HG Meeting 2009/03/05

Summary
This meeting was about different schemes for agent transfers. The different schemes have considerably different requirements for authentication. It looks like three things may come from what was discussed in this meeting:


 * The IBM people will work on the client side to make Inventory CAPs happen soon
 * Crista/Diva is going to make Scenario B happen for the hypergrid
 * Jhurliman and maybe others will start working on a client / viewer wrapper that does Scenario C

(Refer to the link below for the pictures of the different scenarios)

Transcript
[9:57] Crista Lopes: so here's some background schemes for this meeting: [9:57] Crista Lopes: http://opensimulator.org/wiki/Teleports#Teleport_Study_.282009-03-05.29 [9:58] Mic Bowman: why are teleports so driven by region-to-region comms? [9:59] Crista Lopes: right question! [9:59] Crista Lopes: :-) [9:59]  Mic Bowman: i can understand walking across adjancent region boundaries [9:59]  Crista Lopes: I realized that this conversation about authentication needs to make one step back  to agent transfers [9:59]  Mic Bowman: but it seems that there continues to be a "one admin domain"  constraint/assumption [10:00]  Crista Lopes: the way we decide to do agent transfers has a strong effect on the kind of authentication we need [10:00]  Mic Bowman: would teleports look the same if you had a "tabbed browser" and a "back button" [10:01]  Crista Lopes: I'm not sure where the current transfer scheme comes from -- maybe a guess about how the lindens do it and perhaps not understanding CAPs well enough [10:01]  Mic Bowman: another possibility is that if the destination region is down... you don't want to bounc someone completely from the grid [10:01]  Mic Bowman: HOWEVER... [10:02]  Mic Bowman: reconnecting to a destination... creating a default destination... etc are all reasonable responses that move teleport control to the client [10:02] daTwitch joins #opensim-gateway7000 [10:02] daTwitch: hah, I thought it was in-world LOL [10:03] Crista Lopes: hi daTwicth. If yo uwant to join in world go to [10:03] Crista Lopes: secondlife://ucigrid04.nacs.uci.edu:9007/ [10:03] daTwitch: that's ok, I can join in from here :) [10:03]  jhurliman: i think the main question a lot of people have been throwing around is "how do we investigate scenario C?" can it be done with the currently available tools? do we have to start over from scratch? etc [10:04]  Crista Lopes: another right question, jhurliman! [10:04]  sempuki1 joins #opensim-gateway7000 [10:04]  Crista Lopes: from what I understand, there's no way we can do Scenario C with the current viewer [10:05]  Crista Lopes: Hi everyone who is joining. Here's the material: [10:05]  Crista Lopes: http://opensimulator.org/wiki/Teleports#Teleport_Study_.282009-03-05.29 [10:05]  Crista Lopes: However, we can do scenario B with the current viewer [10:05]  mcortez joins #opensim-gateway7000 [10:06]  Crista Lopes: And again: http://opensimulator.org/wiki/Teleports#Teleport_Study_.282009-03-05.29 [10:06]  Crista Lopes: I'll let people stare at those pictures for a minute... [10:06] daTwitch: interesting [10:07] Crista Lopes: btw, the red-ish marks are the points at which authentication needs to happen [10:07] ocsean joins #opensim-gateway7000 [10:07] Crista Lopes: the green-ish areas are the regions of trust [10:09] Crista Lopes: so, my conclusion is the following: [10:09] Crista Lopes: Scenario A is just... wrong. And it complicates authentication quite a bit [10:09] coyled joins #opensim-gateway7000 [10:09] daTwitch: lulz [10:10] Crista Lopes: the advantage of A is that is distributes the load of agent transfer throughout the entire network [10:10] Mic Bowman: zhaewry, have you looked at crista's teleport workups? [10:10] Crista Lopes: http://opensimulator.org/wiki/Teleports#Teleport_Study_.282009-03-05.29 [10:10] ZhaEwry: Just readint hem now [10:11] daTwitch: Scenario C tends to be the most appealing for me [10:11]  Crista Lopes: ZhaEwry, how does OGP do it among those 3 scenarios? [10:12] sempuki1: forgive me for my ignorance of HG: but what is the "correct" scenario? to