Difference between revisions of "LSL Protocol/Restrained Love Open Relay Group/email"

From Second Life Wiki
Jump to navigation Jump to search
 
(21 intermediate revisions by 3 users not shown)
Line 1: Line 1:
== !x-email ==
{{ ORG Restrained Life Relay Specs TOC }}


''Implemented in Satomi's Multi-Relay HUD 0.93, and Satomi's Witchy Remote 1.1beta2''
= !x-pollemail =
STATUS: draft


Initiate an email-encapsulated RLVR session.
VERSION: 006


On reception of !x-email, the relay should make itself ready for the protocol initiation, which means starting checking emails periodically. The command should be ignored (or ko'd) by older relays.
MANDATORY DEPENDENCIES: '''''[[LSL Protocol/Restrained Love Open Relay Group/key|key]]'''''


Other commands used in this protocol: !x-session, !x-session-confirm, !x-listen. Full support for !x-listen is also strongly suggested for !x-email support.
RECOMMENDED: '''''[[LSL Protocol/Restrained Love Open Relay Group/autoforward|autoforward]]''''', '''''[[LSL Protocol/Restrained Love Open Relay Group/sensor|sensor]]'''''


===Presentation of e-mails===
COMMANDS:
* ''!x-pollemail'': commands the relay to start polling emails. (''!x-pollemail/clear'' makes it stop)


The topic: ORG encapsulated RLVR protocol,<protocol version>, <session_key>
IMPLEMENTATIONS


ex: ORG encapsulated RLVR protocol,draft2,45afb982-d02c-35e1-d492-a948b92c92f3
Relay side:
The session key is a secret shared by both relay and controlling device, and will be created during the protocol initiation.
* Version 005 in Satomi's Multi-Relay HUD 0.93
* Version 005 in Dahlia's multirelay >=0.39
* Version 006 in Dahlia's multirelay >=1.2.15


Controller side:
* Version 005 in Satomi's Witchy Remote 1.1beta2''
* Version 005 in Dahlia's anythingRLV >=2.97
* Version 006 in Dahlia's anythingRLV >=3.7


The message: consists of several submessages, each on a different line.
DESCRIPTION: This x-tension makes it possible to control relays gridwide (relay in one sim, controller in another one) by using email as a communication channel instead of usual chat on RLVR channel.


A submessage is:
==Presentation of e-mails==
* either a RLVR standard message (only without the recipient key): <identifier>,<RLVR command> for a controlling object message, and <identifier>,<RLVR command>,<ack> for a relay message.
Emails exchanged between relay and controller need to follow a common format.
* either a RL viewer answer (for instance an answer to a @getstatus or @version):  <channel>,<viewer answer>


===Protocol scenarii===
The topic must be:
ORG encapsulated RLVR protocol,<protocol version>,<session_key>


Conventions: messages are symbolized by different types of arrows. We suppose the controller (C) is on the left and the relay (R) on the right. An arrow with a c (-c>) is a chat message on RLVR channel (or whatever channel the controller and the relay negotiated before). An arrow with a e (-e>), is a submessage (like defined before) in an email with the requirements stated before.
Where the protocol version if the version of the x-tension, and the session key is a secret shared by both relay and controlling device.


  C(ontroller)<->R(elay)
  ex:  ORG encapsulated RLVR protocol,006,a586c562-bf27-b7db-e36e-822d0a9ba02a


-c> is a message by chat channel: authentified, but not private
The session key will usually be created within a prior session, using !x-key as defined in '''''[[LSL Protocol/Restrained Love Open Relay Group/key|key]]''''', but it is also possible for the controller to generate and send a new key in the first email message. In the latter case, a new session is created that will use this key in all further messages.
-e> is a message by email: private but not authentified


The body of the mail contains one or several lines with the same syntax as used in the RLVR protocol, without the field with the recipient UUID.


