[9:39] Zha Ewry: and nothing deployed on any public grids
[9:39] Saijanai Kuhn: Teravus just saw WHump talking about adding inventory tests to pyogp yesterday
[9:39] Teravus Ousley: notes that he can hack together ways to get OGP to do the rest of the inventory via simulator.. if it supported defining the inventory skelliton
[9:40] Meadhbh Oh: fwiw. it's not a great shock we try to do unit tests
[9:40] Zha Ewry: MMOX being IETFish... is gong to primarily focus on specing stuff that works, with a small amount of stuff that's getting close enough to be candidates for specing in the near term and a possible
[9:42] [[User:#mmox: End|#mmox: End]]: of /NAMES list.
[9:43] Teravus Ousley: Zha and Meadhbh are back on the island and the time jumping has finally stopped. Jon Watte fixed the underground wheel and got teleported off the island.
[9:43] Meadhbh Oh: yeah. he used a half implemented protocol to do it
[9:43] Meadhbh Oh: so he eventually has to come back
[9:43] Zha Ewry: Yeah I've refrained from the full up
[9:44] Zha Ewry: "So, wait, you're busy telling us that what we have which *does* do some interop, is not as good as what you don't have which has never been used for interop at all"
[9:45] Teravus Ousley: I do sort of agree that server to server object comm is slightly more interoperable then say.. having the client connect to multiple servers using OGP. but.. meh.
[9:45] Meadhbh Oh: maybe the whole OLIVE technology chain ecosystem is working on interop
[9:45] Meadhbh Oh: i can't imagine they would do it in public
[9:45] Meadhbh Oh: but if they come up with something, we _do_ have an obligation to evaluate it
[9:46] Zha Ewry: well, and 90% of the issues which make it hard to do an uber client, show up there too
[9:48] Morgaine Dinova: The work between Crista and Charles and co was the most positive thing I've heard recently. Lots of kudos to them.
[9:49] Latha Serevi: Sometime very soon I'd like to see some non-LL MMOXers comment in detail on the OGP Base and OGP Auth internet-drafts. We're gonna need to digest them before the meeting, and see if they fit our vision of MMOX.
[9:49] Meadhbh Oh: ugh. i was hoping we could have kept catherine in the fold. she _did_ make a couple very cogent points. but the whold idea of having a static message PDU per interaction is anethema to us
[9:49] Morgaine Dinova: Is Crista in-world in SL too, or just in Opensim?
[9:52] Tao Takashi: Well, I look sorta dark to myself instead of yellow, guess something is broken or it simply happens it you don't login for weeks ;-)
[9:55] Morgaine Dinova: There's a confusion here. We talk about changes to LLSD for MMOX, whereas the comment "we prefer to keep as much of the grid up as possible" refers to the LLSD in SL. MMOX's work on LLSD is not changing SL's LLSD --- this really shows up a current problem, conflating the two under same name.
[9:55] Tao Takashi: I hope to have some demonstration up soon for connecting my MySpace profile with OpenSim
[9:55] Aleric Inglewood: I use twinhead, just use a window without decorations for make "full screen" on one of the monitors. There is no full screen dual support that makes sense in SL
[9:56] Morgaine Dinova: Infinity: if "keeping SL running" is a reaqson for disallowing change to LLSD in MMOX, then you need to split off the MMOX/LLSD under another name.
[9:57] Morgaine Dinova: Otherwise we're going to be seeing a continuous string of "No"'s from LL. MMOX doesn't seek to change SL.