have your own client drive the process? [10:12] ZhaEwry: Well, one needs to be careful to distinguish between what's on VAAK, what's in the slightly broader discussion [10:12] Crista Lopes: VAAK? [10:12] mcortez parts #opensim-gateway7000 [10:13] ZhaEwry: (Sorry, the currently deployed beta from linden) [10:13] jhurliman: Crista: distributing the load? it looks like it's just adding more endpoints to the exchange (compared to C) [10:13] Crista Lopes: jhurliman: I was just trying to find something nice to say about it :-) [10:13]  jhurliman: ah, hehe [10:13]  Crista Lopes: So, Zha, what's currenlty on VAAK? [10:13]  ZhaEwry: What OGP does, is leave a permanent connection to the Agent Domain, and then has  the agent domain anchor the authenticatoni process, always getting the first seed-cap for the user [10:14]  ZhaEwry: and it passes that to whever the agent currently is rezzzed, to use to cause the teleport [10:14]  jhurliman: ok, here's something nice to say about it. for region crossing, you *have* to do a handoff between simulators if you want to preserve server-side elements such as running scripts. if you  can reuse that code to also do teleports... hey [10:14]  jhurliman: i'm not rooting for that solution, just saying something nice :) [10:14] ZhaEwry: (and at the moment, it doesn't hand off inventory) [10:14] Crista Lopes: So, Zha, is it something along the lines of Scenario B? [10:15]  Crista Lopes: jhurliman: Right, that would be an advantage, in theory :-) [10:15]  ZhaEwry: and.. once you have any "cross-grid" tp around, region hand-off has to account for it [10:15]  ZhaEwry: (and.. yes, its close to B) [10:15] jhurliman: ZhaEwry, why does region hand-off have to account for cross-grid teleport? [10:16]  ZhaEwry: (Well, it depends exactly how you do tp, but in general, there's a risk of the various  players losing track of where the agent is, because the local sim has done handoff, without telling allt he other pariticpant) [10:17]  Crista Lopes: right. But if the current region is disallowed from moving the agent at all, that  doesn't matter I think [10:17]  jhurliman: in scenario C the local sim isn't doing any handoff [10:17]  daTwitch: :) [10:17] ZhaEwry: In particular, if you walk across a sim handoff, and don't pass along things like "Home  authentication token" then.. its hard to do all the things we qnt to do [10:17] jhurliman: the client always knows how to get home, why does a token need to be passed  around during region crossing? [10:18] ZhaEwry: if the next sim you walk to, needs information about you, then the handoff as you do  edge touch, has to account for that [10:19] ZhaEwry: (if you fix inventory and assets to be deeply URIis, much of that simplifies) [10:19] Crista Lopes: but the token can be handed off by the trusted components [10:19] ZhaEwry: absolutely [10:19] jhurliman: sure, it needs state information. but things like "where is my home" and "what is the location of my inventory server" are not part of state information [ 10:20] sempuki1: I can't claim I've followed the whole discussion: what would change if you had a c lient you could change? [10:20] sempuki1: what would teh idea HG teleport be? [10:20] ZhaEwry: right, but  the stuff needed for a sim to be able to present a remote service a request  on behalf of an agent, so you can get things remotely, become part of that, and.. if you want any common notion of presence, you have similar issues [10:20] jhurliman: sempuki1, scenario C would be viable [10:20] sempuki1: viable, but how about ideal? [10:21] sempuki1: might as well add it here: http://wiki.realxtend.org/index.php/ReX-NG_Design_Document#Sections [10:21] Crista Lopes: ZhaEwry: do you know why inventory CAPs arent working? [10:21] ZhaEwry: I don't, but I have a question in to a couple of pet lindens, and likewise, I'm grubbing in the current OpenSimulator code (which seems to have mirrored Linden's turngint hem off) [10:22] ZhaEwry: there was a name change on the more recent RC client which seems to have been echoed on the beta grid by linden [10:23] Crista Lopes: are you saying they have Inv CAPs, just changed