] Bartholomew Kleiber: but a matrix makes sense right? (even without red or blue pill)
[10:04] Bartholomew Kleiber: because the possible use cases might be quite complex
[10:04] Tess Linden: so I heard one variable is "who does the object currently belong to? what are the object's current permissions?"
[10:05] Tess Linden: another variable is "who is the object being transfered or copied to? and/or which region is the object going ot be rezzed?"
[10:05] Latha Serevi: I don't think the "matrix" makes sense to me yet, except vaguely.
[10:05] Tess Linden: there are 2 operations for transfers between "domains"
[10:06] Latha Serevi: My own model is, each participant with a bitmap. But I don't know what goes in the bitmap.
[10:06] Tess Linden: you can either give an object to someone else (agent -> agent) transfer
[10:06] Tess Linden: or you can rez the object (agent -> region) transfer or derez (region -> agent)
[10:07] Tess Linden: That's a simpler way to look at it right?
[10:08] Latha Serevi: Sounds OK, Tess, although we might need to support more than one protocol for rezzing an object into a region -- the notion of a no-copy object being transferred-then-deleted , for instance, isn't something I would want to implement in an OGP server if I had an alternative.
[10:08] Tess Linden: if you are actually changing owners, then the owner's agent domain has to trust the receiving person's agent domain to not copy stuff
[10:09] Tess Linden: but you trusted the region domain you teleported to to keep your no copy object
[10:09] Tess Linden: by rezzing the object there
[10:09] Teravus Ousley: vaugely remembers Which Linden talking about the 'inventory transfer' process.
[10:10] Tess Linden: just like you trust Second Life to not lose your no copy object
[10:10] Tess Linden: (it can still happen)
[10:10] Tao Takashi: that's why I don't trust SL ;_)
[10:10] Tao Takashi: but without an alternative... ;-)
[10:11] Teravus Ousley: .. a while back Which was talking about keeping the object in escrow.. and the region would have to invoke a cap, which would do the change.
[10:11] Tess Linden: We do everything we can to fail safe, but sometimes its unrecoverable
[10:11] Tao Takashi: so if AD 1 gives it to AD 2 (or maybe rather inventory service 1 to 2) then you also need to trust that 2 is not giving it out to some non-trustworthy other service
[10:11] Tess Linden: but we're not talking about bugs here, we're talking about trust
[10:11] Tao Takashi: i was j/k
[10:11] Tess Linden: the intent is still good -- the region you rezzed on doesn't purposely want to lose your no copy object
[10:12] Latha Serevi: I may be adding unnecessary confusion here, but I personally don't think the transfer of a no-copy object should involve movement-of-bits-then-destruction-of-original, but rather a transfer of flags. This seems more important as grids get more open/distributed. I'm suggesting that there might be more than one way to impl;ement "only one copy used at once" -- 1 coyp of bits versus one "active" bit at once.
[10:12] Tess Linden: and if it does lose it, you should know what you can do -- who you can call for support etc
[10:12] Mirt Tenk: good point
[10:12] Tess Linden: Latha: what if the original owner's agent domain goes out of business?
[10:12] Latha Serevi: So, in the protocol, there might be a couple of ways to implement "deactivate your copy of this object"
[10:13] Tess Linden: or what if the original agent domain completely lost all its data in an earthquake?
[10:13] Tess Linden: but your account is associated with a separate agent domain, you should be able to keep all your inventory
[10:13] Mirt Tenk: like software license TR
[10:13] Mirt Tenk: (Latha)
[10:13] Tao Takashi: so the protocol maybe shouldn't say how to deactivate the object
[10:14] Tao Takashi: as long as it's not usable to the user anymore
[10:14] Tao Takashi: so as for the earthquake question I as a user want to decide where my stuff is stored
[10:14] Tao Takashi: but "my stuff" is relative depending on whom you ask. content creators might also see stuff they sold as "their stuff"
[10:15] Latha Serevi: Maybe we have a couple of issues we're mixing here -- how to test whether a participant is satisfied w.r.t. trust component X, and different possible agreements between partipants for how to acceptably implement certain content protections.
[10:15] Tao Takashi: but in RL you usually don't have that level of control.. although e.g. the music industry is trying hard
[10:16] Tao Takashi: yes, we are mixing things up. I guess we can handle the no-copy issue separately from the "where are objects allowed to go" issue
[10:16] Tess Linden: are people ok with a disclaimer when you buy something that bastically means "this object will only be stored in my agent domain so that my agent domain can maintain permissions" ?