[9:57] Zha Ewry: At the moment, absent any rough consensus, noboyd really gets to use the royal we unless they have a diagnosis of tapeworms or Multipe personality disorder
[9:57] Zha Ewry: And, Linden, as *one* interested party in the process, is welcome to advocate for that position
[9:58] Tao Takashi: if MMOX is just about getting OGP standardized (guess 90% of it first needs to get written) then I am not sure there is much sense in taking it to that group
[9:58] Meadhbh Oh: morgaine... you're free to make LLSD/Morgaine with whatever features you like
[9:58] Morgaine Dinova: I'm talming about MMOX/LLSD Infinity
[9:58] Zha Ewry: In fact, they seem to be *one* tick less stubborn, but.. I agree it is a erfrain that's sometimes off repeated
[9:58] Zha Ewry: At the moment there is not MMOX/LLSD
[9:58] Morgaine Dinova: Please don't try doing a Prok-style personal attack
[9:59] Meadhbh Oh: but at the end of the day, if you decide to create a standard for OGP that REQUIRES the use static PDUs... then it's unlikely we'll be able to implement it
[9:59] Tao Takashi: I think there are many layers of possible interop anyway
[9:59] Irah Anatine: Hello, i'm so sorry, i'm late
[9:59] Meadhbh Oh: i'm just saying... if you want to make an alternative protocol proposal, please do
[9:59] Zha Ewry: And, I might add, that I'd be willing to support it, either in my personal, or corporate capacity
[10:00] Zha Ewry: The ability to slide in a map of typed content at well understood slots in the protocol
[10:00] Morgaine Dinova: Referring to MMOX/Morgaine is a personal attack. You know full well that's I'm referring to the majority decision about LLSD in MMOX, not my own preferences.
[10:00] Zha Ewry: is actually one of the nicest things about it
[10:00] Meadhbh Oh: i think we were hoping we could try to get what we've worked on so far standardized with the IETF
[10:01] Morgaine Dinova: My own ideas are just input, like everybody's else's. But the group's majority view is not "just input" --- that's what the final shape of the protocol will be.
[10:01] Meadhbh Oh: and leave the development of the next, great protocol for another group
[10:01] Zha Ewry: Well, somewhat not true, Morgaine
[10:01] Zha Ewry: Its not the group's majority view
[10:01] Meadhbh Oh: morgaine... i think the IETF is about consensus and WORKING CODE
[10:01] Zha Ewry: its the intersection of rough consensus and actual code
[10:02] Meadhbh Oh: what code have you contributed?
[10:02] Teravus Ousley: I think there's a little room for new stuff.. but it's /mostly/ actual code.
[10:02] Zha Ewry: Well, absent any working code beyond what Linden, OpenSim, and John Hurrliman has done in the vicinity of LLSD
[10:02] Aleric Inglewood: clients is flooding his debug screen/monitor with "2009-03-10T17:03:30Z WARNING: decodeImpl: ERROR -> decodeImpl: failed to decode image!" ... *ignores it*
[10:02] Meadhbh Oh: yes.. there is room for new stuff
[10:02] Morgaine Dinova: Infinity: 90% of the group will not be contributing code, but only technical input. Please don't try to reject 90% of the group's efforts.
[10:02] Zha Ewry: its mostly.. defined by those things
[10:02] Meadhbh Oh: for instance... if someone REALLY wants static PDUs. we could do that
[10:03] Zha Ewry: The IETF process, Morgaine, explicitly ends in the runnning code
[10:03] Meadhbh Oh: but we're not going to change our existing system to support it
[10:03] Zha Ewry: The bakeoffs are done against running code
[10:04] Morgaine Dinova: Indeed, but lots of people contribute to the design, and only a few end up coding the result of the group's ideas. So it's not that only those people who write their own ideas into code prevail.
[10:04] Meadhbh Oh: well.. please do not squash discussion by saying "umm... i'm not going to participate in the process."
[10:04] Zha Ewry: But.. equally, there is going to be a perponderance of weigh in the coded stuff
[10:05] Latha Serevi: Meadhbh,are you saying that the only way to participate is to produce a draft based on working code?
[10:05] Teravus Ousley: heh, nobody said 300 pages at least .. just that it defines what you are proposing
[10:05] Zha Ewry: This is actually by intent part of the IETF process
[10:05] Morgaine Dinova: Infinity's got the wrong idea about drafts altogether, thinks that the IETF process is some kind of "challange of the drafts". It's not.
[10:05] Tao Takashi: I would prefer first to think about a problem, see where interop is possible (as said there are many possible layers starting with authentication) and then see where we can come up as a group (not only OGP folks) with an interop proposal and then everybody probably has to change some code
[10:06] Zha Ewry: When someone says "Hey, X would be a cool feature"
[10:06] Zha Ewry: the basic answer, 90% of the time is going to be
[10:06] Zha Ewry: "Might be, lets see how it looks in the code"
[10:06] Aleric Inglewood: Writing code is easy ... it's not interesting. What is interesting is the design, and a formal description of the API and protocols.
