[9:41] Patnad Babii: uhm server crash is never fun
[9:41] Zha Ewry: So.. I wanted to poke at three things which tangle together into the overall interop story. Not immediately as a tech story, but as a user requirements story
[9:43] Zha Ewry: So, going back to Zero's orginal AWG comments, over a year ago, and looking at funny things like people using names like "botgirl Linden" on one of the open grids...
[9:47] Eddy Stryker: you have to login the first time using LDAP, which pulls your real life name and creates an avatar account with that name
[9:47] Ina Centaur: yep. and if someone took your RL name already on one grid, and you get on the other grid before them, it'd be nice if you could keep your name(?)
[9:48] Eddy Stryker: but the user server is tricky enough that it supports multiple people with the same name, as long as they have different passwords... anyways, it's a tangent
[9:48] Ina Centaur: hehe thanks! wearing june dion's latest creation and yet another ic-skins
[9:48] Zha Ewry nods, observing that she has the RL name cybersquated on Linden's grid
[9:48] Infinity Linden: and there's also the issue of data portability
[9:49] Zha Ewry: and, yeah, user service, sort of gets it right, but a lot of code in the guts has this nasty habit of looking at user names for permisinos
[9:49] Morgaine Dinova: The idea of reserving names is totally broken, don't go there.
[9:49] Infinity Linden: what happens when your agent domain goes belly-up and has a lock on your name registration?
[9:49] Ina Centaur: could be the new/free version of domain name squatting..
[9:49] Ina Centaur: but, what would happen to "botgirl linden" in the case you mentioned
[9:50] Rex Cronon: in rl there r quite a few people that share the same name
[9:53] Infinity Linden: i keep wondering if Google would ever one day become an agent domain
[9:53] Morgaine Dinova: If all the root nameservers failed, I bet we'd have replacements appearing all over long before the majority of TTL's expired ;-)
[9:53] Ina Centaur: is it possible to not have a unique gmail handle? o.O
[9:56] Eddy Stryker: identity is only as good as the person authorizing it. you can't be Zha Ewry, only Zha Ewry @ agni.lindenlab.com
[9:57] Morgaine Dinova: Let's hammer out Infi's point first. It's important to have at least a pri/sec structure for ADs same as DNS has ... at a minimum.
[9:57] Zha Ewry: I am inclinded to agree with Eddy
[9:58] Zha Ewry: They will have to deal with federate
[9:58] Morgaine Dinova: Notice that you can have a shortcut of "Zha Ewry" everywhere ... but just not an authoritative one. That'll have to be @blah qualified
[9:58] Infinity Linden: sometimes msh@hbmobile.org CAN BE the same as infinity@lindenlab.com
[9:59] Zha Ewry: the only deep token,IBM ever wants as my ID is "dwl@us.ibm.com"
[9:59] Eddy Stryker: not if you are on the lindenlab.com server, or one on of their partner grids that share a user server. but if you are on my grid, yes i want to know that you are zha.ewry@lindenlab.com
[9:59] Infinity Linden: right.. introducing the authoratative / non-authoratative concept from DNS does make things easier
[9:59] FWord Utorid: eddy, you went daddy warbucks with stubble on us.
[9:59] Zha Ewry: and.. one shudders to think what name I should show on a regoin which does not have its own user hosting at all
[9:59] Eddy Stryker: fword: every time i login i have some random avatar applied. i don't know where they come from
[10:00] Morgaine Dinova: There are more John Smiths than atoms in the universe after all ... the idea of a non-qualified name is a non-starter.
[10:01] Eddy Stryker: i'll throw out that the second life protocol doesn't restrict everyone from having the same name, but it's not useful to see 12 Zha Ewry's logged in if half of them are Zha Ewry @ pirategrid.org
[10:01] Infinity Linden: people may notice that SL does not currently support OpenID
[10:02] Morgaine Dinova: And even the top-level domain may not be enough. There are for example at least 10 Stuart Davies @ bt.com ;-) [friend of mine :P]
[10:02] Eddy Stryker: ina: my user server uses openid for all of this, yes
[10:02] Zha Ewry nods right, and at one time, first middle last, pretty much worked for the world
[10:02] Eddy Stryker: for lack of time, only the ldap plugin is finished. but once you do an ldap login, the user server becomes an openid provider for you
[10:03] Zha Ewry sighs
[10:03] Infinity Linden: (but mostly because it's a long discussion that could derail the current one)
[10:03] Eddy Stryker: fword: it could be used for simian. the plan is to land it in opensim trunk though
[10:03] Zha Ewry: Why does everyone want to be a provider, not a consumer of openId?
