AW Groupies/Chat Logs/AWGroupies-2008-07-01
< AW Groupies
Jump to navigation
Jump to search
Revision as of 13:02, 8 July 2008 by Saijanai Kuhn (talk | contribs)
- [9:23] Bartholomew Kleiber: Hi!
- [9:23] Sheet Spotter: G'day eh!
- [9:24] Sheet Spotter: Good morning!
- [9:24] Harleen Gretzky: Hi all
- [9:24] Harleen Gretzky: Hi Sheet
- [9:24] Sheet Spotter: Nice do! :-)
- [9:24] Harleen Gretzky: ty
- [9:25] Harleen Gretzky: complete with faries :D
- [9:30] Whump Linden: Hello
- [9:30] Elric Ember: hiya Whump
- [9:30] Bartholomew Kleiber: Hi
- [9:30] Dahlia Trimble: nice avie Whump :)
- [9:30] Whump Linden: thanks
- [9:31] Saijanai Kuhn: hey there.
- [9:31] Whump Linden: I need to put a link to the creator's store in my profile, I've been getting lots of great feedback on it.
- [9:31] Whump Linden: Hey, Periapse
- [9:31] Dahlia Trimble: inspect usually works too
- [9:31] Whump Linden: Dahlia, yes, that too!
- [9:31] Periapse Linden: hiya, whump. Hi, everybody
- [9:32] Dahlia Trimble: hi :)
- [9:32] Bartholomew Kleiber: hi
- [9:32] Elric Ember: welcome
- [9:32] Saijanai Kuhn: topics for the day: domain membership and trust quothe Zha
- [9:34] Zha Ewry: Ooh. Suspect, usual
- [9:34] Tao Takashi: Hi there
- [9:34] Saijanai Kuhn: and tao can mention pyogp progress at some point
- [9:34] Zha Ewry: Hey all, sorry I'm running a couple late, physical atoms are *so* annoying
- [9:34] Tao Takashi: there is progress ;-)
- [9:34] Tao Takashi: mentioned :)
- [9:35] Zha Ewry: I have a couple of related topics.. and.. anyone else got stuff to put on the agenda?
- [9:35] Tao Takashi: this client just asked me if I have heard about the inSL program... soon it's survey after survey before logging in ;-)
- [9:35] Tao Takashi: thanks for the TP, Barth :)
- [9:36] Bartholomew Kleiber: np
- [9:36] Bartholomew Kleiber: mayb we can do a sprint after europython?
- [9:36] Tao Takashi: best would be _at_ as then I have time ;-)
- [9:36] Sheet Spotter: feels sorry for Harleen's been bag chair. So many stilleto marks. :-(
- [9:37] Tao Takashi: but we can also check what's possible afterwards
- [9:37] Bartholomew Kleiber: lol, nice one - unfortunately I can't
- [9:37] Bartholomew Kleiber: ok, thx
- [9:37] Zha Ewry: I want o chew a little on what we might mean by "regoin domain" and tie it to trust management, some of the ban list discussion at Which's office hours last week, and then onto the question of how we establish trust for things like rez_avatar
- [9:38] Tao Takashi: there was not much sympathy for a general ban list idea when I asked this question on seesmic ;-)
- [9:38] Zha Ewry: All of which, falls into the bigger rubric of "how do we manage relationships between chunks of "grid" "
- [9:38] Rex Cronon: hello everybody
- [9:38] Bartholomew Kleiber: Hi, Rex
- [9:38] Elric Ember: Welcome Rex
- [9:38] Rex Cronon: hiiii
- [9:38] Tao Takashi: Hi Rex
- [9:39] Zha Ewry: Ban list is mildly toxic, but.. . the reality is a significant set of the players are likely to want to have a scheme for exchanging them
- [9:39] Dahlia Trimble: hi Rex :)
- [9:39] Zha Ewry: Opt in, and all that, but.. its a pretty real use case for a distributed set of world portions
- [9:39] Lazarus Longstaff: greets all :)
- [9:39] Dahlia Trimble: Hi Laz :)
- [9:39] Zha Ewry: Hey all arrivers
- [9:39] Dahlia Trimble: Hi Zha :)
- [9:40] Rex Cronon: hey. should we exchange business cards too:)
- [9:40] Zha Ewry: So.. let me toss out a couple of thoughts about managing trust/groupings...
- [9:40] Lazarus Longstaff: /hopes for the rez
- [9:40] Zha Ewry: One of the minor side effetcs of playing in code and making things work has been to make me think hard about how we're going to manage the
- [9:40] Zha Ewry: trust establishment
- [9:41] Zha Ewry: So.. as a use case, suppose I have a colletcion of regions I'm managing
- [9:41] Zha Ewry: and.. I want to be able to add/delete from it at will, without any sort of external dependencies (I htink this is a plausible desire)
- [9:41] Zha Ewry: At the same time.. I want my trusted peers to be able to know that
- [9:42] Zha Ewry: "sim76.ZhasHosting.obscure.org" is one of my sims, when a rez avatar reuqets comes in
- [9:43] Dahlia Trimble: route it to a hub if the region doesnt exist?
- [9:43] MarillaAnne Slade: accepted your inventory offer.
- [9:43] Rex Cronon: what exactly u want to add/delete?
- [9:43] Zha Ewry: Roughly, I think.. where we head, is one step nice than that
- [9:43] Aki Shichiroji: accepted your inventory offer.
- [9:43] Zha Ewry: I want to add regions at will
- [9:43] Zha Ewry: so, I add a rack of boxes, and spin up 1,000 new regions
- [9:44] Zha Ewry: I am *not* going to register htose 1,000 new regiosn to all my parteners, nort do they want to hear about every box I add/delete
- [9:44] Tao Takashi: I thought that's what the region domain is for
- [9:44] Zha Ewry: Exactly tao
- [9:44] Sheet Spotter: I would prefer to see a selection of optional destinations, rather than be defaulted to some unknown region.
- [9:44] Zha Ewry: So.. the quesoin becomes, how do we tie regoin domain, into the whole story
- [9:45] Dream Land: accepted your inventory offer.
- [9:45] Zha Ewry: The routing, is seperable from the trust, I think, tho possibly related
- [9:45] Zha Ewry: So.. if we want to make "region domain" have some meat
- [9:45] Zha Ewry: I think it has to become a named thing in the story
- [9:45] Zha Ewry: and.. I'd argue that the region domain, is hwere we establish trust for the ims
- [9:45] Rex Cronon: i think it should be similar to adding pages to a site
- [9:46] Tao Takashi: I basically see this as a bunch of services which manage the list of regions in that domain, a map of them and probably some trust related services
- [9:46] Zha Ewry: Not quite a ssimple as that Rex, because, they don't share an IP address
- [9:46] Dream Land: accepted your inventory offer.
- [9:46] Zha Ewry: Exactly Tao
- [9:46] Zha Ewry: You want some way of saying
- [9:46] Zha Ewry: "Hey, I'm part of zha's domain"
- [9:46] Zha Ewry: and you want ways of proving the trust
- [9:46] Tao Takashi: and it probably manages access then, this is probably part of the trust/access module
- [9:46] Zha Ewry: And...
- [9:46] Tex Rhode: accepted your inventory offer.
- [9:46] Rex Cronon: they share a key?
- [9:47] Zha Ewry: YOU don't want to broadcast the internal state of your regions everytime you change it
- [9:47] Bartholomew Kleiber: yes Rex, like PGP
- [9:47] Tao Takashi: so the main question might be where this fits into the TP strawman
- [9:47] Zha Ewry: That's aprt of it yes
- [9:47] Sheet Spotter: Given the address of a destination sim (or perhaps some magicaly key/token from it), I should be able to query the region domain to comfirm it's trusted.
- [9:47] Tao Takashi: as it only contains sims right now
- [9:48] Zha Ewry: nods at sheet
- [9:48] Zha Ewry: And.. note..
