User:Zero Linden/Office Hours/2009 Jan 06

From Second Life Wiki
Jump to: navigation, search
  • [13:05] Zha Ewry: Uncountable Linden
  • [13:05] Zero Linden: /waits for all the people to rez in for fear of sitting on someone
  • [13:06] Infinity Linden: reminds me of the song... "Aleph Null bottles of beer on the wall.. .take one down, pass it around... Aleph Null bottles of beer on the wall.."
  • [13:06] Morgaine Dinova: Nobody on seat ahead of you Zero
  • [13:06] Gwyneth Llewelyn: hi Zero :)
  • [13:06] Zero Linden: groans
  • [13:06] Rex Cronon: hi adn a happy new year:)
  • [13:06] Zha Ewry: detects a failed loop condition and exits
  • [13:06] Gwyneth Llewelyn: lol Zha
  • [13:06] Zero Linden: there we go
  • [13:06] Gwyneth Llewelyn: hi Infinity :)
  • [13:06] Infinity Linden: i wonder if i sat on someone
  • [13:06] Rex Cronon: there is AHelpfull linden?
  • [13:06] Zero Linden: So - I understand that Teleports might be a little iffy right now, so we'll wait a bit
  • [13:06] Gwyneth Llewelyn: I thought there were 300, Rex... ;)
  • [13:06] Patnad Babii: no your ok Infiniy no one is there eheh
  • [13:07] Zero Linden: but - I'll start the new year with my normal spiel:
  • [13:07] Zero Linden: Welcome to my office hours - we are here to talk about the architecture of Second Life, present and future
  • [13:07] Goldie Dastardly: chuckles at Aleph null bottles
  • [13:07] Morgaine Dinova: I guess there's an agenda for today? Given that it's New Year, and first official ZOH for a while?
  • [13:07] Zero Linden: (I'll only talk about the past after a few beers...)
  • [13:07] Zero Linden: These office hours are public and the transcripts liberally sprinkled around the internet (or at least our public wiki)
  • [13:08] Zero Linden: So speakly freely, but speak in public
  • [13:08] Zero Linden: With that out of the way
  • [13:08] Infinity Linden: so we shouldn't mention our new LLSD language bindings for COBOL then, huh?
  • [13:08] Gwyneth Llewelyn: rofl
  • [13:08] Morgaine Dinova: Give Zero some beers ... we need to dispense with the past today, so that after today we can focus on the future :-)
  • [13:08] Catherine Pfeffer: lol
  • [13:08] Zero Linden: I thought "MD5 considered harmful today" would be a good staring place for our discussions today
  • [13:08] Rex Cronon: lets get the beer out:)
  • [13:09] Zero Linden: Did everyone read that paper from Dec. 30th?
  • [13:09] Zha Ewry: SHA1 considered momentairly tolerable?
  • [13:09] Catherine Pfeffer: i did
  • [13:09] Goldie Dastardly: Not yet.
  • [13:09] Infinity Linden: nah. Lisa Yin's work shows SHA1 has weaknesses too
  • [13:09] Infinity Linden: but not as bad as MD5
  • [13:09] Zero Linden: [1]
  • [13:09] Rex Cronon: i haven't.. is there a link to it?
  • [13:09] Gwyneth Llewelyn: is there SHA1024 yet? ;)
  • [13:09] Morgaine Dinova: Zero: s/{MD5,SHA1}/SHA256/g .... there, problem fixed, next topic :-)
  • [13:09] Infinity Linden: yup
  • [13:09] Rex Cronon: thanks:)
  • [13:09] Zero Linden: Nope, not true, Morgaine
  • [13:10] Morgaine Dinova: 1024 needed now?
  • [13:10] Zero Linden: because while it is true that we should all s/{MD5,SHA1}/SHA256/g
  • [13:10] Gwyneth Llewelyn: Who knows, Morgaine... ;)
  • [13:10] Infinity Linden: wonders if there's an OID for RSA with SHA256 for X.509
  • [13:10] Infinity Linden: SHA-256 should be good
  • [13:10] Zero Linden: the gist of the paper is that they gave them selves a golden SSL cert with it
  • [13:10] Rex Cronon: for a few years:)
  • [13:10] Morgaine Dinova: Let's go SHA65536 then, don't have time to rewrite everything tomorrow :-)
  • [13:11] Zero Linden: that allowed them to generate certs for ANY WEBSITE that will be trusted by almost all web browsers on earth
  • [13:11] Infinity Linden: i'll forward that idea to the guys at NIST
  • [13:11] Gwyneth Llewelyn: *giggles* @Morgaine
  • [13:11] Zha Ewry: The any was sort of cute
  • [13:11] Zero Linden: and so the story, while mathematically about MD5, is really about Public Key Infrastructure, SSL and the web
  • [13:11] Zha Ewry: But once you crack the MD5 stuff
  • [13:11] Zha Ewry: pretty inherent
  • [13:11] Morgaine Dinova: This isn't a serious issue anyway. What's the point of having an impenetrable lock on the door, when the window is wide open?
  • [13:11] Gwyneth Llewelyn: So, put it bluntly... you're moving ahead with SHA1 certificates on the login process.
  • [13:12] Infinity Linden: thus proving once again... "the security of a PKI is inversely proportional to the promiscuity of it's certification policy."