[10:16] Tao Takashi: that's what I wanted to propose, that you at least should be able to know the limits
[10:17] Tao Takashi: but of course you need to trust the seller
[10:17] Latha Serevi: The no-copy thing was my fault bringing it up; but I wanted to point out that there may be multiple quite different implementations of content transfer and restrictions. Tess, that sounds OK as one of the options available to users/implementors.
[10:17] Latha Serevi: In the spirit of Zha, we shouldn't tell people what to want.
[10:17] Tao Takashi: because if it's e.g. in a vendor and you cannot directly examine the object you don't know before you buy
[10:18] Tao Takashi: but in general I as a user would like to know if I can move it to my own server, on which grids I can take it with me and so on
[10:18] Tao Takashi: before I buy it
[10:18] Tao Takashi: so the market can decide what the best strategy is
[10:18] Tao Takashi: but with permissions we already need to trust the seller actually
[10:19] Tess Linden: for objects that only live on one agent domain, they can live in multiple region domains too
[10:19] Tao Takashi: and I think there is also no other way than trusting the seller
[10:19] Tess Linden: yeah, when you buy something from someone, u have to trust the seller
[10:19] Tess Linden: just like you trust the region you bought it in
[10:19] Tao Takashi: yes, there needs to be some description of the level of portability in both domains: inventory server and region domain
[10:20] Latha Serevi: "have to trust" for what, though?
[10:20] Tao Takashi: that the seller does not advertise copy but the obect in fact is not
[10:20] Tess Linden: trust that after the transaction, you will be able to use the object with the terms you agreed to
[10:20] Tao Takashi: or in our case that it says "work everywhere" but in reality it only works on grid A
[10:20] Latha Serevi: Thanks for clarifying, Tess. I think the phrase "you have to trust entity X" is too vague and should ring alarm bells.
[10:21] Tao Takashi: started with examples in order to not be too vague ;-)
[10:21] Tao Takashi: so the question is what the description for the portability of an object can look like
[10:21] Tao Takashi: simple would be "only this AD" and "everywhere" for the AD case
[10:22] Tao Takashi: but it might also be "can be copied to any server on this AD and the ADs it trusts"
[10:22] Latha Serevi: We need to invent some language that we can start using, that we can gradually percolate out to the rest of the community, that helps people get un-confused about the concept that "I interact with you" is not the same as "I trust you with my crown jewels".
[10:22] Tao Takashi: yes, it will be mostly a usability question
[10:22] Tao Takashi: make it red-yellow-green :)
[10:22] Tess Linden: trust goes both ways too though right?
[10:23] Tess Linden: like Tao said "work everywhere" is buyer trusting seller
[10:23] Tess Linden: and "cannot be copied" is seller trusting buyer
[10:23] Latha Serevi: Tao, you're talking about transfers of ownership, then? What about rezzing into a sim, that's another permission, right?
[10:23] Tao Takashi: I wouldn't bring "ownership" in here I think as this can lead to very philosophical discussions
[10:23] Tao Takashi: we had this in the DataPortability Project
[10:23] Tao Takashi: let's think "license" maybe
[10:24] Tao Takashi: so the seller has to trust the buyer that she respects the license
[10:24] Tess Linden: Latha: rezzing will enforce the "work everywhere" case, but needs to trust the region to do the "cannot be copied" piece
[10:24] Tao Takashi: (or might go to court)
[10:24] Latha Serevi: Interesting point, Tao, although I think LL has alreeady stuck us with the terminology "owns = has a license to".
[10:24] Tao Takashi: well, right now the license is somehow derivced from the permissions
[10:25] Tao Takashi: but it's not always true. When I give out a copy-for-all object then I might not want it to be sold
[10:25] Tao Takashi: no way to specify this
[10:25] Tao Takashi: so I don't want to give the person who then "owns" it all the rights
[10:26] Tao Takashi: that's why owning is problematic.. I think we should think of "owning" just as a term to describe that it's in some users inventory
[10:26] Teravus Ousley: still suggests tagging a notecard with a license on to an object.. but hasn't really paid attention in the last month and a half on the trust conversations.. stuck in 1st life work.
[10:26] Tao Takashi: and I would propose to add some license text field to objects
[10:26] Tao Takashi: not only permissions
[10:26] Bartholomew Kleiber: in germany for example you cannot sell the copyright only the right of use.
[10:27] Bartholomew Kleiber: The latter is the license so to speak.
[10:27] Tao Takashi: so it always also depends on trust
[10:27] Tao Takashi: trust between the seller and the buyer that they both don't do things they are not intended to do
[10:28] Tao Takashi: we can help with permissions but this usually won't cover everything
[10:28] Latha Serevi: We won't get to control how people use the word "owns" or "trusts", so I'm just going to use different words and expect those words to stay imprecise. I also think we're getting a bit ahead of our ability to be precise about these things; we haven't written out even the simplest cases yet.