[10:07] FWord Utorid: being a lawyer is easy, you just have to argue.
[10:07] Meadhbh Oh: @Tao. do you want to do this in the IETF?
[10:07] Goldie Dastardly: Yes, but ideas are nice, but often turn out to need refinement when you try to implement them
[10:07] FWord Utorid: being a doctor is easy, you just have to use tape.
[10:07] Tao Takashi: well, writing code is maybe easy but it helps to refine the design and discover the problems
[10:07] Dahlia Trimble: easy if you make it through law school fword
[10:07] Zha Ewry: And, in terms of interop, the bar, is very clear.
[10:07] FWord Utorid: writing a novel is easy, you just have to type and stuff
[10:07] Meadhbh Oh: (i'm gonna sound like a scratched CD... the IETF process requires documents and drafts)
[10:07] Zha Ewry: "Code, from two sources or more"
[10:07] Morgaine Dinova: We have draft -00's. Input from the IETF Contributions that reach consensus status are supposed to be merged into successive drafts, -01,.and so on. It's not competition between drafts,. it's evolution of drafts into new versions. LOTS of WGs have evolving drafts.
[10:08] Dahlia Trimble: writing LLSD serialization is pretty easy, but not much fun :(
[10:08] Latha Serevi: Zha, I only half agree. Before saying "let's see how it looks in code", it might be reasonable to bgo back and forth a cuople of times to the effect of "I think that's not general enough" or "isn't that a subset of Y?"
[10:08] Zha Ewry: Not "I redesigned the spec, and please code it for me"
[10:11] Latha Serevi: I didn't understand the reference to waterfall as it applies to MMOX approaches.
[10:11] Zha Ewry: Iteratino, with incremental change, and tests agains code is pretty much my thinking
[10:11] Tao Takashi: btw, I am not necessarily speaking of waterfall.. but IMHO it makes sense to split the problem space into manageable chunks and then have iterations on those
[10:11] Aleric Inglewood: Where can I find the "specs" or "drafts" of whatever we are discussing, please?
[10:11] Meadhbh Oh: um... morgaine... your suggestion that "we get it right in design first" is the definition of waterfall
[10:11] Morgaine Dinova: Latha: they're referring to iterated design/development.
[10:11] Zha Ewry: We have a very ncie testbed, in terms of OpenSim
[10:11] Zha Ewry: We have a somewhat less flexible existence proof in terms of SL
[10:12] Tao Takashi: I wish that viewer would be easier to change (for me)
[10:12] Meadhbh Oh: and we're hoping to add more tests to PyOGP to make running tests easier
[10:12] Zha Ewry: I'm going to be realyl reluctant to see stuff added to the spec set which isn't coded in one of:
[10:12] Tao Takashi: like experimenting with openid/oauth for me stops right now with that viewer
[10:12] Meadhbh Oh: or to cover a larger set of possibilities
[10:12] Zha Ewry: SL, OpenSim, PYGop, or a similar effort
[10:12] Meadhbh Oh: @Tao... did you participate in the OpenID work in '07?
[10:13] Tao Takashi: no, I started to look at all this stuff starting with 08
[10:13] Meadhbh Oh: okay. fwiw. there was a project in '07 to integrate nOpenID with SL
[10:13] Meadhbh Oh: and it died for lack of interest
[10:13] Meadhbh Oh: maybe it's time to ressurect it
[10:14] Zha Ewry: OpenId and OAuth have both progressed a bit in the past 18 months
[10:14] Meadhbh Oh: yeah. there are several "issues" we had with OpenID
[10:14] Tao Takashi: it would be interesting to see how such a redirect can take place in the veiwer.. it has a browser so I guess it shouldn't be that problematic
[10:15] Tao Takashi: well, OAuth is not 18 months old ;-)
[10:15] Tao Takashi: so it's interesting that it got so much traction
[10:15] Tao Takashi: one thing I am thinking about these days is also how to do mass authorizations via OAuth
[10:16] Tao Takashi: so that you don't have to be redirected to each service
[10:16] Zha Ewry: That's especialy entertaning in clouds, and in settings where you have no clue abnout whether you want to delegate
[10:16] Tao Takashi: which is of course a usability issue if you want to give some new service access to your profile service, your social graph, your inventory, your photos, your presence service and so on
[10:16] Zha Ewry: "Would you like to let the "internalObscureGridComponent54B have access to your credentials"
[10:17] Tao Takashi: well, for a new service you at least need to give consent to one entity which does the rest for you
[10:17] Zha Ewry: The granularity of web services a spart of a trusted cloud is a messy bit at best
[10:18] Zha Ewry: There's been some discussion of thast Tao, the late '08 drafts of oAuth sort of imply
[10:18] Zha Ewry: per service (at the named host level) which gets pretty ICK
[10:18] Tao Takashi: well, I didn't find an extension which would handle that
[10:18] Tao Takashi: but I will look at what Eran has rewritten these days
[10:19] Zha Ewry: I'd think the right granularity is "per collective trusted set of services" but. that's very much a hot discussion topic at the moment.