  • [13:12] Gwyneth Llewelyn: and I saw a 'new' SHA1 function on LSL too, if I remember the release notes correctly...
  • [13:12] Zero Linden: is that so we can all blame it on sexual liberation and the 60s?
  • [13:12] Zero Linden:  :-)
  • [13:12] Zha Ewry: Nah, just Moore's law
  • [13:12] Saijanai Kuhn: hi all still on lousy borrowed machine. Will need atranscript at end, and a few minutes worth now to catch up
  • [13:13] Zha Ewry: But, we've been seeing MD5 marked as bads news since, what.. 2004?
  • [13:13] Catherine Pfeffer: hi sai
  • [13:13] Infinity Linden: 1994
  • [13:13] Gwyneth Llewelyn: uh-huh
  • [13:13] Rex Cronon: hi
  • [13:13] Gwyneth Llewelyn: nooo not 1994!!
  • [13:13] Gwyneth Llewelyn: lol
  • [13:13] Infinity Linden: dobritin's attacks were published in 1994
  • [13:13] Gwyneth Llewelyn: really? ^^
  • [13:13] Zero Linden: Well, what it does mean is that we should gain closure on our use of SSL and, more importantly, how a domain will know who it is talking to
  • [13:13] Infinity Linden: RSA's response was publushed in early '96
  • [13:13] Infinity Linden: ypu
  • [13:13] Infinity Linden: yup
  • [13:13] Gwyneth Llewelyn: gosh, time flies when you're having fun...
  • [13:13] Zha Ewry: well, the ones that got attention were 2004
  • [13:13] Infinity Linden: we recommended SHA-1, even back when i worked for RSA in the early 90's
  • [13:14] Morgaine Dinova: Zero: just pick something reasonable, and be done with. This doesn't require more time spent on it.
  • [13:14] Saijanai Kuhn: thanks mirt
  • [13:14] Gwyneth Llewelyn: 1994 mmmh did we even have SSL certificates back then? ;) Was there HTTPS? :)
  • [13:14] Xugu Madison: If we're picking a preferred algorithm, lets make it SHA256, and accept SHA1 if we have to
  • [13:14] Zero Linden: okay - so, that just all proves inetia
  • [13:14] Zha Ewry: debates geting the domain name SHA1024.com before the rush.
  • [13:14] Gwyneth Llewelyn: smiles @ Zha :)
  • [13:14] Gwyneth Llewelyn: But, yes, like Morgaine says...
  • [13:15] Gwyneth Llewelyn: I think nobody will be making a strong point to defend MD5 here, today
  • [13:15] Zha Ewry: So, short cert chains, and lets not use MD5, huh?
  • [13:15] Infinity Linden: yup. we had SSL in 1994
  • [13:15] Gwyneth Llewelyn: That sums it up, Zha :)
  • [13:15] Zero Linden: Well, back on track, what *is* reasonable? I think that Zha has been working on an outline of how we would use certs and SSL to validate domain identity, yes?
  • [13:15] Zero Linden: Is that stuff ready for discussion Zha?
  • [13:15] Zha Ewry: /menods
  • [13:15] Zha Ewry: nods, even
  • [13:15] Zero Linden: Am I in left field?
  • [13:15] Infinity Linden: i think the big "oh hell! netscape's PRNG isn't random enough for SSL!" fiasco was '93
  • [13:16] Zha Ewry: Infinity and I have been gently bashing it up and back
  • [13:16] Morgaine Dinova: Zha: what did you say earlier you needed LL to do for you to make rapid progress?
  • [13:16] Zha Ewry: I was conspiciously silent on that topic
  • [13:16] Gwyneth Llewelyn:  :)
  • [13:16] Zero Linden: Okay - good - is there a rough outline on a wiki?
  • [13:16] Zha Ewry: There is not, but there should be
  • [13:16] Zha Ewry: which means I will get mine up
  • [13:17] Zero Linden: okay- then we should shelve this for now until that's up and then take it up, hammer it, and as Morg. and Gwyn. would say "move on!"
  • [13:17] Zha Ewry: The current point of arm wrestling being a good way of doing revocatoin/validatoin
  • [13:17] Infinity Linden: trust phase 0 is there.. but it's a 30,000 ft. level discussion
  • [13:17] Zha Ewry: nods
  • [13:17] Zha Ewry: Nutshell, tho
  • [13:17] Zha Ewry: Certs in the roots of domains
  • [13:17] Zero Linden: good enough - we'll wait until then, then
  • [13:18] Zha Ewry: Usethose roots as relagtive validators
  • [13:18] Zero Linden: SO - okay, I'm up for agenda items - since analyizing the implications of that attack consumed my brain yesterday
  • [13:18] Morgaine Dinova: Nobody's going to disagree with that. Of course, they're not going to buy into Verisign's empire either ...
  • [13:18] Gwyneth Llewelyn: Yes, that was my question...
  • [13:19] Gwyneth Llewelyn: would Ll act as CA?