- [9:48] Lazarus Longstaff: so the region domain 'proxies' trust for the regions
- [9:48] Zha Ewry: I think so Lazarus
- [9:48] Lazarus Longstaff: speaks on their behalf
- [9:48] Saijanai Kuhn: wouldn't you need to check with the Agent Domain for that?
- [9:48] Tao Takashi: maybe it should ask the region domain "request_rez_avatar" and this contains a name of a region
- [9:48] Zha Ewry: No saij.
- [9:48] Tao Takashi: and gets back some rez avatar cap which might point at the region
- [9:48] Zha Ewry: Agent domain is about aves and agents
- [9:48] Saijanai Kuhn: the region domain could claim its trusted all day long
- [9:49] Zha Ewry: You don't want to conflate managing aves with managing regions
- [9:49] Tao Takashi: we should write down the possible use cases where trust is potentially needed
- [9:49] Aki Shichiroji: waves hello to SL folks at AWGroupy talk.
- [9:49] Tao Takashi: Hi Aki
- [9:49] Zha Ewry: Seperation of concerns
- [9:49] Rex Cronon: hi aki
- [9:49] Saijanai Kuhn: OK, but who guards the guardians as far as trust gos?
- [9:49] Zha Ewry: Well..
- [9:49] Zha Ewry: So...
- [9:49] Dahlia Trimble: Hi Ahi :)
- [9:49] Aki Shichiroji: haha... that was meant for twitter. and hi all :)
- [9:49] Zha Ewry: You need a root of trust
- [9:49] Saijanai Kuhn: you can't trust a given region to truthfully claim its trusted
- [9:50] Lillie Yifu: More specifically we need to unconflate managing sims with managing avs
- [9:50] Zha Ewry: No. You need a well konwn set of trusted servers who can voich for them
- [9:50] Zha Ewry: Exactly Lillie
- [9:50] Rex Cronon: if u r the one that adds it, is only logical u can trust it
- [9:50] Tao Takashi: what does trust mean anyway? Is it that you cannot receive certain caps?
- [9:50] Tao Takashi: like you might be able to tp there but not to rez anything there
- [9:50] Saijanai Kuhn: inventory management,m L$ management, script management...
- [9:50] Zha Ewry: So.. lets push off on what we do with the trrust once we've established it
- [9:50] Zha Ewry: And just look at trust for a moment
- [9:51] Zha Ewry: (Once you have trust, you can layer on permissions prety eaily)
- [9:51] Zha Ewry: So.. I need trusted roots
- [9:51] Sheet Spotter: Saijanai might be suggesting the Agent Domain blesses a set of Region Domains. A Region Domain blesses a set of Regions.
- [9:51] Zha Ewry: As a sim, I'm going to get a cal like "rez_avatar" from a sim "9.2.18.27"
- [9:52] Saijanai Kuhn: where do you find that trusted server? You'd have to trust your agent domain to do the initial introduction, I would think
- [9:52] Zha Ewry: The root, Saij, has to be deeper than that
- [9:52] Zha Ewry: I think the root, is a cert
- [9:52] Zha Ewry: delivered out of band when you set up the relationship
- [9:52] Rex Cronon: ok, so now we have/neeed a trust server(s)
- [9:52] Saijanai Kuhn: ah, OK so not even a login issue per se
- [9:53] Lazarus Longstaff: is there any way we could potentially have peer region domains vouch for the trustworthiness of a joining region/region domain as a result of a request for trust?
- [9:53] Zha Ewry: I don't see how we can avoid them, idf we want to be able to say "This sim, is part of the trusted cloud"
- [9:53] Zha Ewry: And.. i think it becomes memberhsip
- [9:53] Zha Ewry: The root is the domain
- [9:53] Zha Ewry: and the sim in it
- [9:53] Tao Takashi: of a trusted cloud for whom though?
- [9:53] Lillie Yifu: hmmm
- [9:53] Zha Ewry: get a path to prove they belong
- [9:53] Zha Ewry: So..
- [9:53] Zha Ewry: trusted by who indeed
- [9:54] Lazarus Longstaff: the whole notion of trust is wrapped around the concept that *everyone* is intially untrusted
- [9:54] Lillie Yifu: we don't need trust servers, this can be doen peer ro peer, but any region domains will want trust serers. Just like we don't use secure http for everything, or ask for certificates for everything.
- [9:54] Tao Takashi: so if we start with the LL grid as a big AD and RD then they might setup trust relationships with other RDs
- [9:54] Zha Ewry: At the protocol level, I'm happy to define the path for sealing trust between aprtners
- [9:54] Zha Ewry: and. then we need to make sure you can create a "provable" trust relationship
- [9:54] Zha Ewry: In practice, I expect this will anchor in people actually doint certs out of band
- [9:54] Zha Ewry: So, you sign your cntract with "Zha's trust authority" and
- [9:55] Goldie Katsu: The challenge is defining the parameters for trust.
- [9:55] Zha Ewry: I issue you a cert for signing your region
- [9:55] Sheet Spotter: A weak analogy...I can choose which SL groups to join. Should the decision on which Region Domains to join/trust also be a personal choice?
- [9:55] Goldie Katsu: As in what does that signature mean?
- [9:55] Lazarus Longstaff: so really trust comes down to an out-of-band contractual arrangement
- [9:55] Zha Ewry: In the end?
- [9:55] Zha Ewry: I think so
- [9:55] Rex Cronon: don't u mean grid, zha?
- [9:55] Goldie Katsu: yes
- [9:55] Zha Ewry: I'm ducking grid very concisouly
- [9:55] Lazarus Longstaff: which is vouched for by some mechanism eg cert
- [9:55] Lillie Yifu: Hmmmm
- [9:55] Tao Takashi: we should only talk about agent domains and region domain IMHO, not grids, not regions
- [9:55] Saijanai Kuhn: Sheet, trust is about contractual relationships between regions/grids, not avatars
- [9:55] Zha Ewry: Grid is a horribly loose phrase
- [9:55] Lazarus Longstaff: yes
- [9:56] Zha Ewry: So.. Siaj I think is right
- [9:56] Lazarus Longstaff: a logical collection not necesarily a physical one
- [9:56] Zha Ewry: The turst is about how the components trust each other, and what permissinos/rules they share
- [9:56] Zha Ewry: Aves, will have to make deicions about which trust regions they care to enter
- [9:56] Goldie Katsu: The regions and domains are the components that can be vetted.
- [9:56] Zha Ewry: (well, the humans behind the aves)
- [9:57] Zha Ewry: Goldie" right.
- [9:57] Goldie Katsu: can be held accountable for their actions, and thus deemed trustworthy or not.
- [9:57] Zha Ewry: And. that requires, either
- [9:57] Zha Ewry: a very lose agreement (ie, the trust cl9oud of untrusted sim)
- [9:57] Zha Ewry: or.. some tie to RL contracts
- [9:57] Zha Ewry: I'm imaging that we'll see this shape up as
- [9:57] Lazarus Longstaff: ideally some combination of both
- [9:58] Zha Ewry: "Here's the TOS to enter my trust cloud"
- [9:58] Goldie Katsu: You could use various trust systems - but you need a clear way to know you are talking to region/domain x and not someone else posing as region/domain x
- [9:58] Saijanai Kuhn: cloud is right, because of the overlapping trust possibilities
- [9:58] Sheet Spotter: Then it's both a corporate and a personal decision who to trust? I don't need to trust a Region, even if they signed a trust agreement with a company I do trust?
- [9:58] Tao Takashi: so basically what an RD needs is some way to have a list of trusted ADs. there might be several lists for several sets of permissions maybe and "public"
- [9:58] Zha Ewry: and you sign off on that, and if need be, payt for the access.. and then you get a public certi for signing as that trusted party
- [9:58] Goldie Katsu: Dynamic trust systems might be better than the hierarchy of certs used on web sites.