[10:19] Zha Ewry: And.. its farking hard to define right in the web
[10:19] Tao Takashi: you can still let the SP decide what options they give you
[10:19] Zha Ewry: You don't want to tie it to FQDNs
[10:19] Zha Ewry: but all other choices get incredibly messy
[10:19] Zha Ewry: sighs as we plunge down a random rabbit hole at mach 7
[10:19] Tao Takashi: right now it's tried to the OAuth Realm IIRC
[10:24] Zha Ewry: and whether you can happily create
[10:24] Morgaine Dinova: I guess that area is going to be devolved into a separate design team in the WG (assuming we get one). Sounds like a discrete line of work.
[10:24] Infinity Linden: it's not a problem if you have closely linked viewers and servers
[10:24] Zha Ewry: complete conforming stacks which don't interop at all
[10:24] Zha Ewry: because they don't share any commmon profile elements
[10:24] Tao Takashi: well, what I proposed in that architecture draft is some sort of service discovery which allows for everything but the standards on top should specify which services MUST be implemented and which ones MAY
[10:24] Infinity Linden: it would be nice if there was a small set of auth technolgoies
[10:28] Tao Takashi: I think supporting a service discover document is actually not really a big change..
[10:29] Zha Ewry: Its not a big change in terms of spec, or code
[10:29] Tao Takashi: and for a start it could even just contain SL specific services
[10:29] Zha Ewry: it opens the door for the whole "profile/what really works with what" mess tho
[10:29] Teravus Ousley: Anyway.. one way to argue against LESS, is that it would require the one server you're currently connected to.. to present the entire scope of whatever virtual worlds it's proxying.. and that could be very resource intensive. If the client connects to multiple machines .. each server is responsible for sending it's own content.. it's therefore highly distributed and more like 'the web'
[10:31] Teravus Ousley: but.. the average user.. probably not.
[10:31] Infinity Linden: hmm... i wonder what the web would have looked like had the java and javascript default security policies allowed you to connect to anyone on the web
[10:31] Tao Takashi: isn't the average user always easy to spoof? ;-)
[10:31] Morgaine Dinova: Well Jon's issue with our viewers has to be one of the most pointless arguments every raised. Even if we unanimously decreed that viewers were banned from MMOX, we'd still be ankle-deep in them. There's no going back, so just stop arguing about it. :-)))))
[10:31] Zha Ewry: channles fword and replies "A giant barking chicken"
[10:32] Zha Ewry: Also, Morgaine, not that every single "I don't know how to represent this to specific client X" issue shows up at the sim-sim boundary
[10:32] Zha Ewry: So, if client A, can't show meshes
[10:32] Zha Ewry: and sim A, associated with it doesn't think in meshes
[10:32] Zha Ewry: you have to deal with the mesh->sim A issue
[10:32] Zha Ewry: (and one level removed from the client/content negotiation world)
[10:33] Infinity Linden: i'm willing to bet Jon has some IP that makes that translation easy
[10:33] Tao Takashi: actually it would still be good to know what sort of tech all the other VWs actually use in terms of 3d objects, login procedure, simulation, animation and so on
[10:33] Zha Ewry: The app leve vs connection level quesoin, Tao
[10:33] Morgaine Dinova: Yeah, he's merely moving the problem from one piece of code to another, and losing the benefit of distributed computing in clients in the process. It's very very silly. But even if it were perfection itsefl .... it's still not gonna happen!!! /me chuckles
[10:33] Zha Ewry: is whether you are authenticating the connection
[10:33] Zha Ewry: or the contexts the services hold (roughly)
[10:34] Teravus Ousley: The thing about OpenID.. is.. one website.. sends the user off to authenticate another website.. which then returns them to the original site. A malitious web site could forward the user off to a look-alike openid authenticator.. and get the openid username and password.