  • [13:19] Gwyneth Llewelyn: *LL even
  • [13:19] Zha Ewry: RA, I suspect
  • [13:19] Gwyneth Llewelyn: or just use standard CAs?... ah ok
  • [13:19] Zha Ewry: is *so* not speaking for Linden tho
  • [13:19] Gwyneth Llewelyn:  :))))
  • [13:19] Infinity Linden: right. i think we would ack as an RA at least
  • [13:19] Zha Ewry: I'd like to structure things so that domain owners could play as RAs
  • [13:19] Zha Ewry: which is pretty managable
  • [13:19] Gwyneth Llewelyn: has nothing against Verisign personally, but I can imagine it to be an +issue+ (winks @ Morgie)
  • [13:20] Infinity Linden: recommends reading various RFCs related to PKIX for what that implies
  • [13:20] Zha Ewry: also suggests thinking hard about why Recovatoin Lists are not what we want
  • [13:20] Gwyneth Llewelyn: Quite a lot...
  • [13:20] Infinity Linden: it's an issue if we allow the certification policy to be suitably weak
  • [13:21] Infinity Linden: and we would have to kick them in the shins til they agree to publish CRLs on a reasonable schedule or implement OCSP
  • [13:21] Zha Ewry: prefers OCSP
  • [13:21] Goldie Dastardly: does too
  • [13:21] Infinity Linden: but there are some bits of verisign's infrastructure that are quite useful
  • [13:21] Morgaine Dinova: Zha: your principle concern about endpoint is avoidance of spoofing, right? And not really real-world accreditation, as I understand it (hopefully).
  • [13:21] Zha Ewry: Both
  • [13:21] Gwyneth Llewelyn:  ;)
  • [13:21] Zha Ewry: Spoofing is notfun
  • [13:22] Zha Ewry: But memebership is the same, really
  • [13:22] Zha Ewry: Once you can show you have a proof point of being A
  • [13:22] Zha Ewry: you also are spoof proof
  • [13:22] Zha Ewry: (in theory)
  • [13:22] Infinity Linden: i think how we looked at it... preventing spoofing would be required before you started thinking about certificates carrying privilege assertions
  • [13:22] Zha Ewry: right
  • [13:23] Zha Ewry: And.. you're mostly looking at "what will i permit this service to do"
  • [13:23] Zha Ewry: which is policy
  • [13:23] Zha Ewry: and we keep orthogonoal from the certs
  • [13:23] Zha Ewry: So..
  • [13:23] Zha Ewry: You layer
  • [13:23] Gwyneth Llewelyn: aha, policy ;)
  • [13:23] Zha Ewry: "I am in fact a box from BigBlue"
  • [13:23] Morgaine Dinova: Well we all want to know that it is Zha who we are talking to ... but not necessarily interested in knowing who Zha might be in another world.
  • [13:23] Zha Ewry: "I am a member of the BigBlueAssetCloud"
  • [13:23] Zha Ewry: and "This is the policy I have towards the BigBlue Asset Cloud"
  • [13:23] Zha Ewry: Ah..
  • [13:23] Zha Ewry: That's a seperate questoin
  • [13:24] Zha Ewry: Boxes bs. People
  • [13:24] Zha Ewry: Boxes. vs. People
  • [13:24] Gwyneth Llewelyn: Yes, Morgaine, you're right. There are two levels here.
  • [13:24] Zha Ewry: "I am a trusted Linden Box, acting on Behalf of Zha Ewry" for example
  • [13:24] Zha Ewry: (and note, all four become seperable"
  • [13:24] Zha Ewry: )
  • [13:25] Zero Linden: I like that in SSH you *can* use host keys to simply validate that this host named "foo" is indeed the same host you contacted named "foo" last time
  • [13:25] Zero Linden: that is one form - there is no need to refer to outside identity there
  • [13:25] Zha Ewry: I am this box, I am in this domain, I am askign to do this for user Z, and finally, "Here is a policy"
  • [13:25] Zha Ewry: For a *lot* of what we want to do
  • [13:25] Morgaine Dinova: That's where Verisign becomes an issue. I handled Verisign certifications for a large ISP, and really, that world has virtually nothing to do with ours.
  • [13:26] Zero Linden: and we should support that, but of course, my domain is likely to only accord certain privledges to a domain that you only know is "the same 'foo' I contacted last time I went to 'foo'"
  • [13:26] Infinity Linden: right.. but where ssh falls down is in revocation and transitive trust
  • [13:26] Zha Ewry: nods
  • [13:26] Zha Ewry: When you want to go beyond
  • [13:26] Teravus Ousley: I can get a geotrust cert for 120$ .. and get it in 10 minutes through an automated process
  • [13:26] Zha Ewry: "This was foo last time"
  • [13:26] Zha Ewry: you need a full cert
  • [13:26] Infinity Linden: @terevus. this is why we don't want to use them
  • [13:26] Zha Ewry: "This is foo, and foo is vouched for by CA x"
  • [13:26] Zero Linden: I'm not saying SSH is the solution to follow - just that property can be preserved ---
  • [13:27] Zero Linden: to put it in concrete terms
  • [13:27] Zha Ewry: Right
  • [13:27] Infinity Linden: if YOU can get a cert sayign you're terevus, it might mean i can get one saying the same thing
  • [13:27] Zha Ewry: Which is why we may want to use SSH down at the sim-sim level
  • [13:27] Zero Linden: I teleport to a region Foo that a friend tells me about --- I get there and see my friend
  • [13:27] Teravus Ousley: exactly
  • [13:27] Infinity Linden: (insert the word "easily" in that last sentence somewhere)
  • [13:27] Zha Ewry: But.. not at the domain to domain level
  • [13:27] Zero Linden: my AD has now an association with a region named "Foo" and a paraticular cert
  • [13:27] Infinity Linden: which is one of the reasons we're not interested in using the web certification name-space
  • [13:27] Zero Linden: Two weeks later I decide to go to "Foo" - if the cert don't match - then, well, at least my AD can now go WHOA
  • [13:27] Infinity Linden: and policy space
  • [13:28] Zha Ewry: And, OSCP, with lease times, and certs at the domain level would be nice
  • [13:28] Zha Ewry: Amortize the high cost of proving sim X is who I htink they are
  • [13:28] Zha Ewry: across many low cost SSH vouched for transactions
  • [13:29] Infinity Linden: but with SSH, you get a N x N communictions process
  • [13:29] Zha Ewry: One needs to be VERY careful there
  • [13:29] Morgaine Dinova: Well this is why ID on the basis of names is a non-starter. There will be any number of Teravus's ... that doesn't matter, what matters is that you're talking to the Teravus who has private access to a particular key. The embedded name is just incidental.