- [9:58] Tao Takashi: and I guess we also need it the other way round
- [9:58] Zha Ewry: yeah, two way
- [9:59] Zha Ewry: So.. for added fun
- [9:59] Saijanai Kuhn: Sheet, trust is for where you can rez things made in another region domain. Where you can spend Lindens as opposed to x-dins
- [9:59] Goldie Katsu: I think there are two pieces here.
- [9:59] Latha Serevi: Trust is really not binary. Seems misleading to think of trust as a single thing. L$ most stringent, "guest login as Ruth" almost unrestricted, "rez object" and "transfer inventory" in between. Does anyone have a decent list of these?
- [9:59] Zha Ewry: I think that the graph of trust is going to be overlapping
- [9:59] Goldie Katsu: I think we have one piece which is verifiable identity of region domain
- [9:59] Zha Ewry: The anchor is proving membership, and trust
- [9:59] Zha Ewry: (Exactly goldie)
- [10:00] Goldie Katsu: Then based on that you can build various trust mechanisms
- [10:00] Goldie Katsu: And I believe there will be many.
- [10:00] Zha Ewry: And finaly on top of that
- [10:00] Zha Ewry: you build permissions
- [10:00] Zha Ewry: So..
- [10:00] Zha Ewry: Prove membership
- [10:00] Tao Takashi: yes, you need a list of trusted domains and of course need a way to identify them in a secure way
- [10:00] Zha Ewry: build trust relationship
- [10:00] Zha Ewry: and then permisinos anchored on that
- [10:00] Goldie Katsu: Tao I think that is backwards.
- [10:00] Saijanai Kuhn: which is why I assume that you need to go with the AD for trust. you can't trust the region to claim trust, you need the AD to verify it
- [10:00] Zha Ewry: Not the AD Saij
- [10:00] Saijanai Kuhn: one assumes the Agent Domain is trusted automatically
- [10:00] Goldie Katsu: You need to identify the domains in a securre way - and then you can have many trust mechanisms.
- [10:00] Latha Serevi: No, Zha. You don't decide what sims you trust completely, _then_ negotiate permissions. That's boken.
- [10:01] Rex Cronon: next, we need domains(aka regios) to pass certifications?
- [10:01] Goldie Katsu: You can have contractual trust systems - liek a certificate trea
- [10:01] Zha Ewry: No latha that's not what i said
- [10:01] Tao Takashi: isn't this the same? :)
- [10:01] Goldie Katsu: *tree
- [10:01] Zha Ewry: What I said, is you have to anchor in provable
- [10:01] Zha Ewry: then up move up the stack
- [10:01] Goldie Katsu: but you can also have trust based on reputation systems which might be different than a cert tree.
- [10:01] Zha Ewry: "I have a way to prove that Sim X is in trust domain"
- [10:02] Goldie Katsu: This site is rated +5 I only go to sites rated +6 or better
- [10:02] Zha Ewry: Even that, tho, Goldie, needs a way to prove that the +5 is trustable
- [10:02] Tao Takashi: even goes to sites rated -10
- [10:02] Zha Ewry: chuckes at Tao
- [10:02] Goldie Katsu: or I only allow money exchanges from my domain to another with +5
- [10:02] Zha Ewry: Thus the layering
- [10:02] Dahlia Trimble: sounds like some kind of matrix may be necessary
- [10:03] Lazarus Longstaff: rates this dialogue +5
- [10:03] Zha Ewry: At the end of the day, tho
- [10:03] Goldie Katsu: yes, there needs to be a way to protect the reputation system - it just may be different than the I have a contract with x mechanism.
- [10:03] Lazarus Longstaff: the cert system could be used to validate the root of the trust mechanism
- [10:03] Zha Ewry: its going to lead to a way of my sim, at the moment, asking "is this a trusted counterpart" and ways of maaging that
- [10:03] Lazarus Longstaff: reputation could be built over that dynamically
- [10:04] Lazarus Longstaff: that avoids the chicken and egg problem.
- [10:04] Zha Ewry: nods at the last couple
- [10:04] Tao Takashi: I wonder if there can be any reliable reputation system anyway
- [10:04] Zha Ewry: Ah..
- [10:04] Tao Takashi: but that's another discussion
- [10:04] Goldie Katsu: I see the 3 layer model you are talking about.
- [10:04] Zha Ewry: Tao, that falls into the category, of lets enable it, and find out
- [10:04] Lillie Yifu: No there can't be. ALl trust systems sooner or later accept some kind of failure, or have some kind of backer as last resort.
- [10:05] Lillie Yifu: In either case failure tolerance is built in.
- [10:05] Zha Ewry: nods, and revocation, and such is important when you build these
- [10:05] Lazarus Longstaff: I think there def needs to be a distinction in quality of trust between certified vs. reputation
- [10:05] Goldie Katsu: 1) Identity trust 2) way that sim says it trusts 3) API ish piece that lets you plug in various trust mechanisms that will speak to standard specified in 2 that allows whitelist, reputation system, cert system or whatever mechanism to define their trust rules.
- [10:05] Tao Takashi: I still think everything can be gamed so I doubt that you should trust reputation systems
- [10:05] Tao Takashi: at least not blindly
- [10:05] Zha Ewry: looks at Goldie's list
- [10:05] Goldie Katsu: and possibly 4) a way that a user can set what they want (trust +5 to enter) that will allow them to make themselves safe.
- [10:05] Lazarus Longstaff: +1 goldie
- [10:06] Zha Ewry: That looks about right to me, including 4
- [10:06] Zha Ewry: of course, at the code level this turns into
- [10:06] Goldie Katsu: You can go to the shady part of town, but it is always nice to know when you are enterign alphabet soup.
- [10:06] Zha Ewry: m_trust_service.validate(endpoint,cap)
- [10:06] Tao Takashi: it's also nice if you are rated -10 because of some social engineering and it's hard to get out of it again ;-)
- [10:07] Goldie Katsu: That is the problem with things like Real time Blackhole.
- [10:07] Lazarus Longstaff: Tao: we dont let avs rate region domains - that's badness for sure
- [10:07] Tao Takashi: so who is going to rate it then?
- [10:07] Lazarus Longstaff: only other already trusted regions provide ratings
- [10:07] Tao Takashi: god?
- [10:07] Goldie Katsu: Hackprotection of rating systems is an important part.
- [10:07] Zha Ewry: Well, lazarus, we design the protocols, if people desicde to deploy schemes lke that, I think that's not ours to fix, they'll discover why it's a bad idea soon enough
- [10:07] Lazarus Longstaff: Tao: human RD operators
- [10:08] Goldie Katsu: You can do a multi-layer mechanism for trust systems.
- [10:08] Tao Takashi: I still don't think any rating system is a good idea.
- [10:08] Zha Ewry: I agree Tao
- [10:08] Zha Ewry: but.. if we layer and structyure this right...
- [10:08] Goldie Katsu: mumbles something about her dissertation
- [10:08] Zha Ewry: What will happen is that people will be able to build that if they want
- [10:08] Lazarus Longstaff: lol Goldie
- [10:08] Tao Takashi: ... we make things more complex than it needs to be for something which maybe does not work ;-)
- [10:08] Goldie Katsu: I think the use of rating systems or something else should be left to a higher level implementation
- [10:08] Lillie Yifu: Because we know that people will reinvent the digial flat tire anyway.
- [10:08] Zha Ewry: Layered
- [10:09] Lazarus Longstaff: chuckles
- [10:09] Goldie Katsu: Just allowing the possibility that if someone wants it they can add it and not break the standard.
- [10:09] Zha Ewry: Exactly Goldie
- [10:09] Tao Takashi: people can still build this on top, I would not include it in the spec but let it maybe put into some extension
- [10:09] Lazarus Longstaff: +1 for configurabnle options
- [10:09] Latha Serevi: When you hear the phrase "a trusted region" don't alarm bells go off for you? They do for me. Not a binary thing, so that phrase is misleading or meaningless to me.
