[Opensim-dev] Accessing textures via HTTP [bayes]

Diva Canto diva at metaverseink.com
Wed Mar 18 18:38:41 UTC 2009 

The road to security is like an obstacle course in the Olympics. The 
obstacles range from really easy (what's happening out there with 
OpenID, and the current opensim access to inventory) to really hard 
(have the server disconnected from the public network and require the 
physical presence of users in the server room). Honestly, I don't think 
OpenSim should decide on "the right" level of hardship -- that should be 
up  to the people who set up grids to decide.

What we can do is to provide a few reasonable function points along that 
obstacle course. And I think that one of those points is, indeed, the no 
obstacles whatsoever -- there are many use cases for OpenSim where 
security is not an issue; standalone applications, for example, and 
applications purely inside firewalls.

Having said that, I think this discussion is diverging. The issue at 
hand here is MXP, and what Tommil/Dahlia want to do in the Idealist 
viewer with respect to images. Given how easy it is to configure things 
in OpenSim, this discussion is theirs. OpenSim does not need to (and 
should not) converge to one single strategy. Make it configurable, always.

Kyle Hamilton wrote:
> I was under the impression that the asset server was going to require
> authentication regardless.  It would be possible to keep track, for
> each agent, what textures have been 'authorized' (by being in view).
> Remember, we can't protect content in the cache of the client, and the
> client can be hostile.  Anyone can do it, and it doesn't matter what
> kinds of roadblocks are put in the way.
>
> This is why some means of detecting copyright violations is necessary.
>  I'm sorry that my proposal, 6 months ago, was dropped.  It seems to
> be the only sustainable way to ensure that these kinds of violations
> get noticed.
>
> -Kyle H
>
> On Wed, Mar 18, 2009 at 11:08 AM, Dahlia Trimble
> <dahliatrimble at gmail.com> wrote:
>   
>> The current j2k assets transferred over via the xfer protocol provides a
>> rudimentary protection for texture assets. Opening the doors to jpeg
>> textures via http effectively makes all textures available for download by
>> any web browser. This is significantly reduced asset security and may
>> violate license distribution agreements for existing texture assets.
>> Any position to reduce asset security in such a manner may be seen as
>> hostile toward copyright holders of existing content.
>> Personally I will *not* allow any of my non-open content to be distributed
>> in this manner.
>>
>> On Wed, Mar 18, 2009 at 10:57 AM, Tommi Laukkanen
>> <tommi.s.e.laukkanen at gmail.com> wrote:
>>     
>>> I would not go so far that I would suggest we should go and try to
>>> protect our assets by using semi supported image format instead of
>>> well supported format...
>>>
>>> -Tommi
>>> _______________________________________________
>>> Opensim-dev mailing list
>>> Opensim-dev at lists.berlios.de
>>> https://lists.berlios.de/mailman/listinfo/opensim-dev
>>>       
>> _______________________________________________
>> Opensim-dev mailing list
>> Opensim-dev at lists.berlios.de
>> https://lists.berlios.de/mailman/listinfo/opensim-dev
>>
>>
>>     
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20090318/0861bfa5/attachment-0001.html>

More information about the Opensim-dev mailing list