  • [13:29] Infinity Linden: you have to communicate foo's public key to every relying party
  • [13:29] Infinity Linden: manually
  • [13:29] Zha Ewry: Well, out of band
  • [13:29] Infinity Linden: there might be an option of using IBE
  • [13:29] Zha Ewry: Which is going to be manual
  • [13:29] Zha Ewry: in a lot of cases
  • [13:29] Gwyneth Llewelyn: manual??
  • [13:29] Gwyneth Llewelyn: mmmh
  • [13:29] Zero Linden: I use "Foo" just as an example
  • [13:30] Zha Ewry: You can't do it in band using the certs you depend on
  • [13:30] Infinity Linden: but it's still encumbered technology, and while i love Voltage, they really aren't helping themselves with their current technology offerings
  • [13:30] Zero Linden: We might think of names, both Avatar and Region, as a sort multi-teir'd thing:
  • [13:30] Zha Ewry: I'm not sure we do have the nxN problem
  • [13:30] Morgaine Dinova: Zha: that's back to front. Public keys are *public* ... that's the whole idea. You can distribute them freely.
  • [13:31] Zha Ewry: certs aren't exactly keys, is the pain point
  • [13:31] Zero Linden: The person you call "Zero", is named "Zero Smith" and is permenently identified as "Zero Smith (55B03C)"
  • [13:31] Infinity Linden: @Morgaine.. yes... but you want to certify those keys so you know that the key for "foo" came from the legitimate owner of "foo" and not from the CIA or Pirate Bay
  • [13:31] Zha Ewry: (What Infinity just said)
  • [13:31] Teravus Ousley: hmm.. Teravus @PirateBay
  • [13:32] Zha Ewry: Zha@Zha.org
  • [13:32] Zha Ewry: It becomes a problem
  • [13:32] Teravus Ousley: I might look twice at a user with that domain attached to their name
  • [13:32] Teravus Ousley:
  • [13:32] Morgaine Dinova: Infinity: but you don't do that by doing manual distribution of public keys. You do that by asking for the fingerprint of the key.
  • [13:32] Infinity Linden: and what do you do with the fingerprint?
  • [13:32] Infinity Linden: and how do you get the fingerprint?
  • [13:32] Gwyneth Llewelyn: If I got you right, the question is, how do you know the fingerprint comes from the right person/box?
  • [13:32] Patnad Babii: i like the way RealXtend handle it, Patnad.Babii@avatar.realxtend.com
  • [13:33] Zero Linden: actually - while I think Regions based on domain names is viable --- I personally wince at Avatar names rooted in DNS....
  • [13:33] Morgaine Dinova: You match it against the one you've had for a party since day 1 that you were talking to that party.
  • [13:33] Zero Linden: I own my own personal domain name - but most people do not
  • [13:33] Infinity Linden: are you saying you want to get the fingerprints for EACH sim out there you may some day want to work with out of band?
  • [13:33] Infinity Linden: be my guest
  • [13:33] Infinity Linden: i'm not going to do that
  • [13:33] Zha Ewry: Hey, Infinity, think of it as job securit
  • [13:33] Saijanai Kuhn: at one point we were talking about estate names being embedded there: sub-regions or whatever
  • [13:33] Infinity Linden: i think there's an issue if you ever want to communicate with a sim you've never communicated with before
  • [13:34] Morgaine Dinova: Infinity: there's no shortcut, or else you're doing security theatre. Trust is not transitive, except in dreams.
  • [13:34] Gwyneth Llewelyn: or on "trust rings" ;)
  • [13:34] Morgaine Dinova: Zha: lol @ job secirity :P
  • [13:34] Gwyneth Llewelyn: I trust you, so I sign your key, and since Z trusts me, Z will trust you too ;)
  • [13:35] Zha Ewry: chuckles
  • [13:35] Gwyneth Llewelyn: But I know, that's a mess.
  • [13:35] Zha Ewry: Short
  • [13:35] Zha Ewry: Keep the chains Short
  • [13:35] Gwyneth Llewelyn: *nods*
  • [13:35] Goldie Dastardly: Slightly tangentially identity becomes an interesting issue if the idenity is rooted in DNS. Changes in provider/corporation becomes more inconvenient than changing your email.