- [10:09] Zha Ewry: the bototm laters suport a bunch of possible ways of doing it
- [10:09] Tao Takashi: Latha: the same is: what does +4 actually mean?
- [10:09] Saijanai Kuhn: well "trusted" for certain thigns in certain ways
- [10:09] Rex Cronon: i think that ratings done by users can be helpfull as they show what they think about your system
- [10:09] Zha Ewry: Well, it depends how your define "trusted"
- [10:10] Tao Takashi: the bottom line is: Don't trust anything even if it says so
- [10:10] BlueWall Slade: suspects that trust will buil down to operating agreements among grid owners
- [10:10] Goldie Katsu: is all for configurable options having written a program that handled pulling info out of a database that seemed to change its structure weekly
- [10:10] Lazarus Longstaff: Rex: feedback is good - but we're essentially taling about something entirely different here
- [10:10] Latha Serevi: And I'm suggesting that if you're not saying what kind of trust, you're not actually saykng anything non-obfuscatory
- [10:10] Lazarus Longstaff: *talking
- [10:10] Zha Ewry: For example, as a use case.
- [10:10] Sheet Spotter: Trust is binary, but it can be applied to multiple dimensions: rez, script, etc.
- [10:11] Latha Serevi: sheet: no, no, no
- [10:11] Goldie Katsu: Trust is an overloaded word. Nothing is 100% trusted, but two systems may have agreed that they can exchange info.
- [10:11] Zha Ewry: I might define a regoin as set of sims, all sharing the same trust attribues
- [10:11] Rex Cronon: i have to disagree, is not etirely different
- [10:11] Goldie Katsu: whether this is good enough for the avs.
- [10:11] Latha Serevi: Does anybody have a list of "kinds of trust" they can share? Or did we want to just focus on mechanisms for (1) certificate authority and (2) saying what permissions a region will propagate?
- [10:11] Zha Ewry: So, it's perfectly reaosnable to say "This set of sims all follow this trus pattern"
- [10:11] Tao Takashi: trust is maybe the wrong word here anyway. I think what you need is simply a list of domains which might might be allowed to do certain things like rez something
- [10:11] Zha Ewry: Well..
- [10:11] Lillie Yifu: hmmmmm the division is trusted identity, and trusted capacity.
- [10:12] Zha Ewry: Trust is a term of the art, for certs and such
- [10:12] Lazarus Longstaff: it is in the sense that, what's being trusted is not that the region is safe to sortie in with your av, but that a region is trusted to communicate and negotiate permission to participate in the region domain
- [10:12] Zha Ewry: Not.. for behaior
- [10:12] Lillie Yifu: withiht trusting identity, tnothing goes any farther.
- [10:12] Lillie Yifu: capacity can require greater and greater degrees of trust
- [10:12] Lillie Yifu: in identity
- [10:12] Latha Serevi: Zha, that "term of art" is confusing almost everyone where.
- [10:12] Latha Serevi: here
- [10:12] Sheet Spotter: Certs have specific purposes. They are not a statement of complete and utter trust on all fronts.
- [10:13] Zha Ewry: no
- [10:13] Zha Ewry: All a cert does is let you prove some very specific things
- [10:13] Zha Ewry: I can sign this message, proving I am X
- [10:13] Zha Ewry: Bottom layer of the trust tree
- [10:13] Tao Takashi: so the only thing you can trust then is that the domain is who it claims to be
- [10:13] Zha Ewry: Then.. you climb the layers from there
- [10:13] Latha Serevi: I want a list of kinds of trust relevant to open grids. Someone PLEEASE post one or I will feebly attempt.
- [10:13] Lazarus Longstaff: please do Latha
- [10:14] Latha Serevi: ack!
- [10:14] Tao Takashi: the problem is, if we in general talk about trust this might be misleading to many as it's such a strong word
- [10:14] Lazarus Longstaff: I suspect it wont be as feeble as you suggest
- [10:14] Saijanai Kuhn: may issues. textures/prims sharing. Script sharing. money sharing...
- [10:14] Zha Ewry: "I can prove that sim45. zhasdomain.org" is a meber of "Zhasdomain"
- [10:14] Lillie Yifu: hmm start with pinging. "I trust you to even knock on the door."
- [10:14] Zha Ewry: Then.. you can decide what your policy is towars "zha's domain"
- [10:14] Lillie Yifu: and go up from there.
- [10:14] Lazarus Longstaff: indeed Tao, it's already bitten us a couple times today
- [10:15] Zha Ewry: So.. that's a really good point
- [10:15] Zha Ewry: As we write this, which is common in secuirty dsicussions
- [10:15] Zha Ewry: we need to be very careful not to use words which people will make assumptions about
- [10:15] Sheet Spotter: The cert needs to be specific about what levels of trust exist. In Zha's example the cert only validates the trust that Region X is part of a specific RD.
- [10:15] Zha Ewry: (which leads to such horribel phrases as "signed identity tokens"
- [10:15] Tao Takashi: it's some sort of proven identity and you can then layer things on top of it like permissions
- [10:16] Zha Ewry: right and. note the danger of gettign sucked into the semnatic web, or general permissions languages problem space
- [10:16] Zha Ewry: What does it mean "can rez objects"
- [10:16] Tao Takashi: and for the general public maybe mostly the layers are interesting. That there is a problem that sites can falsely state who they are is maybe not so clear to many
- [10:16] Zha Ewry: if you want to have fun, look at the OMG's discussion on permissinos from the late 90s
- [10:17] Lazarus Longstaff: build? drop? wear? all are potentially under rthat umbrella
- [10:17] Zha Ewry: Whole complex set of object hierarchies for describing permissions
- [10:17] Latha Serevi: There seems to be a strong hope that there can be a single notion of "verifiable identity" that all reasonable sims could subscribe to. Such a notion must be rather open -- more like "has a registered key" than "is reputable".
- [10:17] Zha Ewry: And, right, lazarus
- [10:17] Zha Ewry: "Can I rez, can I drop, can I copy, can I transfer, can i modify"
- [10:18] Saijanai Kuhn: was looking at a "RIghts Expression Language" to describe thesethings officially
- [10:18] Tao Takashi: for an AD it might also mean "do I send objects over to that domain?"
- [10:18] Zha Ewry: At the protoocl level, a lto of that turns into opaque strings, which humans tie to contracts and language which defines them in many schemes
- [10:18] Saijanai Kuhn: and then that gets boiled down to a binary thing concerning which regions get trusted by which regions
- [10:18] Tao Takashi: and domain might be an AD or RD actually
- [10:19] Zha Ewry: (ahh, this also leads to the fun question: is an asset server in an Agent or Regoin Domain, or is it in a service domain, seperable)
- [10:19] Tao Takashi: so an AD also needs to know about other ADs, not just RDs
- [10:19] Zha Ewry: Personally, I think Asset Servers aren't in AD or RDs at all
- [10:19] Tao Takashi: I think they are in AD :)
- [10:19] Zha Ewry: An Asset Server isn't about Agents and its not about Regions
- [10:19] Saijanai Kuhn: I think there's overlapping functionality in black boxes that get seprated out at the protocol level
- [10:19] Tao Takashi: it's my inventory so it should be stored alongside with my profile, etc.