====Email session initiation protocol:====
From the controller:


This protocol establishes an authentified email session.
<command ident>,<list of RLVR commands and metacommands separated by '|'>


1 -c>    blah,k(R),!x-email
From the relay:
2 <c-    blah,k(C),!x-email,ok
3 -e>    bleh,!x-session
4 <e-    bleh,!x-session,nonce
5 -c>    nonce,k(R),!x-session-confirm
6 <c-    nonce,k(C),!x-session-confirm, ok


Comments:
<command ident>,<commands or metacommand the relay is answering to>,<ack value>
* After 2, the relay is ready to initiate the session (it is listening to emails), and the controller (also listiening) knows it.
* Between 2 and 3, the controller randomly generates a session key, k(S), that goes into the future e-mail topics.
* After 4, as only R should have received 3, C knows 4 comes from R, and thus that R has acknowledged k(S). Moreover C knows R has generated the nonce[http://en.wikipedia.org/wiki/Cryptographic_nonce] (random integer that should be used only once).
* After 5, R knows that C has received the nonce, and thus that C is the one who proposed k(S).
* After 6, C knows that R knows, which means both C and R agrees on the shared secret k(S).


This protocol only works because of the unusual properties of the used channels: chat messages being public, but authentified (SL server guarrantees the origin of messages), e-mails being somewhat private (short being able to physically spy network links... ), but are easily forgeable, thus not authentified.
Note that in conjunction with '''''[[LSL Protocol/Restrained Love Open Relay Group/autoforward|autoforward]]''''', the following is also possible from the relay:
<channel number>,<forwarded viewer reply>


====R has a new key:====
==Example of initialization between a controller C and the relay R==
When the relay wearer teleports or is crossing regions, the relay can (will?) have a new key. For it being able to receive further controller messages, it needs to give its new key.
 
  <e-    ping,ping,ping
In the following exchange, the controller C and the relay R negotiates a secret UUID key which will be the key of the session. The exchange is done using llRegionSayTo() to keep the key secret (k(R) is the UUID key of the wearer of the relay and k(C) the UUID key of the controller).
  -e>   ping,!pong
 
Comment: the new relay key appears in the email address, for this reason it doesn't show explictly in this dialog.
1 C--RLVR--> R    secret_key,k(R),!x-key/a586c562-bf27-b7db-e36e-822d0a9ba02a
2 C<-RLVR--- R    secret_key,k(C),!x-key/a586c562-bf27-b7db-e36e-822d0a9ba02a,ok
 
Then C can start an email session using !x-pollemail as follows:
 
1 C--RLVR--> R    blah,k(R),!x-pollemail
2 C<-RLVR--- R    blah,k(C),!x-pollemail,ok
 
Without secret key, the answer for !x-pollemail must be a "ko". There are no exceptions. Then the session can continue by email using the subject "ORG encapsulated RLVR protocol,006,a586c562-bf27-b7db-e36e-822d0a9ba02a".
 
  1 -e>    bleh,<anything>
2 <e-    bleh,<anything>,<ack>
  ...
 
'''Remark'''
 
* The autoforward and sensor x-tensions are not required: a controller does not necessarily need to send @getxxx or @notify commands, or to scan for objects or avatars. The autoforward and the sensor x-tensions may be used also for a simwide control (i.e. a chat session with the controller and the relay distant of more than 100m).
 
==Ending the email session between a controller C and the relay R==
 
To end up an email session, the commands !x-takeover and !x-pollemail/clear may be used.
 
1 C--RLVR--> R  back_to_chat,k(R),!x-takeover/a586c562-bf27-b7db-e36e-822d0a9ba02a
2 C<-RLVR--- R  back_to_chat,k(C),!x-takeover/a586c562-bf27-b7db-e36e-822d0a9ba02a,ok
 
Note that in the above exchange, the controller C is not necessarily the first controller; the above commands can also be interpreted as a kind of handover.
 
It is also possible to use !x-pollemail/clear as follows (by email or by chat):
 
1 C------> R  back_to_chat,k(R),!x-pollemail/clear
2 C<------ R  back_to_chat,k(C),!x-pollemail/clear,ok
 
'''Remarks'''
 
* The commands using the secret session key must use llRegionSayTo(): !x-key and !x-takeover
* This behaviour of !x-takeover is already in the version 002 of the x-tension key.