the name? [10:23] jhurliman: ZhaEwry, it depends how you do your security. it's convenient with capabilities, where you have a universal token that anyone can use. if your security model dictates that the client authorize each relying party, it's not part of the sim<->sim exchange [10:23] ZhaEwry: not sure, what I think is happening, is they messed it up the first time, so they are re-doing it, and re-naming it so  they don't get old clients trying to use the new caps. [10:23] ZhaEwry: (versioning on web servcie style requests is *so* much fun) [10:24] Nick____ joins #opensim-gateway7000 [10:24] Crista Lopes: So the inventory CAPs is the deciding factor for me between trying to continue to reuse this LL client and just simply forgetting about it and wrap it up under a web app [10:25] ZhaEwry nods [10:25] Crista Lopes: like lbsa71 proposed [10:25] ZhaEwry: We're doing two things in parallel [10:25] ZhaEwry: One is sorting out the caps stuff [10:26] ZhaEwry: the other is playing with distributed UUID resolution in the asset caching layer [10:26] Crista Lopes: ok -- that second part is already part of OpenSimulator -- it's not entirely right, but it can be made sort of right soon [10:26] ZhaEwry nods [10:27] ZhaEwry: for interestign values of "sort of right" [10:27] Crista Lopes: :-) hehehe [10:27]  Crista Lopes: well, yeah. One of these days we really need to implement a decent layer of name normalization across the board, not just for assets [10:27]  jhurliman: where is the distributed UUID resolution playing happening? is there an svn somewhere? [10:28]  Crista Lopes: in OpenSim? [10:28]  jhurliman: sorry, to ZhaEwry [10:28]  suzyq joins #opensim-gateway7000 [10:28]  ZhaEwry: Well, for the proper naming, it reall begs to be URIs of some form, and sorted with all sorts of things like less messy inventory management [10:28]  ZhaEwry: Not yet, its an internal skunkworks thing at the moment, but its built on current trunk [10:29]  Crista Lopes: so, getting back to the agent transfer scenarios and the implications on the client(s) [10:30]  Crista Lopes: we can do Scenario B with the current client [10:30]  suzyq: ZhaEwry: so i'm a skunk? :) [10:30] jhurliman: ah ok [10:30]  ZhaEwry: @suzy no Alan is [10:30]  Crista Lopes: Scenario C needs *alot* more reengineering [10:31] Crista Lopes: and not just on the client - on the server-side too, because we need to send more info to that client [10:31] Crista Lopes: btw on that picture with Scenario B I don't really mean that the user server actually drives that; it's more like a home region would do it. [10:32] ZhaEwry:  Home regoin, or "login/auth service" [10:32] jhurliman: Crista: i think both can be worked on in parallel, and individual developers can do their own prioritization. although that's not saying anything new i suppose [10:32] Crista Lopes: it's basically giving the control of the EventQueue to a trusted ocmponent [10:32] ZhaEwry: or having several [10:32] Crista Lopes: yes [10:33] Crista Lopes: sorry, jhurliman: I tend to merge strategy with tactics very often :-) [10:34]  Crista Lopes: It's just that I can't help to think: what's the fastest thing that I can do next without having to work for 3 months without seeing something interesting happening? [10:34]  Crista Lopes: but I confess that the Inv CAPs are a show-stopper here [10:35]  Crista Lopes: if there are no Inv CAPs in the next month, my next step is to write a client wrapper [10:35]  ZhaEwry: if we can get some motion on that, it would be good for all of us [10:35]  ZhaEwry: (and you want inv caps, on OpenSim, Diva?) [10:35]  Crista Lopes: yes, of course! that is is we are to continue to use the Linden Viewer for this [10:36]  ZhaEwry nods [10:36]  ZhaEwry: I think we can probably make sure that ahppens [10:36]  Crista Lopes: do you, really really really? (kid in candy store) [10:36]  ZhaEwry: (We were in those lines of code in OpenSimulator yesterday [10:36] Crista Lopes: but in the client? Will the client undersstand? [10:36] jhurliman: ZhaEwry, this is not an opensim thing [10:36] ZhaEwry: its both [10:37] ZhaEwry: You need both sides to