  • [13:35] Gwyneth Llewelyn: that means central authority again
  • [13:35] Zha Ewry: Per Domain, anyway, possibly
  • [13:35] Zha Ewry: At the end of the day
  • [13:35] Infinity Linden: Goldie... X.509 is used in a way that is independent of DNS provider
  • [13:36] Zero Linden: "I trust these hardcoded root DNS servers, so I trust the .com server they told me about, so I trust the google.com server THEY told me about, so I trust that this is the IP for www.google.com"
  • [13:36] Teravus Ousley:
  • [13:36] Infinity Linden: but yes. if your sim was "foo.before.com" and it turned into "foo.after.com"
  • [13:36] Zero Linden: So - transitive trust is in use all the time
  • [13:36] Infinity Linden: you would need a new cert
  • [13:36] Gwyneth Llewelyn: aahhh
  • [13:36] Gwyneth Llewelyn: yes, exactly
  • [13:36] Saijanai Kuhn: Taravus you keep using that word. Are you sure you know what it means?
  • [13:36] Morgaine Dinova: We're had pgp servers for over a decade, and they work fine ... the web of trust never carried any meaning though, except as a good excuse for key signing parties. Ultimately you can only trust 1 level deep, and 2 if you're not fussy. Beyond that, it's theatre.
  • [13:36] Zha Ewry: right, the FQDN is a trust point
  • [13:36] Gwyneth Llewelyn: certs don't "migrate" across domains...
  • [13:36] Zha Ewry: They can't, really
  • [13:36] Teravus Ousley: It's a smily face as well Saijanai.
  • [13:36] Zero Linden: (and we'll keep discussion of DNS spoofing and injection attacks, which are on another ISO level, out of this... thank you very much!)
  • [13:37] Gwyneth Llewelyn:  :D
  • [13:37] Infinity Linden: remembers DNSSec wistfully
  • [13:37] Zha Ewry: well, surely we will use IPV^ and DNS-sec
  • [13:37] Zha Ewry: (IPV6)
  • [13:37] Gwyneth Llewelyn: yay :D
  • [13:37] Infinity Linden: really? ossm.
  • [13:37] Zha Ewry: rolls her eyes
  • [13:37] Zha Ewry: In my dreams
  • [13:37] Zero Linden: "Inconcievable!" -- "You keep using that word. I do not think it means what you think it means."
  • [13:37] Saijanai Kuhn: recalls the thing about having a z-plane representation of trust and other sorting issues. Is this destination trustworthy?
  • [13:38] Zha Ewry: In which the AD has been deployed. And we have 500 aves per region, 250 on homesteads
  • [13:38] Saijanai Kuhn: I can't read the name from here, so I guess not
  • [13:38] Zha Ewry: has nice dreams
  • [13:38] Morgaine Dinova: So, how can we make progress on this issue, in next month?
  • [13:38] Zha Ewry: So.. yes, lets accept that if Amazon is ok with using X.509 and DNS for commerce, we are too.
  • [13:39] Gwyneth Llewelyn:  :-D
  • [13:39] Infinity Linden: write something on the wiki about specific details of how to implement trust with X.509 client certs and TLS
  • [13:39] Zha Ewry: I'll put up a strawman on th wiki
  • [13:39] Infinity Linden: and let people beat up on it
  • [13:39] Morgaine Dinova: Ty Zha
  • [13:39] Zha Ewry: You'll all beat on me
  • [13:39] Zero Linden: Thanks - that is the best way to proceed, I think
  • [13:39] Saijanai Kuhn: first thing we do is get an AD up so we can start experimenting with AD to AD issues of all sorts
  • [13:39] Zha Ewry: The discussoin here, will be a really good starting point too
  • [13:39] Morgaine Dinova: Sai++
  • [13:40] Morgaine Dinova: How do we get a AD up --- proposals?
  • [13:40] Infinity Linden: and hell... we might even sneak some code into an AD
  • [13:40] Saijanai Kuhn: feed zha lots of caffine
  • [13:40] Morgaine Dinova: lol
  • [13:40] Zha Ewry: chuckles
  • [13:41] Gwyneth Llewelyn: hands out beer
  • [13:41] Zha Ewry: OK
  • [13:41] Zha Ewry: So we have a X.509/cert story lurking
  • [13:41] Gwyneth Llewelyn: uh-huh
  • [13:41] Infinity Linden: can i have wine or a cosmo instead?
  • [13:41] Gwyneth Llewelyn: who issues them? :)
  • [13:42] Gwyneth Llewelyn: the certs, not the coffee/beer/wine... :)
  • [13:42] Zha Ewry: A non LL Agent Domain would be quite nice
  • [13:42] Infinity Linden: so... one would imagine that the certs are issued by the domain administrator
  • [13:42] Infinity Linden: modulo the whole RA<->CA thing
  • [13:42] Saijanai Kuhn: agrees with Zha completely and hands her a Triple Latte
  • [13:42] Morgaine Dinova: Ummm ... Gwyn could issue them. Or Zha. Anyone who doesn't charge and isn't Verisign :P
  • [13:42] Gwyneth Llewelyn:  ;)
  • [13:42] Zha Ewry: chuckles
  • [13:43] Zha Ewry: Well, people will have policies about who's signature needs to be on the signed Cert
  • [13:43] Gwyneth Llewelyn: I'd definitely charge, it's a pain to run a CA!!! hahahah
  • [13:43] Gwyneth Llewelyn: Aha Zha
  • [13:43] Infinity Linden: sure. but at the end of the day, we (LL) would likely want to see a cert that we issued or was issued by someone we trust
  • [13:43] Zha Ewry: nods at Infinity
  • [13:43] Infinity Linden: yup. it's fairly costly... ask certicom
  • [13:43] Teravus Ousley: yeah.. should charge for the time... probably it is a pain to run a CA.