[10:28] Tao Takashi: and we can work with contracts between ADs and RDs that they agree to use these permissions and not just copy everything
[10:29] Tess Linden: but the license has to be broken up so that it can be enforceable
[10:29] Tao Takashi: but some aspects might be unenforceable.
[10:29] Tao Takashi: "only for non-commercial use"
[10:29] Teravus Ousley: right, there are certain aspects that we're expected to maintain.
[10:29] Tao Takashi: at least not technically enforcable
[10:29] Tao Takashi: but we of course want to keep permission as some sort of enforcement
[10:30] Teravus Ousley: .. beyond that though, the license could be an extra legal statement.. for things that we can't possibly enforce technically.
[10:30] Tao Takashi: yes, it can be some CC license
[10:30] Tao Takashi: and it would be great if you can attach this additionally
[10:30] Tao Takashi: so you at least can go to court if you really want to
[10:31] Tao Takashi: Barth: maybe we should discuss some use cases on friday :)
[10:31] Latha Serevi: I'm pretty sure we have all confused each other by now. This confirms my notion that we need to get a few of us together for a day, and try to pound out some kind of taxonomy or at least big-space-of-issues-with-names.
[10:31] Latha Serevi: Here's one possible recipe: (1) write down a fairly exhaustive list of "trust interests of the various participants" and give them short mnemonic codes. (2) write down a couple of simple use cases. (3) write down some candidate steps in the protocol to achieve the desired action. (4) for each step, try to write down the "trust codes" that would need to be satisfied.
[10:31] Bartholomew Kleiber: sure
[10:31] Bartholomew Kleiber: btw, you have to tell me the time frame
[10:31] Tess Linden: this is a great conversation btw
[10:32] Tao Takashi: I might arrive at 9am for the open coffee club
[10:32] Tao Takashi: and will leave sometime at night for FrOSCon I think
[10:32] Tao Takashi: or might stay in cologne, we'll see
[10:32] Bartholomew Kleiber: ok
[10:32] Tao Takashi: but let#s move that to skype :)
[10:32] Bartholomew Kleiber: yup
[10:33] Tao Takashi: so maybe we can start then with some simple use cases of where objects can go
[10:33] Tao Takashi: and some list of interests
[10:34] Saijanai Kuhn: I made cdontact with the erights people on #erights at freenode.net if anyone wants to join in that ongoing discussion
[10:34] Latha Serevi: Tao, I'm not quite keeping up with what "we can start then" means.
[10:34] Tao Takashi: well, when I and Barth meet
[10:34] Tao Takashi: I think it's sometimes easier to have some whiteboard or so
[10:35] Tao Takashi: we can start a wiki page with our results then
[10:35] Tao Takashi: and people can add to that
[10:35] Tao Takashi: or we add to what people might have done in the meantime
[10:36] JayR Cela: bye~byee everyone / thanks for the meeting :_)
[10:36] Tess Linden: thanks jayR
[10:36] Mirt Tenk: ty
[10:36] Tao Takashi: cya JayR
[10:36] Teravus Ousley: take care JayR :D
[10:36] JayR Cela: :_)
[10:36] Tess Linden: Sai: your link didnt work
[10:37] Tao Takashi: what link?
[10:37] Tao Takashi: do we have chat loss?
[10:37] Tao Takashi: or me at least
[10:37] Bartholomew Kleiber: rather ww?
[10:37] Teravus Ousley: I didn't get a link either... but I did see a reference to an IRC channel on freenode
[10:38] Teravus Ousley: #erights at freenode.net
[10:38] Tao Takashi: I didn't get that
[10:39] Tess Linden: ok so Teravus and Latha: are you guys going to write up a list of license pieces that people may want?
[10:39] Saijanai Kuhn: that's the channel for discussions of a distributed trust computer language called E
[10:39] Tao Takashi: I guessed so but I didn't get that chat line
[10:39] Tao Takashi: so I wonder what other people might not get
[10:39] Tao Takashi: and if SL eats chat
[10:39] Tess Linden: what chat line?
[10:39] Teravus Ousley: I think Tao and a few others intend on spear heading it.
[10:40] Bartholomew Kleiber: wasnt that supposed to go into IRC?
[10:40] Tao Takashi: the one with the freenode line or the link you mentioned, Tess
[10:40] Tao Takashi: or was what on IRC?
[10:40] Tao Takashi: maybe we should compare chatlogs ;-)
[10:40] Teravus Ousley: tends to be more of an implementer.. then an architect in the protocol space.