====C has a new key:====
==Testing controller's presence==
Same issue for the controller, as it could well be a device worn by an avatar, or even if it is an object rezed on land, the region could restart.
-e>    blah,!x-email
<e-    blah,!x-email,ok
Comment: here also, the key is implicit, as it is included in the e-mail address.


===Relaying viewer chat messages:===
For garbage collection purposes, be it on relog, or on regular basis, R might want to check if C is still active. The ping mechanism can be used here.
  ( -e>  bloh,@getxxxx=1234
  <e-   ping,ping,ping
  <e-   bloh,@getxxx=1234,ok )
  -e>   ping,!pong
  <e-   1234,<chat_message>


//Maybe won't be implemented at all.
The important thing is that the relay remembers it was an email session after relog.
//Aternately:
//-e>    k(R),bloh,#getxxxx
//<e-    k(C),bloh,#getxxxx,<message>
//


====Ending e-mail session and going to chat====
C can check R's presence by sending any valid message, as acknowledgement by R is required for every RLVR message from C. If the only purpose of the message is presience verification, the following scenario is recommended:
  -e>     blih,!x-listen/-12345
  -e>   blah,!x-pollemail
  <e-     blih,!x-listen/-12234,ok
  <e-   blah,!x-pollemail,ok


Both relay and controller have to check that their recipient is in chat range. The controller before even trying. The relay before acknowledging. If the latter fails, then the relay should answer:
==Handover==
<e-    blih,!x-listen/-12234,ko
!x-handover/K/n should work like in chat sessions (with the semantics that the session is transfered to the object of key K, chatting on standard RLVR channel).


====Handover====
Handing over to another object while remaining in e-mail mode, doesn't however require any special step. The following scenario can be used:
!handover should combine nicely, but is actually optional, as giving k(S) to the device you want to hand the session over to should allow the taking over device to use the "C has a new key" mechanism to announce its email address in place of that of the handing over device.
1 - assume C has a session with R, using key k(S)
2 - C gives k(S) to another object C' via any preferred medium
3 - now  C' can continue e-mailing with S, using key k(S) (and can use the "C has a new key" scenario)


===Requirements===
Handing over to oneself can also be used to switch back to chat mode.
* On !x-email acknowledgement, the relay should start listening to e-mails and handle them like RLVR messages.
* On !x-session confirm, the relay confirms that the RLVR session with the controller is transfered to e-mail, which means e-mails with the negotiated session key should be handled as if coming from the controller.
* Whenever the relay accepts a RLV command with calls for a viewer answer (@blah=1234), the relay must listen to the viewer answer, and forward it via email to the controller.

Latest revision as of 01:50, 17 June 2011

Restrained Love
Open Relay Group
x-tensions
Restrained Love Relay

!x-pollemail

STATUS: draft

VERSION: 006

MANDATORY DEPENDENCIES: key

RECOMMENDED: autoforward, sensor

COMMANDS:

  • !x-pollemail: commands the relay to start polling emails. (!x-pollemail/clear makes it stop)

IMPLEMENTATIONS

Relay side:

  • Version 005 in Satomi's Multi-Relay HUD 0.93
  • Version 005 in Dahlia's multirelay >=0.39
  • Version 006 in Dahlia's multirelay >=1.2.15

Controller side:

  • Version 005 in Satomi's Witchy Remote 1.1beta2
  • Version 005 in Dahlia's anythingRLV >=2.97
  • Version 006 in Dahlia's anythingRLV >=3.7

DESCRIPTION: This x-tension makes it possible to control relays gridwide (relay in one sim, controller in another one) by using email as a communication channel instead of usual chat on RLVR channel.

Presentation of e-mails

Emails exchanged between relay and controller need to follow a common format.

The topic must be: 

ORG encapsulated RLVR protocol,<protocol version>,<session_key>

Where the protocol version if the version of the x-tension, and the session key is a secret shared by both relay and controlling device. 

ex:  ORG encapsulated RLVR protocol,006,a586c562-bf27-b7db-e36e-822d0a9ba02a

The session key will usually be created within a prior session, using !x-key as defined in key, but it is also possible for the controller to generate and send a new key in the first email message. In the latter case, a new session is created that will use this key in all further messages.