  • [13:43] Morgaine Dinova: Well I'll run one too then, and we can charge each other zero through cross-peering :-)
  • [13:43] Gwyneth Llewelyn: so each domain would define, as per policy, what certs they'd accept? (or rather, a list of who they accept as cert signers?)
  • [13:43] Zha Ewry: Sure, but if you do it for long enough, Verisign will buy you out ;-)
  • [13:43] Zha Ewry: Oh. Did I type that out loud?
  • [13:43] Gwyneth Llewelyn: LOL
  • [13:44] Teravus Ousley: hehe
  • [13:44] Teravus Ousley: they will indeed.
  • [13:44] Infinity Linden: having seen the VeriSign and Entrust things fromthe inside...t here's no probably about it, Terevus
  • [13:44] Gwyneth Llewelyn: *cough* thawte *cough*
  • [13:44] Infinity Linden: thawte is owned by verisign
  • [13:44] Gwyneth Llewelyn: I know! that's the point ;)
  • [13:44] Gwyneth Llewelyn: be good at running a CA, and get pwnd by Verisign ;)
  • [13:44] Infinity Linden: oh oh.. yer commenting on Zha's comment
  • [13:44] Infinity Linden: there are worse fates
  • [13:44] Gwyneth Llewelyn:  :-D
  • [13:45] Zha Ewry: Simple easy to articulate business strategy on both ends
  • [13:45] Teravus Ousley: maybe a good business model.. start a CA.. gaurenteed to be bought by verisign
  • [13:45] Morgaine Dinova: Well that's fine. We make lots of CAs, get bought out, make more. I see a profit stream :-)
  • [13:45] Teravus Ousley:
  • [13:45] Zha Ewry: OK.
  • [13:45] Gwyneth Llewelyn: But ok, seriously. I do like the idea of allowing AD to set as part of the policy who they accept as cert signers
  • [13:45] Infinity Linden: looks at yahoo, google and microsoft's EPS projections over the next four years..
  • [13:45] Zha Ewry: Oh, def Gwnyeth
  • [13:45] Zero Linden: well - yes - it is indeed HARD to run CA
  • [13:45] Infinity Linden: maybe PGP.com would be a good persno to buy you out
  • [13:45] Gwyneth Llewelyn: very, very hard
  • [13:45] Zha Ewry: Hard to run a good one
  • [13:45] Zha Ewry: trivial to run a bad one
  • [13:46] Gwyneth Llewelyn: oh, bad ones, you can get them all over the net... lol
  • [13:46] Zero Linden: and yes, I too like the idea of domains administrators being active in who they choose to accept
  • [13:46] Teravus Ousley: need to hire all the private investigators..
  • [13:46] Teravus Ousley: >.>
  • [13:46] Gwyneth Llewelyn: *nods* @ Zero
  • [13:46] Zha Ewry: nods
  • [13:46] Zha Ewry: That also seperates policy form mechanism
  • [13:46] Gwyneth Llewelyn: hey, DNS, after all, works that way... you *can* change the root DNS servers if you wish ;)
  • [13:46] Zha Ewry: which is a very good thing
  • [13:46] Gwyneth Llewelyn: yes, exactly
  • [13:46] Infinity Linden: LOL. /me remembers the alternet
  • [13:46] Gwyneth Llewelyn: Alternet!!!!!
  • [13:46] Zero Linden: 'cause I'm not just appalled tht everone on the planet is now using a web browser that trusts over 100 different RAs
  • [13:46] Zha Ewry: In general, that's a realy good goal here.
  • [13:46] Gwyneth Llewelyn: Are those guys still alive?
  • [13:47] Zero Linden: with no real say in it
  • [13:47] Morgaine Dinova: Well, personally, I think all this is a non-starter --- you're not thinking about scalability, there won't be just a few thousand ADs. But I'll go along with it anyway for a laugh :-)
  • [13:47] Infinity Linden: @Morgaine... scalability can come from a PKI bridge
  • [13:47] Gwyneth Llewelyn: Ah Morgaine, I think that at the end of the day, people will *voluntarily* trust a small set of CAs.
  • [13:47] Saijanai Kuhn: or go with hypernet and security be damned
  • [13:47] Infinity Linden: and at the end of the day... do we really think it's hard to have a database with 1000 certs in it?
  • [13:47] Saijanai Kuhn: hypergrid*
  • [13:47] Gwyneth Llewelyn:  :-D
  • [13:48] Gwyneth Llewelyn: Sai :) yessssss!
  • [13:48] Gwyneth Llewelyn: hehe
  • [13:48] Infinity Linden: (well.. managing the trust of them is the hard part...)