understand, of course [10:37] jhurliman: there are dozens of developers that can add it to opensim in a heartbeat. diva could do it in her sleep i imagine. but none of us can touch the client [10:37] Crista Lopes: so my line is whether we can have a client that will understand those CAPs within the next month [10:37] ZhaEwry: Right. we've been looking at both ends at once, and we'll let you know [10:38] Crista Lopes: if that's not possible, I can do a client wrapper in a month [10:38] jhurliman: crista: what were you thinking for a client wrapper? [10:38] suzyq has viewer GPL coodies all over herself [10:38] jhurliman: i'm looking into a lot of things in the next few months that extend beyond just inventory. i might pursue the client wrapper myself if noone else is going to [10:39] Crista Lopes: something along the lines of what Stefan is doing with Tribal: That is, what you start is not the LL viewer, but some other tool that drives the Linden Viewer [10:39] ZhaEwry: @suzyq and I'm trying hard to not sign you up for this, but rather have you say "yeah, I can look at it" [10:39] suzyq: crista: i've been walking thru inventory caps today, and i'm still in spaghetti code. [10:39] jhurliman: for example, we still don't have http texture downloads. we still have grid messaging going over UDP for person- to-person IM. etc [10:39] Crista Lopes: right, jhurliman [10:39] jhurliman: crista: do you know if web_login_key still works with current viewers? [10:40] sempuki1: forgive me if this is a stupid idea, but can you not re-enable the inventory caps in opensim and hippo viewer, even if it means a subtle protocol break from SL? then you can just detect the viewer at login, and handle the break the same way one might handle a foreign protocol like say MXP or VastPark, etc? [10:40] Crista Lopes: having a viewer wrapper that we can have our collective hands on would allow us to work on multiple of those things at the same tije [10:40] Crista Lopes: *time [10:40] suzyq is in a call with her boss, so will be reading scrollback in a bit.. [10:40] jhurliman: sempuki1, sure. which viewer supports it though? [10:40] sempuki1: hippo now? rex later? [10:40] sempuki1: dunno the problem well enough.... [10:41]  jhurliman: if someone wants to pony up the development time to add it to the hippo viewer. my understanding is that we have very few resources, especially for big changes like that [10:41] Crista Lopes: sempuki1: the problem is that we don't have enough control over the viewer devs [10:41] jhurliman: *very few client resources [10:41] Crista Lopes: Hippo = "mana" [10:41] sempuki1: Crista, I have control over rex devs :) [10:42]  sempuki1: granted NG will take months to be remotely useful :( [10:42] jhurliman: sempuki1, is it possible to ping one of them and check if web_login_key still works with current LL viewers? [10:42] ZhaEwry: I'm pretty sure we're willing to debug the current inv caps in the client, and if we find bugs, we'll submit patches back to Linden [10:42] sempuki1: I think we have some interns we are keeping tainted, so I can ask, but I was thinking more along the lines of rex-ng [10:43] jhurliman: LL did a lot of the hard work of moving login authentication out of the client with their web login experiment. here's to hoping all that code wasn't bulldozed in a code revert [10:43] Crista Lopes: but will the Lindens add those patches within the next month? Or will they do it in March 2010? [10:43] ZhaEwry: I'll gently ask that one [10:43] Crista Lopes: :-) [10:44]  ZhaEwry: I think the "lure" of hypergird movgin towards caps for some stuff ought to encourage them [10:44]  sempuki1: jhurliman: Crista: send me an email that contains some idea where to look in the rex legacy code for how to re-enable it and I can asak [10:44]  suzyq: ZhaEwry: gently? ouch!  [10:44]  Crista Lopes: well, I think we need to go in some of these directions at the same time [10:44]  ZhaEwry is soft and cuddly  [10:44]  Crista Lopes: the viewer wrapper idea is one that I ike very very much, because it will pass the control of these important things to us. [10:45]  suzyq: i hate it when we invest time into working *around* viewer warts [10:45]  Crista Lopes: once we have that meta-component, we can finally test out the protocols [10:45]  Crista Lopes: I don't think it's a wart [10:45]  sempuki1:  suzyq: agreed completely :) [10:45] Crista Lopes: I think it's a way of validating the protocols that we need to secure this [10:45] Crista Lopes: then if the Lindens want to assimilate those protocols, great [10:46] suzyq: agree, just want to code it *in* the viewer is all [10:46] Crista Lopes: if they don't, great too. Someone else will write a viewer that integrates all of this [10:46] jhurliman: sempuki1, e-mail sent [10:46] sempuki1: thx [10:46] FrankNichols joins #opensim-gateway7000 [10:47] jhurliman: suzyq, once someone writes a BSD licensed viewer (nudge nudge realxtend), that may be a reality [10:47] Crista Lopes: but if Zha and suzy can make interesting things happen on the Linden viewer side, that would be great [10:48] Crista Lopes: but in any case, we're talking Scenario B, not C. For C, the reengineering is a lot more extensive [10:49] suzyq missed the scenario, cause i was late [10:49] jhurliman: crista: even with a client wrapper? [10:49] Crista Lopes: yes, jhurliman. It's not HUGE, and I think I know what needs to be done, but it's a longer way [10:49] Crista Lopes: we need to pass more info to the client [10:49] Crista Lopes: things that we are not passing now [10:50] Crista Lopes: basically, the agent info, attachements info, etc [10:50] Crista Lopes: suzy: http://opensimulator.org/wiki/Teleports#Teleport_Study_.282009-03-05.29 [10:50] suzyq: thx [10:51] suzyq: hey, sequence diagrams. i likie [10:51] Crista Lopes: and jhurliman: we will need to think harder about Event Queues [10:51] ZhaEwry: Event queues are a tool of the devil, just.. all the two-way http like paths are tools of the devil [10:51] Crista Lopes: note that I think Scenario C is "the right one". [10:52] sempuki1: jhurliman: replied [10:52] Crista Lopes: and jhurliman: we also need to think harder about space continuity, so neighboring regions [10:53] Crista Lopes: in summary: scenario C, which I think is "the right one", flips the table completely and we need to catch up with that energy :-) [10:53] suzyq: uci38: you mean sims that touch? [10:53]  Crista Lopes: yes [10:53]  ZhaEwry: I think that when you push toward "c"  you also get to ask some questions like "which services, currently impclicitly  done by the grid, now need to be explicitly done by different services" [10:53]  jhurliman: crista: sure. i'm coming at this with a six month timeline instead of a one month, so i'm more inclined to spend my own time on scenario C [10:53]  Crista Lopes: :-) [10:53] suzyq: yeah, and i'd also like to fix the regionhandle issue in the viewer. [10:53] Crista Lopes: I think we can do both [10:53] Crista Lopes: I love to write code and throw it away :-) [10:54]  jhurliman: so do i [10:54]  ZhaEwry: @crista  I think I throw away about 90% of what i write in a given year [10:54]  suzyq: ZhaEwry: oh, that explains a LOT [10:54]  jhurliman: hopefully in a year or two we can throw away libomv, and move to a "real" protocol :) [10:55] sempuki1: MMOX?? [10:55] Crista Lopes: I really dont mind making Scenario B work first, and then throw it away when we have some client that does C. [10:55]  ZhaEwry: Be careful what you wish for JH, everyone will throw darts at you if you own it  [10:55]  Crista Lopes: we always learn something valuable in the process [10:55] suzyq: jhurliman: i guess i learn by doing... so i gotta screw up a few times before finding the real protocol [10:55] jhurliman: sempuki1, hopefully some useful things come out of MMOX before it gets bogged down in trying to make a universal state melding protocol [10:56] jhurliman: sure [10:56] Crista Lopes: MMOX -- what's the hurry there? I think it's way too premature to try to do what you're trying to do [10:56] jhurliman: >? [10:56] ZhaEwry: @JH you don't think trying to solve wold huner is our first goal? (I personally woudl like to feed a few people and solve world hunger when we have a proof we can feed *soemeone* [10:56] Crista