[10:03] Infinity Linden: because of the dot-com dictum that "thou shalt control the eyeballs"
[10:03] Ina Centaur: well, SL user name would be another openid passport..
[10:03] FWord Utorid: eddy: i'll keep an eye out. glad to also see the save oar in simian ;) [now back to the show]
[10:04] Rex Cronon: i guess as a provider u control it, while as a consumer u don't
[10:04] Morgaine Dinova: Infi: we're talking about technical reasons. You may have business or policy reasons, but they're interesting to us in this context. I'd like to know if there are engineering issues though ... or still no comment?
[10:04] Ina Centaur: although it would be cool to be able to log into SL with yahoo or flickr or the other more popular openid supporters
[10:04] Eddy Stryker: zha: all of the other grid services are consumers
[10:04] Morgaine Dinova: Infi: I missed a "not" in front of "interesting"
[10:06] Goldie Katsu: um...but if we noticed it now wouldn't it kind of....be because you pointed it out.
[10:06] Morgaine Dinova: The key thing about OpenID is that "support" should not be only only as a provider of identities. You have to accept those provided by other suppliers as well.
[10:06] Ina Centaur: hmm haven't had a chance to look into ogp yet. i'm told that ogp would become dinosaur'ed by the time you can actually do anything useful with it o.O
[10:06] Infinity Linden: oh! did i use my outside voice for that?
[10:06] Eddy Stryker: zha: that needs to come soon, yes
[10:06] Zha Ewry: /sprinkles bonus points around liberally, just because
[10:06] Eddy Stryker: to finish securing hypergrid
[10:06] FWord Utorid: there seem to now be about 10 layers of authentication and multi-grid connectivity going on the drawing board.
[10:07] Ina Centaur: curious though, would OGP auth also allow for a universal $L balance?
[10:07] FWord Utorid: none of them seems to adequately address the issue of having to shut down and start a new viewer with each grid shift in order to authenticate into another grid
[10:07] Goldie Katsu knows she wants more hours in her day but is afraid that if she had them the projects might multiply leaving her just as behind.
[10:07] FWord Utorid: it would be interesting if there was a mechanism for a login dialog when teleporting to other grids
[10:07] Eddy Stryker: fword: hypergrid doesn't have that issue
[10:08] Infinity Linden: Auth just transports the assertion that the end user is in possession of a shared secret
[10:08] Ina Centaur: ah no access to account info?
[10:08] Infinity Linden: it's up to the system behind the Auth implementation to decide whether the authenticated party has access to a linden dollar account
[10:08] FWord Utorid: eddy: I doubt that hypergrid has a full implementation for maneuvering from one grid to another and accomodating an identity in each world.
[10:08] Eddy Stryker: fword: you don't need to re-login at all. you already have a sessionid that can be used in the openid authentication process, so your identity proving happens automatically
[10:09] Morgaine Dinova: You don't shut down a viewer to login to another, lol. That's just a temporary abberation, legacy from the non-interop world of SL.
[10:09] Ina Centaur: and... the system/decision is presumably LL?
[10:09] FWord Utorid: eddy: the issue I'm referencing is this... I go to another grid, I have a different identity on that grid, I should authenticate to that grid
[10:09] Eddy Stryker: only if you want to use a different identity on that grid
[10:09] Ina Centaur: @morgaine, but the viewer will likely crash as you ig tp ;-P
[10:09] Ina Centaur: same difference. shutting off though gives less of an unexpected arrival
[10:10] FWord Utorid: I realize what you are saying regarding maintaining the same session.
[10:10] Morgaine Dinova chuckles
[10:10] Eddy Stryker: if you start out as fword@osgrid.org and you move to the openlife grid, you can stay as fword@osgrid.org. if you want to be someoneelse@openlife.org then you need to login
[10:10] Zha Ewry pushes her nose back into her face
[10:10] Goldie Katsu: Does that mean y ou don't TP?
