Re: [ogpx] Unique identities (was: Names, Identity and Protocol elements)

Michael Dickson <mike.dickson@hp.com> Sun, 21 March 2010 15:39 UTC

Return-Path: <mike.dickson@hp.com>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 932F73A69A4; Sun, 21 Mar 2010 08:39:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.869
X-Spam-Level:
X-Spam-Status: No, score=-102.869 tagged_above=-999 required=5 tests=[BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 66HqGhaZYGa6; Sun, 21 Mar 2010 08:39:43 -0700 (PDT)
Received: from g4t0016.houston.hp.com (g4t0016.houston.hp.com [15.201.24.19]) by core3.amsl.com (Postfix) with ESMTP id D7F323A6823; Sun, 21 Mar 2010 08:39:41 -0700 (PDT)
Received: from g5t0012.atlanta.hp.com (g5t0012.atlanta.hp.com [15.192.0.49]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by g4t0016.houston.hp.com (Postfix) with ESMTPS id 5FB27141E8; Sun, 21 Mar 2010 15:39:57 +0000 (UTC)
Received: from [192.168.1.139] (conr-adsl-209-169-71-194.consolidated.net [209.169.71.194]) by g5t0012.atlanta.hp.com (Postfix) with ESMTPSA id 5159610003; Sun, 21 Mar 2010 15:39:56 +0000 (UTC)
From: Michael Dickson <mike.dickson@hp.com>
To: Morgaine <morgaine.dinova@googlemail.com>
In-Reply-To: <e0b04bba1003201935v5d3db2e8y48831f65a9663d7b@mail.gmail.com>
References: <20100320133911.GA9372@alinoe.com> <e0b04bba1003201935v5d3db2e8y48831f65a9663d7b@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Date: Sun, 21 Mar 2010 10:38:21 -0500
Message-ID: <1269185901.2151.7.camel@mdickson-laptop.local>
Mime-Version: 1.0
X-Mailer: Evolution 2.28.3
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: AAAAAQAAAAI=
X-Whitelist: TRUE
Cc: "ogpx-bounces@ietf.org" <ogpx-bounces@ietf.org>, "ogpx@ietf.org" <ogpx@ietf.org>
Subject: Re: [ogpx] Unique identities (was: Names, Identity and Protocol elements)
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual World Region Agent Protocol - IETF working group <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Mar 2010 15:39:44 -0000

On Sun, 2010-03-21 at 02:35 +0000, Morgaine wrote:
> I agree with this advice entirely. +1
> 
> Note however that you don't need to chisel bits off UUIDs in order to
> tag them with provider information.  Do it cleanly, by leaving the
> UUIDs safe and untouched as full 128-bit entities as they are supposed
> to be, but associate them with a separate unique provider field.
> After all, there is no need for single-field atomicity nor the whole
> unique identity fitting into 128 bits.  Cramming the 2-part
> information into 128 bits is premature optimization, and is actually
> unhelpful since the provider field should be separable.
> 
Trying to store semantics in the UUID or interpret it in some way is not
a good idea IMO, I agree with Morgaine. I wont get into details but its
caused issues in the past when it was done. Especially when you end up
with cases where two or more "authorities" merge and you somehow need to
mash together their name spaces (since one of the reasons for a merger
in the first place is some economies of scale from not having duplicate
infrastructure).  

As inconvenient as the separate lookup may seem, using a guaranteed
unique UUID mapping into a separate table with a lookup is the way to
go, IMO.  The same with agent names. Having a UUID for the agent is the
right approach with a seperate action to resolve to a human readable
name.

Mike

> And finally, I'll point out a post from last June about agent
> identifiers which is consistent with your advice.  The unique agent
> identity should indeed be quite separate from the agent's chosen world
> name, as well as from the identity used for account authentication.
> 
> Note also that Joshua likewise supported this kind of separation in
> the post to which I was responding, so I think there is broad
> agreement that this is a good approach.
> 
> 
> Morgaine.
> 
> 
> 
> 
> 
> ===============================
> 
> On Sat, Mar 20, 2010 at 1:39 PM, Carlo Wood <carlo@alinoe.com> wrote:
>         Uniqueness in general
>         ---------------------
>         
>         The generation of unique IDs is quite interesting by itself.
>         And quite a few unique IDs are needed in a good VWRAP
>         protocol.
>         The approach taken by LL is generating number so huge that
>         they are unique by chance. This has two disadvantages: it
>         increases bandwidth usage and it requires to look up those
>         ID's in huge trees, because these ID's cannot contain
>         information
>         in itself. Finally, it is not always possible to have
>         untrusted
>         parties (ie, the viewer) generate UUID's, because they can
>         be set to anything and therefore deliberately still match
>         another already existing UUID.
>         
>         Another approach to generate unique ID's is to devide Unique
>         ID's over "Authorities" that can generate such ID's (these
>         would be servers). Each Authority would need a unique ID
>         by itself, and can then generate an arbitrary number of other
>         unique ID's by appending a locally unique number to it's
>         own ID. Likewise, the authorities ID could exist of an ID
>         unique for the administration running the server plus a
>         number unique within that administration and assigned by
>         that administration. This is, for example, the approach
>         that hardware vendors are using to identify hardware being
>         plugged into a PC. The ID itself contains a part that shows
>         one that the chip is made by nvidia (for example).
>         The advantage of that is, apart from that the ID's can be
>         much smaller, that each ID immediately contains a part
>         that reveals who is the authority, which then can be used
>         for routing the message to that authority, etc.
>         
>         Authorities are very important concept as well. In order
>         to avoid collisions (making incompatible changes to the same
>         thing in different places on the network, after which
>         re-synchronization becomes a nightmare), it is necessary
>         to route all messages regarding 'X', to a single authority,
>         the authority of X. Changing 'X' then exists of requests to
>         change it, and the authority will inform the requester if
>         this succeeded or not. For example, if on a given grid
>         someone creates a new chat group, then the viewer sends
>         a request to the authority of that chat group name (which
>         can be distributed by using the first character(s) of
>         the name to assign it's authority). That way, if two
>         people try to create the same group at the same time,
>         only one will succeed.
>         
>         Another reason that makes using authority-generated ID's
>         an advantage is that they are robust: it makes it impossible
>         to have a viewer generate an ID (see security problem above)
>         by accident; and it certainly makes it impossible to use
>         ID's in the protocol that also have the function of being
>         human readable! A mistake made many times in the current
>         protocol of SL: avatar names, region names, group names,
>         ... all of them are not only the human readable texts that
>         we want to see, they are ALSO the ID's of themselves by
>         which they are recognized in the protocol :(. As a result,
>         it is impossible to change them. Human readable text should
>         be nothing more than meta data. Hell, you could even give
>         a region more than one name, depending on the language
>         of the one visiting it. All protocol should use authority-
>         generated ID's, which by nature cannot be human readable.
>         The server would include human readable meta data for each
>         ID that represents something in-world, and the viewer would
>         do ID <--> human readable name mapping back and forwards
>         locally. Changing the name of something would be as easy
>         as sending a request to the ID authority to change the
>         name (resulting in a message with the new meta data to
>         everyone using it, without the slightest risk of a desync
>         during that update. You could even just wait till the
>         next login before providing the new meta data).
>         
>         --
>         Carlo Wood <carlo@alinoe.com>
>         _______________________________________________
>         ogpx mailing list (VWRAP working group)
>         ogpx@ietf.org
>         https://www.ietf.org/mailman/listinfo/ogpx
>