The body of the mail contains one or several lines with the same syntax as used in the RLVR protocol, without the field with the recipient UUID.

From the controller: 

<command ident>,<list of RLVR commands and metacommands separated by '|'>

From the relay: 

<command ident>,<commands or metacommand the relay is answering to>,<ack value>

Note that in conjunction with autoforward, the following is also possible from the relay: 

<channel number>,<forwarded viewer reply>

Example of initialization between a controller C and the relay R

In the following exchange, the controller C and the relay R negotiates a secret UUID key which will be the key of the session. The exchange is done using llRegionSayTo() to keep the key secret (k(R) is the UUID key of the wearer of the relay and k(C) the UUID key of the controller). 

1 C--RLVR--> R    secret_key,k(R),!x-key/a586c562-bf27-b7db-e36e-822d0a9ba02a
2 C<-RLVR--- R    secret_key,k(C),!x-key/a586c562-bf27-b7db-e36e-822d0a9ba02a,ok

Then C can start an email session using !x-pollemail as follows: 

1 C--RLVR--> R    blah,k(R),!x-pollemail
2 C<-RLVR--- R    blah,k(C),!x-pollemail,ok

Without secret key, the answer for !x-pollemail must be a "ko". There are no exceptions. Then the session can continue by email using the subject "ORG encapsulated RLVR protocol,006,a586c562-bf27-b7db-e36e-822d0a9ba02a". 

1 -e>     bleh,<anything>
2 <e-     bleh,<anything>,<ack>
...

Remark

  • The autoforward and sensor x-tensions are not required: a controller does not necessarily need to send @getxxx or @notify commands, or to scan for objects or avatars. The autoforward and the sensor x-tensions may be used also for a simwide control (i.e. a chat session with the controller and the relay distant of more than 100m).

Ending the email session between a controller C and the relay R

To end up an email session, the commands !x-takeover and !x-pollemail/clear may be used. 

1 C--RLVR--> R   back_to_chat,k(R),!x-takeover/a586c562-bf27-b7db-e36e-822d0a9ba02a
2 C<-RLVR--- R   back_to_chat,k(C),!x-takeover/a586c562-bf27-b7db-e36e-822d0a9ba02a,ok

Note that in the above exchange, the controller C is not necessarily the first controller; the above commands can also be interpreted as a kind of handover.

It is also possible to use !x-pollemail/clear as follows (by email or by chat): 

1 C------> R   back_to_chat,k(R),!x-pollemail/clear
2 C<------ R   back_to_chat,k(C),!x-pollemail/clear,ok

Remarks

  • The commands using the secret session key must use llRegionSayTo(): !x-key and !x-takeover
  • This behaviour of !x-takeover is already in the version 002 of the x-tension key.

Testing controller's presence

For garbage collection purposes, be it on relog, or on regular basis, R might want to check if C is still active. The ping mechanism can be used here. 

<e-    ping,ping,ping
-e>    ping,!pong

The important thing is that the relay remembers it was an email session after relog.

C can check R's presence by sending any valid message, as acknowledgement by R is required for every RLVR message from C. If the only purpose of the message is presience verification, the following scenario is recommended: 

-e>    blah,!x-pollemail
<e-    blah,!x-pollemail,ok

Handover

!x-handover/K/n should work like in chat sessions (with the semantics that the session is transfered to the object of key K, chatting on standard RLVR channel).

Handing over to another object while remaining in e-mail mode, doesn't however require any special step. The following scenario can be used: 

1 - assume C has a session with R, using key k(S)
2 - C gives k(S) to another object C' via any preferred medium
3 - now  C' can continue e-mailing with S, using key k(S) (and can use the "C has a new key" scenario)

Handing over to oneself can also be used to switch back to chat mode.

Retrieved from "https://wiki.secondlife.com/w/index.php?title=LSL_Protocol/Restrained_Love_Open_Relay_Group/email&oldid=1146875"