[10:10] Ina Centaur: see, same grid TP's for heavier traffic/large build sims typically involve in crashes
[10:10] Ina Centaur: i usually don't tp without expecting a crash
[10:12] Ina Centaur: (in other news, paypal dev is really quite together -- well, relative to LL regapi at least.. just finally had the excuse to look into IPN recently)
[10:12] Goldie Katsu: Sure if I'm dressed for the night club and tp to work I might want to be more appropriately dressed.
[10:12] FWord Utorid: I am sure we will see plenty of phishing, the same way we see plenty of little sl hacks
[10:12] Goldie Katsu: (that was with a 1 instead of l btw.)
[10:12] Morgaine Dinova: The Meerkat viewer was designed to be user-centric rather than provider-centric, maintaining multiple simultaneous connections to different ADs.
[10:13] Ina Centaur: @goldie, that's assuming inventory xfer is seamless across grids
[10:13] Goldie Katsu: How do you not create an obvious phishing setup with needing to reauth to the region you TP'd to?
[10:13] Ina Centaur: i'd assume there's content rights issue.. though it would be nice if you arrive dressed in the same glorious outfit from grid to grid
[10:13] Goldie Katsu: True or if it wasn't I guess I'd want local clothing in the new grid with my av shape rather than being a cloud of bit essence.
[10:14] Eddy Stryker: ina: inventory doesn't technically need to "transfer" anywhere, as long as the grid/simulator knows how to point the client back at it's home inventory. or, with a proper client, the client can go back to its home inventory server directly
[10:14] FWord Utorid: i think it sort of all falls apart invisibly and nobody really notices.
[10:14] Goldie Katsu: And the home inventory server will serve to the new grid.
[10:14] Ina Centaur: true, but for avatar attachments and accessories, it would have to render - and get "loaded" into the local sim
[10:15] Ina Centaur: so, in that case, content is transferred and can be abused if someone basically mod's their opensim to "log" avatar appearances
[10:15] FWord Utorid: there will never be a seamless experience wherein all of the grids are interconnected with absolute trust between them.
[10:15] Eddy Stryker: ina: yes, and anything you rez would literally have to be pulled across grids
[10:15] Goldie Katsu: I think the quesiton is how can we make it as seemless as possible and where does it break - and what does "break" mean.
[10:15] Ina Centaur: yep, that's basically a xfer imho
[10:16] Eddy Stryker: it's up to the asset server storing the content to determine if it really wants to give up copies of its skins to pirategrid.org
[10:16] Eddy Stryker: whitelist+blacklist support at the asset level
[10:16] Ina Centaur: well, as i understand the opensim server would need that information to load the avatar(?)
[10:17] FWord Utorid: you have to assume all of this is beta for the future internet wherein everything is P2P,
[10:17] Eddy Stryker: "this bin of stuff is public, it can transfer to any grid". "this bin is premium, it can only transfer to our partners that subscribe to the auditing service"
[10:17] Morgaine Dinova: I suggest we solve the issues for CC-licensed content first ... we can always block comms, that's trivial, but let's get unencumbered assets moving dirst.
[10:17] Ina Centaur: p2p is kinda scary. with SL-esque sims that aren't meant for events with more than 10 people, your IP gets easily compromised
[10:17] Ina Centaur: (IP address IP... not intellectual property)
[10:17] Infinity Linden: speaking of authentication across grids
[10:18] Zha Ewry thinks her ave today shoudl be a teapot.. As she is on her 4th cup of tea so far
[10:18] Infinity Linden: i'm curious if anyone has thought about multiple levels of authentication within the same grid?
[10:18] FWord Utorid: the notion of premium digital content that one can keep from being copied falls apart when it goes to another service provider to proxy it
[10:19] FWord Utorid contemplates an aunt jemima avatar, and assert_ima_jemima
[10:19] Eddy Stryker: multiple user levels in a single grid are required if you want to support the notion of local users vs. those weird guys from pirategrid.org
[10:19] Goldie Katsu: Authenticating up to secret?