- [10:19] Zha Ewry: Not always Tao
- [10:20] Zha Ewry: Sometimes it's the objects on a sim
- [10:20] Saijanai Kuhn: you could have a standalone, one-avatar system where its all in the same box at one extreme
- [10:20] Tao Takashi: yes, but that's the inventory of the sim then
- [10:20] Zha Ewry: maybe it's a set of objects in a builders shared workshop
- [10:20] Zha Ewry: The invenotry of the sim, would imply the region domain
- [10:20] Sheet Spotter: My inventory on the SL beta grid is not the same as my inventory on the main grid. :-)
- [10:20] Tao Takashi: yes
- [10:20] Zha Ewry: In fact... I think it's neither
- [10:20] Zha Ewry: There is way to much desire to shove everything into one of the two define domains whether it fits or not
- [10:21] Lazarus Longstaff: +1
- [10:21] Harleen Gretzky: It is a snapshot of your inventory when they last updated teh beta grid
- [10:21] Tao Takashi: I actually think it fits quite well
- [10:21] Zha Ewry: This really breaks when you start having regions which talk to multiple asset servers
- [10:21] Zha Ewry: And. the notion there is "one" inventory is ahm. odd
- [10:21] Tao Takashi: you rez something => copy to region
- [10:22] Tao Takashi: or move if it's not copyable
- [10:22] Lillie Yifu: but the rez to region is the most broken thing about the current paradigm.
- [10:22] Lazarus Longstaff: but if I'm an independent region operator on an open grid, that gives me the capacity for mischief I really shouldnt have
- [10:22] Tao Takashi: Lazarus: I thought that's what we need trust for
- [10:22] Zha Ewry: Well, depends on the policy of the asset server holding the asseyt
- [10:22] Lazarus Longstaff: if someone 'loses' there supersnazzy teleporter on my region...
- [10:22] Lazarus Longstaff: *their
- [10:23] Zha Ewry: So, what's the signed agreement between you and thier home domain?
- [10:23] Lazarus Longstaff: suddenly it and everything in its inventory are sitting in my region backstore
- [10:23] Zha Ewry: nods
- [10:23] Zha Ewry: Thus the fun
- [10:23] Lazarus Longstaff: well, we'd have to assume for the sake of discussion it's a fairly open policy
- [10:23] Zha Ewry: As an asset server, I may well have a plicy
- [10:24] Zha Ewry: that says "I only hand out non-copy assets to trusted regions with certs and such to prove that"
- [10:24] Lazarus Longstaff: nods
- [10:24] Zha Ewry: Other asset servers may be promiscous
- [10:24] Tao Takashi: so that means we have a third domain and need to handle even more trust relationships?
- [10:24] Lazarus Longstaff: precisely
- [10:24] Lazarus Longstaff: no Tao
- [10:24] Lazarus Longstaff: just a way to encode that policy at the protocol level
- [10:24] Zha Ewry: So, I may run a "gnubie" server which keeps only stuff that's Creative Commons fully sharable
- [10:25] Zha Ewry: And... I may, as a corporation, chose not to let that conent onto my corproate sims, because I don't like the license, mind you
- [10:25] Zha Ewry: (I hate that use case, but it's an important one, as it's the reverse trust issu)
- [10:26] Saijanai Kuhn: ouch. Hadn't thought of that one. banned licenses...
- [10:26] Lazarus Longstaff: it will likely be a common use case in the coperate world too
- [10:26] Zha Ewry: nods
- [10:26] Zha Ewry: looks at her tag and sighs
- [10:26] Lazarus Longstaff: *corperate
- [10:26] Lazarus Longstaff: heehee
- [10:26] Zha Ewry: Itw ill be
- [10:26] Bartholomew Kleiber: that's were you were getting at.
- [10:26] Tao Takashi: I still don't see where the asset server then comes into play.. at least not where it's then different from the AD
- [10:26] Lazarus Longstaff: we cannot nite the hand which feeds us Zha *winks*
- [10:26] Lazarus Longstaff: * bite even
- [10:26] Bartholomew Kleiber: I fully understand that but doesnt that mena that only corportate assets are allowed?
- [10:27] Saijanai Kuhn: tao, WHICH asset server among man, is "the" asset server?
- [10:27] Zha Ewry: We can nip at gently, but biting, no.
- [10:27] Saijanai Kuhn: many*
- [10:27] Lazarus Longstaff: chuckles
- [10:27] Zha Ewry: And. no Bart, i might well mean that I allow some aseets nut not those
- [10:27] Zha Ewry: which I know come from places which GPL license them
- [10:27] Bartholomew Kleiber: then the corp has to copy them to their asset server
- [10:27] Tao Takashi: Sai: you choose yours by choosing your AD
- [10:27] Bartholomew Kleiber: because it needs to be aproved first
- [10:27] Zha Ewry: so.. I might happily take in assets from Linden's asset cloud, but not Richard Stallman's
- [10:28] Zha Ewry: At the protocol level, and the design pattern level, I just need to enable the use cases
- [10:28] Zha Ewry: Now.. as to the quetsion of where you inventory comes fomr
- [10:28] Zha Ewry: ICK.
- [10:28] Tao Takashi: ok, so you mean the object stays on the asset server it was created on?
- [10:28] Lazarus Longstaff: lol
- [10:28] Zha Ewry: righ now, Linden assumes there is one, and only one, and it lives on the agent domain
- [10:29] Zha Ewry: I don't personally think it's viable to assuem that
- [10:29] Tao Takashi: it would be very sad if that would go down, esp. when I bought those items
- [10:29] Lazarus Longstaff: not for the future, no
- [10:29] Zha Ewry: I htink, in fact, that probably
- [10:29] Lazarus Longstaff: in fact, work is currently in progress on OpenSim to support multiple inventory servers
- [10:29] Zha Ewry: you want some way of having nested sets of them,a nd stuff
- [10:30] Tao Takashi: I think I want my stuff simply to be on my server when I run an AD ;-)
- [10:30] Zha Ewry: So.... I may have in my "root" inventory
- [10:30] Saijanai Kuhn: you could see a generic asset server maintained by GNU people with lots of openscource scripts available to all avatars anywhere
- [10:30] Zha Ewry: a entry which is "This inventory is hosted outside this AD"
- [10:30] Sheet Spotter: It seems reasonable to support an asset server that is accessible from multiple ADs.
- [10:30] Zha Ewry: And.. righ now
- [10:31] Zha Ewry: the whole notion of how we do that is sort ignored inthe OGP work
- [10:31] Zha Ewry: I want to be able to have inventory all over the place
- [10:31] Tao Takashi: Sheet: I still don't understand why
- [10:31] Zha Ewry: On the LindenMain Grid
- [10:31] Zha Ewry: On my local private grid
- [10:31] Zha Ewry: served up on a server I pay for that is seperate from any grid for some conent
- [10:31] Bartholomew Kleiber: then you have to copy the assets over the server
- [10:32] Tao Takashi: well, you have to do that in any case.
- [10:32] Lazarus Longstaff: not necesarily
- [10:32] Zha Ewry: and I want to be able to express that properly in thewhole permissions/trrust scheme
- [10:32] Zha Ewry: In general, I want to enable by refrrence when I can
- [10:32] Zha Ewry: The web is much more about "here's a URL" than "her's a bag of bits"
- [10:32] Bartholomew Kleiber: ayes but big copr want to have some sort of aproval process for the assets.
- [10:32] Zha Ewry: Sure, I need to copy and store stuff at times
- [10:32] Tao Takashi: I wonder if that cannot simply be left for implementation in the AD. I don't care where it does get stuff from as long as it knows how to get it.
- [10:32] Sheet Spotter: Tao, my email adress isn't tied to my Internet Service Provider. Why should my asset server be tied to my AD?