Lopes: nobody has ever tried to connect SL with, say, Forterra [10:56]  cmickeyb: ZhaEwry, very good analogy [10:56]  cmickeyb: :-) [10:57] sempuki1: Crista: agreed wrt MMOX [10:57] ZhaEwry: (I've been trying to hone the right analogy to still Jon Watte's cries of "but it doesn't solev world hunger") [10:57] Crista Lopes: anyway, this is great! I got a lot from this meeting: [10:58] jhurliman: ZhaEwry, it's our IETF mandate to discuss technical implementations when we have no clear consensus on what the scope of our work is, but i don't want to drag the MMOX carcass into this perfectly civil discussion [10:58] Crista Lopes: (a) IBM is going to "gently" ask a few things from the Lindens for making the viewer more cooperative [10:58] cmickeyb: crawl walk run...  [10:58]  sempuki1: ha! [10:58] ZhaEwry: @crista, it depends how you peel the onion at MMOX, I'm hoping to keep it focused on things which advance the SL like ecosysytem, and grow out towards bigger problems [10:58] Crista Lopes: (b) jhurliman is going to look into a viewer wrapper that will free us from indirect control of the viewer component [10:59] cmickeyb: crista, the real point of influence in both of these discussions is implementation...  [10:59]  Crista Lopes: (c) I'm going to play around with Scenario B, on the hope that there will be Inv CAPs sometime soon [10:59] cmickeyb: is there a way to sync up our implementation efforts more clearly? [11:00] cmickeyb: i'm not convinced that small deltas in the opensim codebase is the right way... but i'd really like your thoughts on that? [11:00] ZhaEwry: @cmickeyb do you have a mind-melder-3000 we can brorow? [11:00] Crista Lopes: lol [11:00] cmickeyb: i WISH [11:00] Crista Lopes: no but he's a manager :-) [11:00]  cmickeyb: oh please... [11:00]  cmickeyb: :-) [11:01] cmickeyb: (a manager up to his eyeballs in code alligators today) [11:01] ZhaEwry: 24 years of corporate research and never been talked into managing ;-) [11:01]  Crista Lopes: Honestly: I don't know, other than hope that jhurliman will place his code on a public SVN [11:01]  sempuki1: I'd find out jhurliman's SVN passwords and commit mischief to mono trunk [11:01]  Crista Lopes: I'll do my playing very carefully within OpenSimulator trunk [11:02]  sempuki1: Crista: If I may, I would like to invite you to educate realxtend on what you want from HG in 6 months so we can include it in our new viewer. [11:02]  jhurliman: sempuki1, we can build a virtual world into the mono runtime [11:02]  Crista Lopes: sure, sempuki1! [11:02]  sempuki1: ha! [11:02]  Crista Lopes: let me know how you want to do that, and I'll gladly do it [11:02]  sempuki1: we should chat in #realxtend-dev some day [11:03]  jhurliman: sempuki1, a working viewer with modular code would be more than enough for most things [11:03] ZhaEwry: I'm assuming that nobody is going to weep if we put the Agent-domain bit we've done onto gridforge [11:03] Crista Lopes: what is gridforge? [11:03] sempuki1: I guess first you could look at our current document: http://wiki.realxtend.org/index.php/ReX-NG_Design_Document#Sections [11:03] sempuki1: and make criticisms [11:04] ZhaEwry: The place for non-trunk SVNs for opensim stuff [11:04] Crista Lopes: will do, sempuki1 [11:04] sempuki1: then give us an "ideal" flow how HG should work "properly" [11:04] Crista Lopes: I'd like to look at that, ZhaEwry [11:04] cmickeyb: gridforge == forge.opensimulator.org ??? [11:05] sempuki1: it may be enough to just send all your collected HG documentation to me.... [11:05] sempuki1: I haven't had time to seek out HG myself [11:05] Crista Lopes: sempuki1: "documentation"? *laughs* [11:06] Crista Lopes: jhurliman: you should also talk to lbsa71. [11:06] sempuki1: :) [11:06]  Crista Lopes: they're been doing that kind of tool for a while, tricking the LL Viewer into ignoring the login process, etc [11:07]  Crista Lopes: basically, using the LL Viewer as a component within this other client-thing [11:08]  Crista Lopes: ok, so, thanks everyone for coming. This was really great! :-) [11:08] Crista Lopes: we can continue to chat, but let's officially end this meeting.