[Opensim-dev] Lively

Dr Scofield DrScofield at xyzzyxyzzy.net
Tue Jul 15 12:37:35 UTC 2008 

Stefan Andersson wrote:
> Well, I've been nagging everybody about us starting to think of what 
> the 'base cases' are; for example,
>  
> if our base-base-base case was "the standalone region open to 
> unauthenticated and anonymous access, but allowing no editing 
> whatsoever" then one could start thinking about how that region would 
> actually set up sessions, fetch needed data (what data?) and how you 
> would hand-off sessions between such regions (like, what would 
> 'teleport' mean between disconnected regions?)
>  
> Just to give you an idea; If we had "avatar appearance" implemented as 
> a REST service, the only thing the base case would need to create the 
> avatar would be a web page that it could GET an avatar appearance from.
>  
> This would mean that ANY region could use your static (xml?) web page 
> as a template to show your avatar to the others in the region - you 
> don't have an 'avatar appearance domain service' - merely a web page.
>  
> Of course, if you would POST an avatar appearance to it, it couldn't 
> be a static web page, it would have to be some simple php page 
> accepting that data and storing it.
>  
> Now, the security problem; you would never do a php page that would 
> take whatever from whoever, so, either the region had to provide some 
> authentication, or you simply have a "home region" which is the only 
> one allowed to post appearance from. In effect, you would only be able 
> to modify your avatar when being in a trusted region.
>
> This kind of scenario would solve quite a lot of features with a 
> minimal amount of protocol design.
>  
> And yes, assets; it would be quite doable to create an asset model 
> where all local asset id's were dynamically translated to and from 
> URLs - hence solving quite a lot of other features and problems with a 
> minimal amount of effort.
>
> The asset Id could (should, imnsho) be seen as an affair purely 
> between the client and the region; ie, no two regions would have the 
> same asset id for the same url data. Or, it could be the regions sha-1 
> hash or the binary data, if a region wants to communicate with a 
> shared and trusted asset cache instead of directly to the url.
>  
> No, I'm not talking specific solutions here, just trying to wedge us 
> away from the predominant mind-set onto something truly new and glorious.
i've to say, i like all that.

-- 
dr dirk husemann ---- virtual worlds research ---- ibm zurich research lab
SL: dr scofield ---- drscofield at xyzzyxyzzy.net ---- http://xyzzyxyzzy.net/
RL: hud at zurich.ibm.com - +41 44 724 8573 - http://www.zurich.ibm.com/~hud/

More information about the Opensim-dev mailing list