  • [13:48] Zha Ewry: Standalone regions are the challange in my mind, or very small grids
  • [13:48] Morgaine Dinova: Gwyn: but the trouble is that trust becomes meaningless when 1 party issues thousands of units of "trust". They become empty bits of paper.
  • [13:48] Zero Linden: There can be 1000s of ADs if they want, just as their are zillions of web hosts -- but I don't trust my credit card to all of 'em
  • [13:48] Teravus Ousley: maybe we'll have less certs then my browser has by default?
  • [13:48] Gwyneth Llewelyn: Hmm.
  • [13:49] Zha Ewry: Which pushes people into larger domains which share certs, which is another issue
  • [13:49] Gwyneth Llewelyn: *hmm*
  • [13:49] Saijanai Kuhn: Saijanai@trustworthyregion.secondlife.com
  • [13:49] Infinity Linden: honestly.. the only think i care about is.. a. do you know how to manage a private key and b. did you sign the paper saying you'll give me $10,000 if you don't honor the permissions meta-data in my assets
  • [13:49] Morgaine Dinova: Zero: indeed, instead you maintain a 1:1 trust relationship with the party you're dealing with. It's not transitive.
  • [13:49] Infinity Linden: well.. okay.. maybe not the only thing
  • [13:49] Infinity Linden: but a big thing
  • [13:50] Gwyneth Llewelyn: Infinity, did you read Tessa Harrington's group's ideas?
  • [13:50] Zero Linden: it *would* have been nice if the infrastructure ensured secuely that the "foobar.com" I'm accessing today is the "foobar.com" I accessed yesterday without "foobar.com" having to be attested to by someone I already trust
  • [13:50] Infinity Linden: sounds like there's interest in a non-transitive trust thing
  • [13:50] Infinity Linden: where people issue their own certs and explicitly hand them out to peers
  • [13:50] Gwyneth Llewelyn: Well I can imagine that in the early stages most will go that way, Infinity...
  • [13:50] Zero Linden: so - we can have that - (my domain just says "huh, that's a chain of trust that has no one I recognize - I'll just remember it for next time, all while being cautious about what I do with them.")
  • [13:50] Saijanai Kuhn: goes back to the self encrypting caps thing
  • [13:51] Gwyneth Llewelyn: There is also the possibility of accepting requests but provide limited functionaliy
  • [13:51] Zha Ewry: Sure
  • [13:51] Gwyneth Llewelyn: ie. if you don't recognise the signer of the cert
  • [13:51] Zha Ewry: Make the policy based
  • [13:51] Gwyneth Llewelyn: Yes, again, policy.. I totally agree
  • [13:51] Zha Ewry: "What is my policy to none trusted" partners
  • [13:51] Gwyneth Llewelyn: *nods*
  • [13:52] Zha Ewry: For a *lot* of use cases
  • [13:52] Zha Ewry: what we'll have is a small set of trusted partners
  • [13:52] Saijanai Kuhn: "we have a fine selection of plywood Creative Commons boxes you can access"
  • [13:52] Mirt Tenk: ty, tc, my ride is here
  • [13:52] Zha Ewry: and then a willingness to do light weight htings with less trusted partners
  • [13:52] Morgaine Dinova: I think that temporary and non-transitive trust will be the only thing that survives this exercise, and the period of REAL trust will not extend beyond transactions. Everything else is window dressing, and not even tackling an actual problem.
  • [13:52] Gwyneth Llewelyn: Sai: yes :)
  • [13:52] Saijanai Kuhn: later mirt
  • [13:52] Zha Ewry: I dunno
  • [13:52] Gwyneth Llewelyn: Zha, yes, like — your avatar gets a cloudie and no inventory
  • [13:52] Gwyneth Llewelyn:  :D
  • [13:52] Zha Ewry: Well
  • [13:52] Zha Ewry: Hopefully
  • [13:53] Goldie Dastardly: the modesty cloudie
  • [13:53] Patnad Babii: maybe at some point we could have, lets say texture using creative commons, in LL server and allow access to them through another grid
  • [13:53] Zha Ewry: it gets access to the "spare shapre and clothes" I keep in the CC cloud
  • [13:53] Gwyneth Llewelyn: Yes, something like that :)
  • [13:53] Zero Linden: SO - in the last few minutes here
  • [13:53] Zero Linden: I'd like to go a little meta
  • [13:53] Infinity Linden: looks around for Meta Linden
  • [13:53] Zha Ewry: takes a deep breath and prepares to go meta
  • [13:54] Goldie Dastardly:  :)
  • [13:54] Zha Ewry: "Captain, they've gone plaid"
  • [13:54] Morgaine Dinova: Patnad: there's every reason to expect that VWs will become like the web ... 99.9% unencumbered assets, and therefore this whole trust thing, largely a waste of time. :-)
  • [13:54] Saijanai Kuhn: admires the random textures avatar postures have
  • [13:54] Infinity Linden: wonders if Bank of America considers the whole trust thing a waste of time
  • [13:54] Saijanai Kuhn: avatar impostors*
  • [13:54] Zero Linden: We have a lots ranging discussions here -
  • [13:55] Zha Ewry: wonders what to make of the several million terabytes of secured data accesible via the web in various ways
  • [13:55] Goldie Dastardly: Wonders if people feel their websites have identity and personality and identify with them.