- [10:32] Lazarus Longstaff: Assets is another word that gets us in a lot of trouble
- [10:32] Zha Ewry: but a ot of the time, i just need the hndle
- [10:32] BlueWall Slade: in the future, asset hosting might even be included in a person's basic internet service - like email
- [10:33] Lazarus Longstaff: assets may be in inventory
- [10:33] Lazarus Longstaff: but inventory is not assets
- [10:33] Zha Ewry: Invenotry is just a list of handles to assets
- [10:33] Tao Takashi: Sheet: your email is indeed tied to your ISP. Of course I should be able to move Tao Takashi around from AD to AD if I want to
- [10:33] Zha Ewry: Nothing is stored in my inventory other than the handles
- [10:33] Zha Ewry: At the moment, there is this illusion they are sort of one and ther same, because the world is so homogenous to most people
- [10:33] Rex Cronon: if the invetory has data in it, than it can be considered an asset
- [10:34] Harleen Gretzky: My gmail account is not tied to my ISP
- [10:34] Lazarus Longstaff: learns something new
- [10:34] Zha Ewry: Well, to be precise, your e-mail account is tied to whoever owns the DNS regsirry of everythign after the "@" sign
- [10:34] Tao Takashi: so if you have to follow all handles and contact x asset servers, isn't that slow?
- [10:34] Zha Ewry: so, google owns gmail.com
- [10:34] Harleen Gretzky: But google is not my ISP
- [10:35] Zha Ewry: right
- [10:35] Tao Takashi: we are talking about different things, email = avatar name, email messages = inventory
- [10:35] Saijanai Kuhn: Tao, if you move yoru avatar from AD to AD, the issue of trust comes in again.
- [10:35] Tao Takashi: well, then email service provider :)
- [10:35] Lazarus Longstaff: some connections to inventory servers will necesarily be more expensive than others, yes
- [10:35] Tao Takashi: Sai: It comes in again anyway ;-)
- [10:35] Zha Ewry: But. you can't move your email from gogle to hyahoo and keep "zha.ewry*google.com"
- [10:35] Zha Ewry: anyway, we digress
- [10:35] Tao Takashi: but of course I nevertheless want to be able to move my agent to another AD be it with or without inventory
- [10:35] Bartholomew Kleiber: email is not a good example methinks
- [10:35] Zha Ewry: Tao, the asset list, shoudl eb short
- [10:35] Zha Ewry: Just a list of handles
- [10:35] Saijanai Kuhn: what if the AD is a man in the middle thing that poses forever after as your avatar and requests admission back to your original AD?
- [10:36] Zha Ewry: You don't download the assets when youy load your inventory
- [10:36] Tao Takashi: Zha: yes, but then those handles at least need to contain, name, permissions and such
- [10:36] Zha Ewry: AAnd. if you have nested ones which point off to several servers
- [10:36] Zha Ewry: that's just subordinate fetches
- [10:36] Tao Takashi: I see this as an implementation issue
- [10:36] Rex Cronon: there are people that have over 40 items in their inventory. how short do u think that list is?
- [10:36] Tao Takashi: where do you store those handles?
- [10:36] Zha Ewry: At the protocol level, thep oint is to make sure we have ways of expresing
- [10:36] Zha Ewry: it
- [10:36] Rex Cronon: 40K*
- [10:37] Sheet Spotter: The AD can provide an asset server. It shouldn't be the only asset server available to me.
- [10:37] Zha Ewry: The handles, live in your AD
- [10:37] Bartholomew Kleiber: IMHO the company has to aprove all assets beforehand - I cant just show up there and have links to assets in my inventory that are copied to corps asset server.
- [10:37] Zha Ewry: and, if they are done right, they cbeomce a tree
- [10:37] Tao Takashi: so on the protocol level I might say agentdomain.com/inventory/TaoTakashi/ and get back some list of metadata (handles) ?
- [10:37] Zha Ewry: so, right now, the list is pretty much flat, all the leags always point to a linden hosted UUID
- [10:38] Zha Ewry: but.. in the future ther eis no reason a folder oculdn't be "asset list hosted in agent domain owned by pandacorp"
- [10:38] Zha Ewry: Having the handles doesn't move the assets, mind you
- [10:38] Lazarus Longstaff: stranger things have happened *winks*
- [10:38] Saijanai Kuhn: so folders would link to a given asset server as they do now?
- [10:38] Zha Ewry: if I have ahandle to an asset hosted on the Gnubie asset cloud
- [10:39] Objectx: Hello,: Avatar!
- [10:39] Saijanai Kuhn: or would each asset maintain the link?
- [10:39] Zha Ewry: and I try to rez the object on my coerproate server?
- [10:39] Tao Takashi: so the only difference I see here is that in my case you ask the AD to give the actual object to you, in the other case you ask the other server directly
- [10:39] Zha Ewry: it may say "No, I won't fetch objects from the stallman zone"
- [10:39] Bartholomew Kleiber: big corp will not give a card blanche tu GNU assets.
- [10:39] Zha Ewry: So..
- [10:39] Zha Ewry: Two seperable things, Siaij
- [10:39] Tao Takashi: ok, so I copy this asset over to another asset server and can rez it ;-)
- [10:39] Zha Ewry: One is where the list of handles comes from
- [10:39] Zha Ewry: and the other, is where the assets are stored
- [10:39] Saijanai Kuhn: I would think you would keep a local link to the asset server in the item, and the folder would resove that link to update to the proper asset server.
- [10:40] Lazarus Longstaff: Bart: "Big Corp" and "GNU" are variable from one installation to the next, depending on use case
- [10:40] Tao Takashi: Sai: local link where?
- [10:40] Zha Ewry: Of course, Lazarus, so. that just says that the permissions will be fun to get tright ;_)
- [10:40] Zha Ewry: So..
- [10:40] Saijanai Kuhn: though, folder hierachies would need to be kept around in the Agent Domain if the same concepts are kept
- [10:41] Latha Serevi: thinks this is all too complicated for us to "plan into existence". There must be some simple intermediate steps or we just lose.
- [10:41] Zha Ewry: leaf inventory tree says "Hey, fetch this sub tree from AD X"
- [10:41] Zha Ewry: Well, Latha, the protocol is really simple
- [10:41] Tao Takashi: so while I get a list of handles from /inventory/tao/ I can then look inside a handle and find an URL where to actually retrieve that, might be /inventory/tao/8272872872 or some other server. Is that about right?
- [10:41] Saijanai Kuhn: local link that refers to the hosting asset server. If you have multiple asset servers, you need some way to refer back to tha sset server the UUID/inventory item is referring to
- [10:41] Zha Ewry: just dediing handles, and how to fetch them
- [10:41] Lazarus Longstaff: it's what goes into and comes out of the protocol that's complex
- [10:41] Zha Ewry: yes, tao
- [10:41] Saijanai Kuhn: right now, the folders update the one and only LInden asset server every time youjmove them around in your inventory folders
- [10:42] Zha Ewry: Saij?
- [10:42] Lazarus Longstaff: our job is to design a protocol with sufficient robustness to accomodate the anticipated complexities
- [10:42] Zha Ewry: Seperate out the folders from the assets
- [10:42] Zha Ewry: The folders, are just lists
- [10:42] Zha Ewry: Some of which will be indirectoins
- [10:42] Tao Takashi: well, ok. I only would like to make sure though that I can copy assets I own around like I want to
- [10:42] Zha Ewry: and the leads, where the handles are
- [10:42] Zha Ewry: can point to any asset servers
- [10:42] Saijanai Kuhn: right. So do you have each inventory item do the update, or do you hae the folder do the update?
- [10:42] Zha Ewry: The folder is merely hodlign the lists of handles
- [10:42] Zha Ewry: and I'd assume that you do simple containment here
- [10:43] Zha Ewry: the handles, point all over the asset clouds
- [10:43] Saijanai Kuhn: OK. so who stores the list of assets that you get at login?
- [10:43] Zha Ewry: Agent domain you log into
- [10:43] Tao Takashi: well, it's clear that you don't give out complete objects when you request a list of your inventory for displaying it as a text list
- [10:43] Lazarus Longstaff: your default AD?
- [10:43] Zha Ewry: You start soinmewhere
- [10:43] Zha Ewry: +1 Lazarus
- [10:43] Zha Ewry: I assume that for 90% of the use cases you start with one AD which owns yoru Ave
- [10:43] BlueWall Slade: so do the regions still hold the explicit object descriptions, or a handle pointing to the asset host?