[10:34] Meadhbh Oh: well.. i dunno.. we're certainly going to put LESS on the agenda
[10:35] Tao Takashi: Teravus: I know about the phishing problems and I also know about procedures of some opensim providers to fight it but it makes it all a bit more problematic for the user
[10:35] Zha Ewry: The object with a URI of 978890709870897-0980987890 has rotated 10 degrees looks pretty much the same whether I'm telling a sim or a client
[10:35] Morgaine Dinova: Heh, synthetic position ... he's not even allowing analysis, let alone synthesis! I think I'm just going to give up on his. I can't talk to someone who basically doesn't want interop to happen.
[10:36] Infinity Linden: right... the problem of phishing can be reduced if you're talking about XSS
[10:37] Zha Ewry: There's a bunch of thinking lurking there, I gather, but it's never going to fully go away
[10:37] Infinity Linden: but if you're talking about a bad actor as a server, serving you a form that says.. "yeah! i'm REALLY this other server... the one you trust..."
[10:39] Latha Serevi: Sometime before we adjourn for today, could we talk a litttle about where I could put some useful effort into the MMOX discussion this week and next?
[10:39] Infinity Linden: ossm. i;ll have to chat with Bill Barr about it
[10:39] Zha Ewry: still cringes at the WSA discussions on the W3C mailing lists in 1998
[10:39] Infinity Linden: we talked about doing something with it back when i was at homeland
[10:39] Morgaine Dinova: Latha: what's on your mind specifically?
[10:39] Teravus Ousley: the Dan Kaminsky thing raised awareness enough to cause verisign to implement some roots that way.
[10:39] Latha Serevi: Sometime very soon I'd like to see some non-LL MMOXers comment in detail on the OGP Base and OGP Auth internet-drafts. We're gonna need to digest them before the meeting, and see if they fit our vision of MMOX.
[10:39] Goldie Dastardly: and Sec64 (if I remember the company correctly...coffee cup is downstairs and business card is burried on desk.
[10:41] Latha Serevi: My understanding is that the appropriate focus for the BOF meeting itself is on charter and target deliverables. However, before the meeting, we're supposed to read in detail all of the internet-drafts to be considered, right? I sort of want help digesting them.
[10:41] Infinity Linden: my guess is the qwaq peeps are waiting for the croquet proper peeps to show up
[10:41] Teravus Ousley: channels Fw0rd, "I wish Lively was present on MMOX"
[10:42] Infinity Linden: and sadly.. mark may not want to as the wire protocol they use is unique to Squeak
[10:42] Zha Ewry: They are waiting for the t-object to tell them it's time to step forward in the mailing list
[10:43] Zha Ewry: I think, that they have to realize that in 2009 the odds of a language specific disirbuted object protocol being the wire protocol on the web is pretty minimal.
[10:43] Infinity Linden: the advice we got from our area director is
[10:44] Zha Ewry: "This n specs" for which we have code, and broad need, and a document who's purpose is to gather in the ideas which are still congeeling
[10:45] Latha Serevi: To me, the main deliverables of the WG are RFC's, and one of the goals of the BOF is to get consensus on a good set of target RFC's to design and bake-off.
[10:45] Zha Ewry: that the process is "Spec refinement"
[10:45] Teravus Ousley: Meadhbh is correct.. it's is supposed to include deliverables. It's the contract that the working group has with the IETF and the deliverables in the charter are the reason for the working group being in existence.
[10:46] Meadhbh Oh: and it's somewhat sad to say...
[10:46] Meadhbh Oh: i think we may be headed to multiple WGs
[10:46] Latha Serevi: I'm not giving up on the single WG yet
[10:46] Meadhbh Oh: one focused on SLish worlds, one focused on OLIVE(tm)ish worlds
[10:47] Meadhbh Oh: cause i just don't see jon saying... "sure... go off an do your sily OGP and LLSD stuff and I'll work over here"
[10:47] Tao Takashi: I would rather would like to see a WG which tries to solve problems common to web and VWs like authentication, authorization and service discovery
[10:47] Zha Ewry: I'm reluctant to believe we have enough critical mass
[10:47] Meadhbh Oh: @Tao... well... authentication isn't our mandate per se
[10:47] Teravus Ousley: I don't think we have enough critical mass yet either.