[10:40] Tess Linden: [3] doesnt work
[10:40] Tess Linden: Sai pasted it earlier
[10:41] Tao Takashi: ah, this link
[10:41] Tao Takashi: ok, I got this
[10:41] Tao Takashi: worked for me though
[10:41] Saijanai Kuhn: ah hangon, WHich had that problem too mirror coming up
[10:41] Latha Serevi: Tao, before you arrived, Sai had posted this comment -- [9:55
[10:41] Tess Linden: that works for you?
[10:41] Saijanai Kuhn: https://www.cypherpunks.to/erights/
[10:41] Mirt Tenk: yes
[10:41] Tao Takashi: I got that but I thought Tess mentioned it because it was pasted in recently :)
[10:41] Saijanai Kuhn: works even in SL browser
[10:41] Tao Takashi: and yes, worked for me when he mentioned it
[10:42] Saijanai Kuhn: looks like the linden servers don't allow access to it for some reason
[10:42] Tao Takashi: dangerous content
[10:42] Tao Takashi: not TRUSTED!
[10:42] Teravus Ousley: hehe
[10:42] Saijanai Kuhn: ironic given the topic of the site
[10:42] Teravus Ousley: well, maybe some FUD generated by the groups discussions..
[10:42] Bartholomew Kleiber: LOL
[10:43] Teravus Ousley: we note how lively our discussions on trust are..
[10:43] Tao Takashi: did everybody had a look at [4] btw? :)
[10:43] Bartholomew Kleiber: Tao: I plugged it shalefully ;-).
[10:43] Bartholomew Kleiber: shamefully*
[10:43] Saijanai Kuhn: [5] is a proposal for a caps-based virtual world
[10:44] Tao Takashi: good :)
[10:44] Tao Takashi: need to clean up some code
[10:44] Tao Takashi: and make TP work
[10:44] Teravus Ousley: while we're plugging things.. haha.. [6] :P
[10:44] Latha Serevi: I'll go look at syntronic.de now. Thanks for the links, Sai.
[10:44] Saijanai Kuhn: and here is a blog about caps-security in virtual environments: [7]
[10:45] Tao Takashi: which reminds me that syntronik.de right now does not use any form of secure caps.
[10:45] Tao Takashi: this might be the next step.. but it means a very non-web architecture unfortunately
[10:45] Saijanai Kuhn: and here is a mailing list for caps based security: [8]
[10:46] Teravus Ousley: OpenSimulator OGP patch.. : [9]
[10:46] Bartholomew Kleiber: havent we all at least one patched OpenSim up and running ;-)?
[10:46] Tao Takashi: is this the same "caps" we are talking about here?
[10:46] Bartholomew Kleiber: at least I have
[10:46] Tao Takashi: me, too
[10:47] Saijanai Kuhn: these guys write their PHDs on the topic, tao...
[10:47] Tess Linden: Tao: you're spearheading the license list?
[10:47] Teravus Ousley: :D hehe.. probably. Though.. this is against a later revision 5916
[10:47] Latha Serevi: Anybody know Kevin Reid, the "E" and "MUD" guy? Wonder if he is aware of the SL world at all.
[10:47] Bartholomew Kleiber: oh ... is the hostname bug resolved?
[10:47] Tao Takashi: Sai: I see that but I wonder if it's the same concept we and they are talking about
[10:48] Tao Takashi: Tess: Barth and I will try to work on friday on some use cases
[10:48] Tao Takashi: should I make it to cologne that is but I hope so
[10:48] Teravus Ousley: Bartholomew: try it with the Internal IP set to 0.0.0.0 in the default.xml in /bin/Regions
[10:48] Tao Takashi: but I gotta go now
[10:48] Teravus Ousley: Take care Tao
[10:48] Saijanai Kuhn: I seem to be somewhat on the same page in a very junior way when chatting with them
[10:49] Tao Takashi: ic, Sai, will have a look
[10:49] Saijanai Kuhn: kreid is who I am chatting with right this second
[10:49] Latha Serevi: Suggestion: if anyone makes a new wiki page related to trust, let's link to it from Infinity's page.
[10:49] Tao Takashi: yep, Latha
[10:49] Teravus Ousley: Great idea Latha
[10:49] Tao Takashi: ok, cya later!
[10:49] Bartholomew Kleiber: cu
[10:49] Saijanai Kuhn: kreid on #erfights @ freenode.net
[10:49] Saijanai Kuhn: #rrights*
[10:50] Saijanai Kuhn: #erights***
[10:50] Latha Serevi: Sai, cool, maybe kreid would be willing to look over our attempts later and tell us things we've missed.
[10:50] Saijanai Kuhn: kpreid. I assume its the same guy, will ask

AW Groupies/Chat Logs/AWGroupies-2008-08-19

Navigation menu

Search