- [10:43] Saijanai Kuhn: OK, so it maintains a plain vanilla folder structure and the inventory items, which tehmselves contain the links back to the hosting asset server
- [10:44] Zha Ewry: And some of those folders are indirtection links
- [10:44] LeoJunior Laval: Sorry
- [10:44] Tao Takashi: did we just say, btw, that a folder can also point to a list of contents where the handles are stored in another place?
- [10:44] Tao Takashi: or do I keep all my handles in one place?
- [10:44] Zha Ewry: The handles, aren't but the handles can pont al over the net
- [10:44] Zha Ewry: so
- [10:44] Zha Ewry: to get contrete
- [10:44] Zha Ewry: let me tryu this
- [10:44] Tao Takashi: ok, I just want to make sure, search is possible
- [10:45] Zha Ewry: I have an folder which has two sub folders, one on my IBM AD, one on Linden's AD
- [10:45] Zha Ewry: I can fetch the lists of stuff in them
- [10:45] Zha Ewry: Deep down inside, each sub tree may point to assets all over the grid
- [10:45] Zha Ewry: So, I don't know, at all, fromt he inventory containament, where the assets live
- [10:46] Tao Takashi: actually I am afraid that from a usability viewpoint that's not optimal ;-)
- [10:46] Zha Ewry: if I "copy" an sset into the IBM sub folder
- [10:46] Zha Ewry: all I ma doing is putting a handle to the asset into that part of my list (and it will get stored into that invveotyr sub ttree)
- [10:46] Tao Takashi: having everything in one place is still better IMHO
- [10:46] Bartholomew Kleiber: someone at IBM has to aprove this copy
- [10:46] Zha Ewry: No bart
- [10:46] Zha Ewry: Its just handle
- [10:46] Bartholomew Kleiber: no? It's like walking with a lapotop throught the companies front door.
- [10:46] Zha Ewry: Nobody approves my storing ["http://lindenlab.com/blog"] in my boomakrs
- [10:47] Bartholomew Kleiber: It'll be checked too.
- [10:47] Zha Ewry: The invetory list, is much closer to a book marks file than anything else
- [10:47] Zha Ewry: No assets or abaility to rez them implied, just a handle to it
- [10:47] Tao Takashi: I'd rather add a license field ;-)
- [10:47] Bartholomew Kleiber: as long as you dont rezz it, its not important.
- [10:47] Bartholomew Kleiber: but IF you rezz it you bring it in.
- [10:47] Zha Ewry: When I try to rez it
- [10:47] Zha Ewry: Sure
- [10:48] Zha Ewry: if I'm on an XYZ.com sim
- [10:48] Zha Ewry: and XYZ.com say "no GPL objects"
- [10:48] Bartholomew Kleiber: so as long as it is *just* inyour inventory it derosnt matter.
- [10:48] Tao Takashi: Barth: Zha's point is that you cannot rez it because the handle points to Stallman's asset server
- [10:48] Lazarus Longstaff: so it never actually gets copied anywhere
- [10:48] Zha Ewry: then when I try to rez it, I get back a "Not able to rez obejct from Gnubie.org" under "XYZ.com" policy
- [10:48] Zha Ewry: right
- [10:48] Tao Takashi: the thing is because it's GPL I should be able to physically copy it into my inventory
- [10:48] Zha Ewry: Inventory is pointers, not objects
- [10:49] Tao Takashi: but probably I cannot do that into the IBM owned asset server
- [10:49] Zha Ewry: You aren't copying the BITS
- [10:49] Zha Ewry: just the handle
- [10:49] Tao Takashi: but I might want to do that
- [10:49] Lazarus Longstaff: Tao: that's the new thing I just learned: nothing is physically in inventory
- [10:49] Zha Ewry: There is no tehre there tao
- [10:49] Bartholomew Kleiber: but it will not be automagically aproved by the company by the licenese
- [10:49] Zha Ewry: Your inventory is just a list of handles
- [10:49] Zha Ewry: even today
- [10:49] Bartholomew Kleiber: if I put my virus under GNU.
- [10:49] Tao Takashi: if I acquired some object somewhere I want to make sure it's store in the asset server of my choice
- [10:49] Lazarus Longstaff: no bart
- [10:49] Tao Takashi: not just the handle
- [10:50] Zha Ewry: How did you acquire it?
- [10:50] Lazarus Longstaff: only if you get your GNU virus onmto the GNU server
- [10:50] Bartholomew Kleiber: ok good point
- [10:50] Tao Takashi: I bought it or a friend made it and gave it to me
- [10:50] Rex Cronon: how hard is it to make a new handle to lets say a 10kL@ sculptie car?
- [10:50] BlueWall Slade: you purchase the right to use/rez it
- [10:50] Tao Takashi: BlueWall: depends on the license
- [10:50] Rex Cronon: that is no copy
- [10:51] BlueWall Slade: Tao, agreed
- [10:51] Zha Ewry: So..
- [10:51] Sheet Spotter: I believer you defined an inventory entry as: {UUID, AssetServerID, IsThisAFolder}
- [10:51] Lazarus Longstaff: Rex: if it's no copy, the handle goes out of inv when you rez it
- [10:51] Zha Ewry: When you get a new asset, where does it default get stored?
- [10:51] Bartholomew Kleiber: still . companies usually have list of softwares that they aprove, it is not only the license but also the certifictaion of a distinct version.
- [10:51] Tao Takashi: I would like to be stored on my agent domain
- [10:51] Bartholomew Kleiber: my point is that it has to be checked beforehand
- [10:51] Zha Ewry: In the default asset server for that domain
- [10:51] Zha Ewry: works for me
- [10:51] Tao Takashi: because I trust my agent domain (hopefully)
- [10:51] Bartholomew Kleiber: a white list of assets so to speak
- [10:52] Tao Takashi: ok, maybe also on that :)
- [10:52] Zha Ewry: Interesting question if it's in a folder hosted by another AD
- [10:52] Zha Ewry: I'd arguye then by default, it would go to that AD's default asset store, btu I could be had on that
- [10:52] Lillie Yifu: hmmm if there is one thing that should be addressed it is the no copy paradigm conflation of several diferent license consepts into one thing
- [10:52] Lazarus Longstaff: Bart: that will depend on the policy of in question. And that policy will be expressed in terms of packets in the protocol we are presntly hypothesizing
- [10:52] Lazarus Longstaff: *policy of the company in question
- [10:53] Lillie Yifu: there is the question of transfering a license, the quesiton of how many instances of a license, and the question of what rights are transferable with the license
- [10:53] Lillie Yifu: and they are not the same thing.
- [10:53] Latha Serevi: (1) how long are y'all staying today? (2) I'm a little distressed that we're trying to have this discussion without at least one document writing down some basic assumptions, or trying to. Does anyone else see a need for a bit less fuzziness w.r.t. the starting point of discussion?
