<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Dr Scofield wrote:
<blockquote cite="mid487C9A0F.9060306@xyzzyxyzzy.net" type="cite">
<pre wrap="">Stefan Andersson wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Well, I've been nagging everybody about us starting to think of what
the 'base cases' are; for example,
if our base-base-base case was "the standalone region open to
unauthenticated and anonymous access, but allowing no editing
whatsoever" then one could start thinking about how that region would
actually set up sessions, fetch needed data (what data?) and how you
would hand-off sessions between such regions (like, what would
'teleport' mean between disconnected regions?)
Just to give you an idea; If we had "avatar appearance" implemented as
a REST service, the only thing the base case would need to create the
avatar would be a web page that it could GET an avatar appearance from.
This would mean that ANY region could use your static (xml?) web page
as a template to show your avatar to the others in the region - you
don't have an 'avatar appearance domain service' - merely a web page.
Of course, if you would POST an avatar appearance to it, it couldn't
be a static web page, it would have to be some simple php page
accepting that data and storing it.
Now, the security problem; you would never do a php page that would
take whatever from whoever, so, either the region had to provide some
authentication, or you simply have a "home region" which is the only
one allowed to post appearance from. In effect, you would only be able
to modify your avatar when being in a trusted region.
This kind of scenario would solve quite a lot of features with a
minimal amount of protocol design.
And yes, assets; it would be quite doable to create an asset model
where all local asset id's were dynamically translated to and from
URLs - hence solving quite a lot of other features and problems with a
minimal amount of effort.
The asset Id could (should, imnsho) be seen as an affair purely
between the client and the region; ie, no two regions would have the
same asset id for the same url data. Or, it could be the regions sha-1
hash or the binary data, if a region wants to communicate with a
shared and trusted asset cache instead of directly to the url.
No, I'm not talking specific solutions here, just trying to wedge us
away from the predominant mind-set onto something truly new and glorious.
</pre>
</blockquote>
<pre wrap=""><!---->i've to say, i like all that.
</pre>
</blockquote>
<br>
</body>
</html>