[10:47] Latha Serevi: I have an inkling, and a hope, of a "middle ground" consensus forming. It would include LESS, and have some things to say about whether the OGP drafts fit into our inclusive and general vision of MMOX.
[10:47] Meadhbh Oh: i was hoping to be able to reuse as much of other peoples work as possible
[10:47] Meadhbh Oh: but that might be what you're saying
[10:47] Morgaine Dinova: Multiple may simply be pragmatic. Do we *really* want the current discussions with Jon continuing ad infinitum before we can progress with OGP? It doesn't bear thinking about.
[10:47] Zha Ewry: and. I'd much rather retain the critical mass even if we lose Jon
[10:48] Tao Takashi: sure, authentication is maybe also a solved problem with many solutions ;-)
[10:48] Tao Takashi: but the whole thing on how you plug it together to have a decentralized system is maybe not
[10:48] Tao Takashi: and there are useful parts around
[10:48] Teravus Ousley: well, have you looked at webkinz
[10:48] Zha Ewry: "The broad consensus is OGP get progressed, and we are willing to discuss the LESS stuff and progress it when you have code, spec and a way to show us it's relevent"
[10:48] Meadhbh Oh: @Tao... yup. auth is a solved problem, but we probably do want to add a few new use cases to be considerd
[10:49] Tao Takashi: sure, but maybe for those new use cases we can also go to the communities which work on that and discuss them there
[10:49] Meadhbh Oh: we say something more like "um... we think there's a mild disconnect between the existing OpenID / SAML / whatever and virtual worlds... here's a recommendation for how you could fix it. could you fix it please?"
[10:51] Zha Ewry: You want a "This is our issue" idealy in the form of a use case hey can see easily. "here is a way we might solve it" and "We'd be glad to help"
[10:51] Meadhbh Oh: but if we need to add a few spokes to the wheel, yeah.. it's "our" responsibility to do so
[10:51] Zha Ewry: Then you need about 2 years to get it done
[10:53] Zha Ewry: So, Latha, to give you a concrete answer?
[10:53] Tao Takashi: and a dataportability steering group meeting coming up soon
[10:53] Meadhbh Oh: in the opensim community or in the IETF?
[10:53] Morgaine Dinova: I think you're still mixing MMOX and SL in your mind. They're separate. SL doesn't need to change for bakeoff. Would be nice if Aditi could mirror MMOX specs, but even that is not necessary. MMOX != SL.
[10:54] Zha Ewry: I think flagging spots i the various specs which totaly confuse you, and asking for people to explain them woudl be wicked good
[10:54] Meadhbh Oh: is unfamiliar with data portability groups... but would love to hear what people think
[10:54] Tao Takashi: of the dataportability project ;-)
[10:55] Zha Ewry: "In your dreams you blonde lunatic!"
[10:55] Morgaine Dinova: Zha: someone needs to implement it, but that doesn't have to be in SL. SL is a production system, the last thing you want to do is muck around with test code in it.
[10:55] Infinity Linden: but.. i'll definitely push internally for it
[10:55] Tao Takashi: of course I hope we can prevent caps to go into OGP ;-) at least for 2D stuff
[10:56] Meadhbh Oh: and for the record... i personally agree with the request
[10:56] Zha Ewry: Not on main grid, Morgaine, or even on beta
[10:56] Infinity Linden: but unfortunately am not at liberty to discuss why such a thing has turned into a "hard" request
[10:56] Zha Ewry: But.. I'd really think it kind of needs to be on a set of SLish boxes eventualyl if we want to be able to say
[10:56] Zha Ewry: "yeah, this stuff actually meets the need of one of the biggest deployers"
[10:57] Tao Takashi: ok, I gotta go home before that steering group teleconference
[10:58] Morgaine Dinova: Zha: we all agree then! The point of dispute was the line "Can't do that because it could endanger SL", which was a potential block on what MMOX can agree on based on the requirements of a live service. If it's not done in a live service, then the problem goes away --- there's no "Can't do that, it would endanger SL".