- [10:53] Zha Ewry: Yeah
- [10:53] BlueWall Slade: if it is a copy enabled item, you should be able to decide where it resides
- [10:53] Tao Takashi: one of the principles of dataportability is that the users control their data, not the services (as most social networks do today) and that means to me that I want to decide where objects are stored which I own
- [10:53] Lazarus Longstaff: Lillie: again, that is a matter of incoding the local policy
- [10:53] Zha Ewry: I think that as a mnater of pratcice
- [10:53] Zha Ewry: you can always dfo that
- [10:53] Zha Ewry: but default shoudd be simpel and easy to manage
- [10:53] Zha Ewry: and overiding is hard
- [10:53] Lillie Yifu: there is alos the *legal* policy
- [10:53] Tao Takashi: everything should be easy to manage :)
- [10:54] Lazarus Longstaff: whatever the source or nature of the policy, it is not a virtual thing
- [10:54] Lazarus Longstaff: only the packets describing it are
- [10:54] Zha Ewry: well, Tao, normal tradeoff is makign the default path as easy as possible
- [10:54] Zha Ewry: and then the comlpexity gets shoved into the less common paths
- [10:54] Zha Ewry: so ytou have ctrl-s just save your obejct in the default locations
- [10:54] Zha Ewry: then a save-as which lets you do a lot more
- [10:54] Zha Ewry: bt you don't ask everytime you save, in case you want to save off elsehere, is what I'm saying
- [10:55] Lillie Yifu: it's not jus tlocal polcy
- [10:55] Lillie Yifu: localities didn't issue the license
- [10:55] BlueWall Slade: hmm, could even backup items to different places
- [10:55] Zha Ewry: yep
- [10:55] Zha Ewry: ifyou have perms
- [10:55] Zha Ewry: including
- [10:55] Tao Takashi: or on my HD
- [10:55] Zha Ewry: "My local asset store on my box"
- [10:55] Zha Ewry: if I have perms
- [10:55] Lazarus Longstaff: +1
- [10:55] Tao Takashi: comes down to license
- [10:55] Zha Ewry: permssins are going to be a big deal, but
- [10:56] Zha Ewry: exactly tao
- [10:56] Zha Ewry: and.. the asset servers themselves may help enfore thatr
- [10:56] BlueWall Slade: also, i thin kno-copy assets need to be held in escrow
- [10:56] BlueWall Slade: in case the creator poofs
- [10:56] Zha Ewry: "I don't giveout copies to objects because of my license"
- [10:57] Tao Takashi: well, the question is who has control over an object if it's no-copy. If you move it around in trusted domains then this should IMHO be possible
- [10:57] Zha Ewry: If two servers know how to transfer a no-copy object between them it will work, tao
- [10:57] Lillie Yifu: it gets back to trust. Trust needs to be based on compliance with implementing some level of license enforcement.
- [10:57] Zha Ewry: Thge server can say "I only copy this object using thr trusted copy-procool"
- [10:58] Tao Takashi: well, at some point it might be rezzed, so two servers in any case need to know what to do with it
- [10:58] Lazarus Longstaff: +1 Blue
- [10:58] Latha Serevi: sighs. communication failure due to lack of a common language. frustrated.
- [10:58] Zha Ewry: And it can go look for proof that the recipient is in the trust domain
- [10:58] Zha Ewry: I have a 2:00
- [10:58] Tao Takashi: I also would like to have no-copy objects on servers of my choice as long as they are trusted
- [10:58] Zha Ewry: I think again, that's fine, Tao, as long as they share trust models
- [10:58] Lillie Yifu: that's whyt he whole concept of no-copy is broken
- [10:58] Lillie Yifu: what there reallyis is a license.
- [10:59] Lazarus Longstaff: yes, I gotta run too - I'm covered in drywall dust for this meeting lols
- [10:59] Tao Takashi: the problem is, what if some party cancles the contract? :)
- [10:59] Lillie Yifu: that licnese has some number of instantiations. Say "1," but not necessarily.
- [10:59] BlueWall Slade: a side note for textures: has anyone considered steganography to identify original works?
- [10:59] Lillie Yifu: The holder or the license always has that.
- [10:59] Rex Cronon: bluewall u can watermark them
- [11:00] BlueWall Slade: watermarks are visible
- [11:00] BlueWall Slade: i'm speaking of the actual textures
- [11:00] Rex Cronon: u can make the watermark invisible to the naked eye
- [11:00] Bartholomew Kleiber: that's what he meant
- [11:01] Bartholomew Kleiber: it's called steganography
- [11:01] Lazarus Longstaff: steganography is a method of digital watermarking that is undetectable by the human eye
- [11:01] Latha Serevi: Thanks, Zha, bye (assuming you're not gone already)
- [11:01] Goldie Katsu: Bye!
- [11:01] Aki Shichiroji: Thanks for the discussion, Zha
- [11:01] Saijanai Kuhn: later zha
- [11:01] BlueWall Slade: and asset servers could refuse to upload binary copies of textures if they are signed
- [11:01] Bartholomew Kleiber: bye
- [11:01] Lazarus Longstaff: Thanks for the meeting Zha
- [11:02] Lazarus Longstaff: always a pleasure
- [11:02] Lazarus Longstaff: take care all :)
- [11:02] Goldie Katsu: Sorry to fade out - other work called. Great meeting though, thanks Zha
- [11:02] Rex Cronon: bye zha
- [11:02] Saijanai Kuhn: Tao, can you give a quickie update on pyogp?
- [11:02] Dream Land: bye zha. Thanks.
- [11:02] Zha Ewry: Realy good stuff
- [11:02] Zha Ewry: Goldie?
- [11:02] Tao Takashi: just as a sidenote, there now is a mailing list about pyogp
- [11:02] Rex Cronon: i have to go too, so bye everybody
- [11:02] BlueWall Slade: yes, thanks! very interesting
- [11:02] Zha Ewry: Can I ask you to lead some of this over the next dew weeks?
- [11:02] Tao Takashi: https://lists.secondlife.com/cgi-bin/mailman/listinfo/pyogp
- [11:03] Zha Ewry: Rats, goldie poofed beofre I could ask her to do work ;-)
- [11:03] Tao Takashi: the initial login script is now restructued into components and is imported into the LL svn
- [11:03] Zha Ewry: pops off to head to OpenSIm office hours
- [11:03] Tao Takashi: still waiting for commit rights though
- [11:03] Whump Linden: thanks zha, I got pulled into another conversation, but will read the transcript
- [11:03] Zha Ewry: See everyone soon
- [11:03] Zha Ewry: Cool whump
- [11:03] Tao Takashi: I also have a test running now
- [11:03] BlueWall Slade: g'bye guys
- [11:03] Tao Takashi: which tests the login
- [11:03] Tao Takashi: (and found some bug and some problem with LL's AD)
- [11:04] Goldie Katsu: lol
- [11:04] Tao Takashi: there also is a newsgroup interface for the list: [1]
- [11:04] Tao Takashi: and I wrote a bit about the structure of the project and how to get the buildout setup etc.
- [11:04] Lillie Yifu: beijos!
- [11:05] Tao Takashi: [2]
- [11:05] Tao Takashi: and I am preparing a presentation these days for next week's EuroPython
- [11:05] Bartholomew Kleiber: tao: very cool
- [11:06] Tao Takashi: I also talked a lot with Locklain, explaining buildout, eggs and the zope component architecture to him
- [11:06] Aki Shichiroji: Thanks for the cool discussion, all :) Take care!
- [11:06] Tao Takashi: tc, Aki!
- [11:06] Tao Takashi: I also setup an egg for the testharness but need commit rights to put it up (same for my test)
- [11:07] Tao Takashi: and for the test I wrote a little dummy agent domain which mainly answers static data
- [11:07] Tao Takashi: which runs as an http server you have to start locally before running the test
- [11:07] Tao Takashi: here is the test case: https://lists.secondlife.com/pipermail/pyogp/2008-July/000001.html
- [11:07] Tao Takashi: so that's it basically
- [11:08] Tao Takashi: here again the little intro to ZCA: [3]
- [11:08] Dahlia Trimble: bye all :)
- [11:08] Sheet Spotter: Cheerio!
- [11:08] Tao Takashi: and here for the structure of pyogp: [4]
- [11:08] Tao Takashi: and now I have to leave aswell :)
- [11:09] Saijanai Kuhn: yo uknow to add the [[Category:pyogp]
- [11:09] Tao Takashi: I was forgetting the syntax but will do it from now on
- [11:09] Saijanai Kuhn: automatically indexes all pages
- [11:09] Tao Takashi: I know :)
- [11:09] Bartholomew Kleiber: ok gotta go, too. Bye all!
- [11:09] Tao Takashi: we also need to refactor the start page IMHO but we can discuss this on the list
- [11:10] Tao Takashi: ok, take care everybody!