[10:19] Eddy Stryker: and different permissions for each group
[10:20] Infinity Linden: i put my thumbprint on a thumbprint reader and it seems to match the thumbprint my bank has
[10:20] Ina Centaur: oh i was about to get one of those new thinkpads with the thumbprint auth
[10:20] FWord Utorid: cloned extremities will defeat thumbprint authentication
[10:20] Rex Cronon: someody could make a duplicte:)
[10:20] Zha Ewry cringes, and then recalls she uses a fingerprint on the laptop every morning
[10:20] Infinity Linden: right... sort of like sudo for VWs... plus the feature that sudo knows how long ago you authenticated yourself
[10:20] Ina Centaur: except i saw this scary cantonese movie where they lopped off your hands when they steal your laptop x.x ... just to get past the auth
[10:21] Rex Cronon: u will have to give them the finger:)
[10:22] FWord Utorid: brute force fingerprints? means making a projector and passing along every possible fingerprint pattern :/
[10:22] Goldie Katsu looks for her gummi bears
[10:22] FWord Utorid: infinity: sudo for vw property in this case seems like donning a group title
[10:22] Zha Ewry: Its even worse, when you look at the various things we use auth for. The whole Linden scheme is very limited, compared to RL
[10:22] Ina Centaur coughs... no, much *more* brute force. (literally chop off the thumb.)
[10:23] FWord Utorid: then that sort of brute force would require everyone's fingers in a vault.
[10:23] Infinity Linden: ah Ina! I see you _do_ know how to revoke a fingerprint!
[10:23] Eddy Stryker: sudo is a good example, because it's deceptively simple. it just lets you become root temporarily. so you don't have to deal with the complexities of (partial or full) delegated authority, you just *are* root
[10:23] Ina Centaur: although i also heard the newer thinkpads come with remote self-destruct so even if your laptop gets stolen and your hands get chopped off you can just access the web service to nuke it all x.x
[10:23] Infinity Linden: i was thinking really about the namespace management issue
[10:23] Morgaine Dinova: They used to chop off fingers with signet rings a lot, not so long ago.
[10:24] Ina Centaur: (but how do you do it without hands!)
[10:24] Infinity Linden: in cross-grid, we have a set of grids that may want to subscribe to a federated identity scheme
[10:24] FWord Utorid: eddy: in an opensim context, what could you do with a sudo that you couldn't by being the estate owner?
[10:24] FWord Utorid: I suppose one could make commands in chat go to the console
[10:24] Infinity Linden: in the sudo example... we may also want to ask...
[10:24] Ina Centaur: (lol sorry for the digression. i really wanted to get one until the paranoia possibility occurred... well, except, as zha pointed out, the fingerprint auth isn't really useful for much other than to impress your friends >.>)
[10:25] Infinity Linden: how do we know that the semantics of sudo on one grid are the same as on another
[10:25] Whump Linden: Ina Centaur, you bite down on the hollow tooth with the cyanide capsule. The self-destruct is tied to your heartbeat monitor.
[10:25] Infinity Linden: and i think that answering that question will inform the debate of namespace management for the cross grid use case
[10:25] Zha Ewry: One also ends up interesting questions of what we permit other to see in thesee stories
[10:25] Ina Centaur: well, so ibm's going to expand to dental implants?
[10:25] Rex Cronon: why do i suddenly feel like i am in 007 movie?
[10:26] Goldie Katsu: wait. We aren't in a 007 movie?
[10:26] Whump Linden: Rex, I thought you were in a Marvel Comics movie.
[10:26] Ina Centaur: see now's the time when it would be really cool if there were a 007 windlight mode or something
[10:26] Eddy Stryker: infinity: the semantics are not the same. what you have to do to become root@intel.com is wildly different from root@mygarage.com
[10:26] Infinity Linden: it's secure... but like the Win2k system that had to be removed from the network to get common criteria certification
[10:26] FWord Utorid: this is a B-Movie, not a Bond Movie.
[10:27] Morgaine Dinova: infi: even in a federated scheme, you still have to accept connections from unknown parties. Because, if you don't, that simply means that everyone will have to have accounts that can be federated, which is (i) non-scalable, and (ii) meaningless, since when everyone has a trusted account then trust == nil.
[10:27] Infinity Linden: yes Zha... but it's always fun when you enter a room with coworkers still wearing the group affiliation of the bondage club you visited the night before
[10:27] FWord Utorid: zha: I think more than one identity in IMs results in a restructuring of the user interface for messaging, at the very least
[10:28] Zha Ewry imagines "Forutune500CIO John is now known as "PandaBurFurry Slave"
[10:28] Zha Ewry nods
[10:28] Ina Centaur: yep, and we wonder how to apply this to the 15 million no-payment-info-on-file's..