  • [13:55] Zero Linden: But I feel that we'd often be better served by discussing concrete proposals
  • [13:55] Saijanai Kuhn: no one cares if bankofamerica.com gets hacked...
  • [13:55] Morgaine Dinova: Infinity: don't mix their internal banking network with the Internet. On the net, trust is applied in very short bursts only, during transactions.
  • [13:56] Zha Ewry: notes a parallel to the discussoin at AWGroupies this morning
  • [13:56] Teravus Ousley: "can I have that website in dark <insert obscure color here>"
  • [13:56] Morgaine Dinova: Far less than 0.1% of the time.
  • [13:56] Zero Linden: I'm wondering if I should put together a more formal process where by people (or small groups) put together a clear written stake in the ground
  • [13:56] Zero Linden: before we take them up in detail
  • [13:56] Infinity Linden: well... it's about 100% of the time i go to bankofamerica.com
  • [13:56] Gwyneth Llewelyn: Aha. Well, it certainly would be more productive that way, Zero.
  • [13:56] Zha Ewry: Much
  • [13:56] BlueWall Slade: AWG-VAG?
  • [13:57] Gwyneth Llewelyn: didn't even know what the agenda was for today... lol
  • [13:57] Saijanai Kuhn: notes we also need ground and stakes
  • [13:57] Infinity Linden: with their (relatively) stupid site key approach, i now have to worry if their images are from a trusted source. sheesh.
  • [13:57] Morgaine Dinova: Infinity: unless you work in that bank, you're not going in there very often.
  • [13:57] Zero Linden: well - on the other hand, I remember that last year we had some very good and improtant free wheeling discussions
  • [13:57] Gwyneth Llewelyn:
  • [13:57] Goldie Dastardly: feels relieved she isn't a vampire.
  • [13:57] Gwyneth Llewelyn: choices, choices...
  • [13:57] Zero Linden: sometimes we need to bat the design space around with no major position first
  • [13:57] Zero Linden: but then, at some point it needs to have the wave function collapse onto a particular set of measurements
  • [13:57] Infinity Linden: @morgaine.. i have some friends at S-ONE who would take umbrage with the concept that they're not allowed to use the web
  • [13:57] Teravus Ousley: Zero++
  • [13:57] Saijanai Kuhn: admires all the quantum avatars
  • [13:58] Zha Ewry: So we can push on the solid proposal
  • [13:58] Zha Ewry: and say 'Yes, this works" or "no this doesn't"
  • [13:58] Zha Ewry: with something concrete to look at
  • [13:58] Gwyneth Llewelyn: *nods*
  • [13:58] Morgaine Dinova: Infi: give them a bear :P
  • [13:58] Saijanai Kuhn: goes back to multiple ADs to play with
  • [13:58] Zero Linden: right -
  • [13:58] Saijanai Kuhn: IMHO
  • [13:59] Zero Linden: I know that Java, Python and Perl all have proposal processes
  • [13:59] Zero Linden: I'll look into them and report back
  • [13:59] Zero Linden: pehaps with a proposal (META!)
  • [13:59] Zha Ewry: We're also trying to have an agenda, for the first half of every other AWGroupies meeting
  • [13:59] Zha Ewry: With a similar goal
  • [13:59] Infinity Linden: and maybe even a community proposal framework generator where you can plug in the name of your community and your progamming language and ...
  • [13:59] Zha Ewry: prepped materal
  • [14:00] Gwyneth Llewelyn: sounds good!
  • [14:00] Zero Linden: okay - with that - thank you for coming all
  • [14:00] Zero Linden: until next week!
  • [14:00] BlueWall Slade: thanks!
  • [14:00] Infinity Linden: cheers, all!
  • [14:00] Morgaine Dinova: There's no shortage of proposals, not sure we need a generator for them. :-)))) What's needed is coding.
  • [14:00] Goldie Dastardly: Thanks
  • [14:00] Rex Cronon: bye everybody
  • [14:00] Gwyneth Llewelyn: haha Morgaine that too :)
  • [14:01] Zha Ewry: Only poeple who write code get to complain about lack of coding ;-)
  • [14:01] Aimee Trescothick: code a random proposal generator?
  • [14:01] Gwyneth Llewelyn:  :)
  • [14:01] Gwyneth Llewelyn: lol
  • [14:01] Goldie Dastardly: lol
  • [14:01] Aimee Trescothick: then you'll be free to code
  • [14:01] Gwyneth Llewelyn: do proposals in JIRA ;)
  • [14:01] Zha Ewry: Okies, I need to be at my 2:00 meetingg
  • [14:01] Gwyneth Llewelyn: bye Zha!
  • [14:01] Zha Ewry: By all
  • [14:01] Goldie Dastardly: Bye
  • [14:01] Teravus Ousley: take care
  • [14:02] Patnad Babii: on this im going home, you guys have a great afternoon :)
  • [14:02] Morgaine Dinova: Well it's moot, given that SL isn't open source. :-) The clients we're coding already.
  • [14:02] BlueWall Slade: g'bye
  • [14:02] Saijanai Kuhn: can select multiple lines in chat with this client. SOmebody send me a full transcript notecard, OK?
  • [14:02] Aimee Trescothick: waves
  • [14:02] Saijanai Kuhn: canNOT* select