IETF Logo Mail Archive

Re: [ogpx] verbiage : domain, agent domain, region domain, trust domain, service, etc.

David W Levine <dwl@us.ibm.com> Mon, 29 March 2010 20:44 UTC

Return-Path: <dwl@us.ibm.com>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F04223A6AE0; Mon, 29 Mar 2010 13:44:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.168
X-Spam-Level:
X-Spam-Status: No, score=-4.168 tagged_above=-999 required=5 tests=[AWL=-1.300, BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SxDsPjz+f6IP; Mon, 29 Mar 2010 13:44:01 -0700 (PDT)
Received: from e4.ny.us.ibm.com (e4.ny.us.ibm.com [32.97.182.144]) by core3.amsl.com (Postfix) with ESMTP id C39443A6992; Mon, 29 Mar 2010 13:44:00 -0700 (PDT)
Received: from d01relay07.pok.ibm.com (d01relay07.pok.ibm.com [9.56.227.147]) by e4.ny.us.ibm.com (8.14.3/8.13.1) with ESMTP id o2TKWsAH025211; Mon, 29 Mar 2010 16:32:54 -0400
Received: from d01av01.pok.ibm.com (d01av01.pok.ibm.com [9.56.224.215]) by d01relay07.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id o2TKiM0R2007208; Mon, 29 Mar 2010 16:44:22 -0400
Received: from d01av01.pok.ibm.com (loopback [127.0.0.1]) by d01av01.pok.ibm.com (8.14.3/8.13.1/NCO v10.0 AVout) with ESMTP id o2TKiLUa003254; Mon, 29 Mar 2010 16:44:21 -0400
Received: from d01ml605.pok.ibm.com (d01ml605.pok.ibm.com [9.56.227.91]) by d01av01.pok.ibm.com (8.14.3/8.13.1/NCO v10.0 AVin) with ESMTP id o2TKiLSp003243; Mon, 29 Mar 2010 16:44:21 -0400
In-Reply-To: <b325928b1003291016i5c07e6d9na0feda9faf930aeb@mail.gmail.com>
References: <b325928b1003291016i5c07e6d9na0feda9faf930aeb@mail.gmail.com>
To: Meadhbh Hamrick <ohmeadhbh@gmail.com>
MIME-Version: 1.0
X-KeepSent: BFBED893:69AA3E2B-852576F5:006184FA; type=4; name=$KeepSent
X-Mailer: Lotus Notes Release 8.0.2 HF623 January 16, 2009
Message-ID: <OFBFBED893.69AA3E2B-ON852576F5.006184FA-852576F5.0071ECAF@us.ibm.com>
From: David W Levine <dwl@us.ibm.com>
Date: Mon, 29 Mar 2010 16:44:20 -0400
X-MIMETrack: Serialize by Router on D01ML605/01/M/IBM(Release 8.5.1HF41 | October 22, 2009) at 03/29/2010 16:44:20, Serialize complete at 03/29/2010 16:44:20
Content-Type: multipart/alternative; boundary="=_alternative 0071ECAF852576F5_="
Cc: ogpx-bounces@ietf.org, ogpx <ogpx@ietf.org>
Subject: Re: [ogpx] verbiage : domain, agent domain, region domain, trust domain, service, etc.
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual World Region Agent Protocol - IETF working group <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Mar 2010 20:44:03 -0000

ogpx-bounces@ietf.org wrote on 03/29/2010 01:16:18 PM:

> [image removed] 
> 
> [ogpx] verbiage : domain, agent domain, region domain, trust domain,
> service, etc.
> 
> Meadhbh Hamrick 
> 
> to:
> 
> ogpx
> 
> 03/29/2010 01:17 PM
> 
> Sent by:
> 
> ogpx-bounces@ietf.org
> 
> so... there's been some grumbling about the use of terminology on the
> list and in drafts. at the f2f we reiterated the need to agree on some
> basic terms. as i'm sure we all have one or two things to say about
> this subject, let's get the ball rolling...
> 
> as many people on this list know, the terms "agent domain" and "region
> domain" come from the previous OGP work. the term "domain" was
> originally thought to mean "a collection of machines administered by
> the same authority." an "agent domain" was a domain that managed
> user-oriented data: profile info, avatar presence, IM services,
> inventory, etc. a "region domain" was a domain that managed
> place-oriented data and processes: object presence, simulation, etc.
> 
> as the model was developed and we gained more deployment expertise, a
> couple things became clear:
> 
> 1. there's a high quality implementation of an asset service out there
> (cable beach) which _could_ be deployed independently of an OpenSim or
> LL instance. does this mean we should have an "asset domain"?
> 
> 2. linden deployment patterns (which formed the basis of early drafts)
> may not be used by all participants. specifically, an agent domain may
> "contract out" fulfillment of certain services to a third party. think
> of the way that linden currently deploys maptiles by way of amazon S3.
> for the purposes of managing maptiles, is S3 considered part of the
> linden agent domain? functionally it is, but even though it is trusted
> by linden,machines that serve the maptile requests will always be
> identified as belonging to amazon. (more info at
> http://aws.amazon.com/solutions/case-studies/linden-lab/ )
> 
> in response to point 1, several of us started to think that we
> probably would want to think about what makes a domain a region or
> agent domain, and if it's possible to have an "asset domain." this led
> to some verbiage in an earlier intro and goals draft that described
> "agent domains" as domains that contain an authentication service and
> "region domains" as domains that expose an object presence service.
> other groups of systems administered by the same entity were simply
> "domains"
> 
> fortunately, no one noticed we didn't define the term "service"
> especially rigorously. but i think there was general consensus that a
> "service" was a collection of "protocol endpoints" that performed a
> function on behalf of a client. an "endpoint" was an entity with an
> address that represented a RESTful resource that could be accessed to
> change or query the state of a service. for the most part, we talked
> of endpoints as being HTTP(S) urls, as most of us had experience with
> doing "OGP over HTTP."
> 
> while some of us debated the merits of various terms, others of us
> were wrestling with issue 2 above: what constitutes a domain? are all
> machines in a domain trusted by each other? what about when you add
> services from multiple domains, does that make a new domain? should we
> call it something else to highlight the fact that some of the machines
> in the domain may not trust other machines in the domain explicitly?
> if so, then why the heck do we have the term domain?
> 
> one suggestion was to redefine the term "domain" to mean "a collection
> of machines." then the term "trust domain" is used to define a
> collection of machines that share a trust relationship. a "composite
> domain" may be used to describe machines from two distinct trust
> domains that cooperate to deliver a service. "services," in turn are
> contained entirely in a domain. (so if a service is delivered by
> machines in two different trust domains, i.e. it's a composite domain,
> then that service is said to be contained by the composite domain, not
> the two trust domains that cooperate to deliver the service.)
> 
> so. ugh. what do we say about this:
> 
> domain - a collection of machines
> 
> trust domain - a domain whose members share trust characteristics.
> 
> trust characteristic - an abstract description of which entities are
> allowed to access which services on which members of a domain.
> 
> composite domain - a domain whose members are composed of two or more
> distinct trust domains. note that a composite domain may form a new
> trust domain.
> 
> service - a collection of protocol endpoints that implement a function
> (like authentication, inventory, IM, search, etc.)
> 
> (protocol) endpoint - the address of a RESTful resource a client may
> use to query or change the state of a service.
> 
> agent domain - a domain that exposes an authentication service.
> 
> region domain - a domain that exposes an object presence services.
> 
> comments? questions? death threats?
> 
> --
> meadhbh hamrick * it's pronounced "maeve"
> @OhMeadhbh * http://meadhbh.org/ * OhMeadhbh@gmail.com

First, +1 (if not more) on getting the terminology coherent. The time has 
come to speak of things... We need names for the things, and we need those 
names in the base drafts, with nice crisp definitions. 

Names only help when they add real value. If we can't crisply say "This is 
a Blongezorf, and this isn't." we're merely muddying the waters. For 
domain, this is especially tricky as there are several very good and 
normal uses of Domain, both in Distributed Computing, and to and extent 
the casual discussion centering around the specs today. 

>From my perspective, there's a nice progression of things which we can 
define.

We have a set of "messages" which are defined in LLIDL, which laminate 
together into interaction patterns
(Post message X, Get response set Y1-Y7, post message Q) Mark that as a 
"service" , marked off by one or more capabilities.  Those services 
combine into a a cluster of services which form a capital "s" Service, 
such as a "Asset Server" or an "Inventory Service" 

I tend to think about the core "capital S" services as what we're busy 
defining. I'm not at all sure that, given the diversity of deployment 
patterns, defining "Domains" which tie to these into clusters beyond what 
people deploy actually adds any depth to the explanatory framework. I can 
see that there may well be some clusters of "Big S" services which often 
cluster, which may be worth looking at, if there is useful power in naming 
those clusters. Unless those clusters form of necessity, not habitual 
deployment, I'm thinking they would be a non-normative term used elucidate 
rather than define. 

- David
~ Zha

v2.23.0 | Report a Bug | By Email