[10:28] Eddy Stryker: zha: you're asking if grid B will act as an openid provider for grid A, assuming that grid A acted as a provider for grid B? not necessarily, no
[10:28] FWord Utorid: you now have multiple friends lists, multiple 'selves' to manage. Imagine trying to be on WoW and RP both the Lich King and a fairy.
[10:29] FWord Utorid: zha: ok. new friends list, new im dialogs, new permissions to contend with
[10:29] Whump Linden: ah, the going from the shop training sim to the union organizing sim
[10:29] FWord Utorid: 'can see me on map' 'can see me on other grids'
[10:29] Zha Ewry: That's very non seamless, which is why I ask
[10:30] Infinity Linden: fwiw... the PGP/MIME community mailing lists from the 90's have a lot of good discussions about being multiple, different things to distinct user communities
[10:30] FWord Utorid: 'knows i am someone else on grid x'
[10:30] Eddy Stryker: ok, back to coding. thanks guys
[10:30] Morgaine Dinova: Eddy: ADs are all peers. The idea that one authenticates the other and not vice versa is all wrong. The fact that one is bigger doesn't change that.
[10:30] FWord Utorid: ultimately, i wonder if the 3d view doesn't start to get divided into multiple view windows as well
[10:31] Infinity Linden: LL's AD is valueable because it is big... but if someone like "papercraft modelers in arizona with lots of disposable income".com offered an AD
[10:32] FWord Utorid: ok. so, we need a fly-eyed viewer that will allow us to make sense of what zha was asking about
[10:32] Infinity Linden: it woul dbe valuable in a completely different way
[10:35] Morgaine Dinova: Well we'll need end-to-encryption for comms at some point, since neither the ISP nor the VW provider are trusted parties. But we're not really looking at that yet.
[10:35] Zha Ewry mutters "Oh, profiles are dangerous beyond words, becuase you end up with so many of them"
[10:35] Infinity Linden: because i fear we may be headed towards an over-the-wire protocol that
[10:36] Goldie Katsu: I am particularly fond at looking at previous work because it can help avoid recreating old security holes.
[10:36] Infinity Linden: allowing everyone to say.. "oh... well... to me.. being 'root' means x,y and z"
[10:36] Infinity Linden: while to someone else it means a,b and c
[10:37] Infinity Linden: and this is where it gets weird... when the protocols go up the 7 layer stack and emerge into thte political financial and religious layers
[10:37] Rex Cronon: there is a religious layer on the stack?
[10:37] Goldie Katsu: yes the 8th (and 9th layers)
[10:37] Morgaine Dinova: Infi: well OGP just talks REST, and REST resources are abstract representations, not the real thing (necessarily). So yeah, OGP is kinda semantic-free to some extent.
[10:37] Zha Ewry laughs
[10:38] Zha Ewry: Don't tell them about the secet 10th layer, infinity, you konw what happens to people who mentoine that.
[10:42] Goldie Katsu looks at the time and realizes she has to go.
[10:42] FWord Utorid: ok. identity, in the context of what? the ubergrid? it's feasible that we would have multiplicity beyond comprehension in that arena
[10:42] Rex Cronon: it doesn't really matter if u have multiple names as the keys are different for each of them
[10:42] Zha Ewry: OK. So.. Two things I got out of this
[10:43] FWord Utorid: a diagram of user + stuff + multiple places + ims for each place + appearances for each place
[10:43] Zha Ewry: one, lots of issues, so I'm going to go wiki the page
[10:43] Zha Ewry: so we have a place to actually keep track
[10:43] Infinity Linden: yay! the way of the long tail warrior! putting it on the wiki!
[10:43] Zha Ewry: and. 2) at a minmum, expect "foo bar@issuing domain" to be in our future
[10:44] Zha Ewry: and then chew on the rest and maybe people can actually make few useful proposals
[10:44] Morgaine Dinova: Infi: Well nobody disputes that FQDN-type identities are non-optional, so that issue is kind of "sorted" ... now just have to design it. :-) But we haven't addressed availability, or a pri/sec structure yet.
[10:45] Zha Ewry: saij? Will you post a transcript of the chaos?
[10:45] Morgaine Dinova: But maybe even @domain isn't enough. Perhaps we should use PGP keys instead.
[10:45] Zha Ewry: I'm going to waner off to RL and pour tea into my virus infested RL body