IETF Logo Mail Archive

Re: [ogpx] Protocol for permitting policy decisions

Magnus Zeisig <magnus.zeisig@iis.se> Thu, 08 October 2009 10:29 UTC

Return-Path: <magnus.zeisig@iis.se>
X-Original-To: ogpx@core3.amsl.com
Delivered-To: ogpx@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 85B2928C24E for <ogpx@core3.amsl.com>; Thu, 8 Oct 2009 03:29:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.758
X-Spam-Level:
X-Spam-Status: No, score=-5.758 tagged_above=-999 required=5 tests=[AWL=0.491, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 59+pwi8WKcTh for <ogpx@core3.amsl.com>; Thu, 8 Oct 2009 03:29:15 -0700 (PDT)
Received: from cleaner.prod.iis.se (cleaner.prod.iis.se [212.247.7.212]) by core3.amsl.com (Postfix) with ESMTP id 1E28528C24A for <ogpx@ietf.org>; Thu, 8 Oct 2009 03:28:53 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by cleaner.prod.iis.se (Postfix) with ESMTP id 8242EA8003; Thu, 8 Oct 2009 10:30:34 +0000 (UTC)
Received: from cleaner.prod.iis.se ([127.0.0.1]) by localhost (cleaner.prod.iis.se [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 07826-08; Thu, 8 Oct 2009 10:30:21 +0000 (UTC)
Received: from pgpkeys.office.nic.se (pgpkeys.office.nic.se [212.247.204.14]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by cleaner.prod.iis.se (Postfix) with ESMTP id 872A2A8008; Thu, 8 Oct 2009 10:30:21 +0000 (UTC)
Received: from EXCH2K7HUB-RV.office.nic.se ([212.247.204.21]) by pgpkeys.office.nic.se (PGP Universal service); Thu, 08 Oct 2009 12:30:21 +0200
X-PGP-Universal: processed; by pgpkeys.office.nic.se on Thu, 08 Oct 2009 12:30:21 +0200
Received: from Exchange2k7.office.nic.se ([169.254.1.222]) by EXCH2K7HUB-RV.office.nic.se ([212.247.204.21]) with mapi; Thu, 8 Oct 2009 12:30:20 +0200
From: Magnus Zeisig <magnus.zeisig@iis.se>
To: Morgaine <morgaine.dinova@googlemail.com>
Date: Thu, 8 Oct 2009 12:30:20 +0200
Thread-Topic: [ogpx] Protocol for permitting policy decisions
Thread-Index: AcpH+6vkIYVAUpUcSYmJ02uoCpu88QABotWQ
Message-ID: <983F17705339E24699AA251B458249B50CC48CB6E2@EXCHANGE2K7.office.nic.se>
References: <983F17705339E24699AA251B458249B50CC48CAEBF@EXCHANGE2K7.office.nic.se> <3a880e2c0910051239t3dcae895x4f6d5f4bf5d64cd@mail.gmail.com> <20091007203535.GA13882@alinoe.com> <983F17705339E24699AA251B458249B50CC48CB683@EXCHANGE2K7.office.nic.se> <e0b04bba0910080241x548b6ff9tbc558aaa069b15be@mail.gmail.com>
In-Reply-To: <e0b04bba0910080241x548b6ff9tbc558aaa069b15be@mail.gmail.com>
Accept-Language: sv-SE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: sv-SE
MIME-Version: 1.0
Content-Language: sv-SE
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: Debian amavisd-new at cleaner.prod.iis.se
Cc: "ogpx@ietf.org" <ogpx@ietf.org>
Subject: Re: [ogpx] Protocol for permitting policy decisions
X-BeenThere: ogpx@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual Worlds and the Open Grid Protocol <ogpx.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ogpx>
List-Post: <mailto:ogpx@ietf.org>
List-Help: <mailto:ogpx-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ogpx>, <mailto:ogpx-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2009 10:29:16 -0000

Morgaine,

No, you are still stuck in the concept of one virtual world equals one AD plus one RD, even if you say you recognize a future more complex service pattern. VW=AD+RD does not have to be the case with VWRAP. If it _happens_ to be the case and the entity controlling AD2 and RD2 wants to enforce AD2 policy for those visiting RD2, then they can move, duplicate or mirror the enforcement of that policy from AD2 to RD2, which they can do without problems as long as they control both. If they don't control both, then it's entirely up to the entity controlling RD2 if they for some reason want to enforce the policy of the entity controlling AD2. So I see no reason whatsoever why symmetry is required.

Policy is not decided and enforced by the AD, the RD or any service connected with them, it is decided and enforced by the entities behind them. If the same entity controls an AD and a RD, then it's meaningless to try to divide up that entity's policy into AD policy and RD policy, because it can enforce that policy at any level, type of domain or connected service it controls.

But, like you, I am totally in favor of letting the entity controlling the destination RD decide policy once the agent is there. However, if the agent's own AD for some reason wants to stop the agent from going there, then I think it should have the possibility to do so. In all honesty, I don't think an AD imposing undue restrictions on where people are allowed to go or what they are allowed to do there will survive for long though, once competition is in place. You may have to start out fresh, with a new AD, without the assets and inventory connected to the old AD, but I think most people are willing to take that step if they feel their freedom is too limited.

Best regards,

Magnus


-----Ursprungligt meddelande-----
Från: Morgaine [mailto:morgaine.dinova@googlemail.com] 
Skickat: den 8 oktober 2009 11:42
Till: Magnus Zeisig
Kopia: ogpx@ietf.org
Ämne: Re: [ogpx] Protocol for permitting policy decisions

Magnus,

If ADs are involved in region policy, then in the multi-world deployment pattern, AD2 will have to be consulted when agent A1 teleports from RD1 to RD2, because AD2 will be involved in region policy too.  It's symmetric with AD1.

This is what Joshua wanted to avoid, and it can only be avoided by not giving ADs policy control over regions, otherwise symmetry requires that AD2 be consulted as well.

It's this kind of problem that reinforces what David's been saying about the right mess we currently have when talking about domains determining policy.  The AD/RD split was reasonably adequate when OGP was only extending a single world with policy-free regions, but it is insufficient to do a good job once we get into multi-world deployments with more complex service and policy patterns which require much more flexibility.


Morgaine.




==================================


On Thu, Oct 8, 2009 at 9:48 AM, Magnus Zeisig <magnus.zeisig@iis.se> wrote:


	
	-----BEGIN PGP SIGNED MESSAGE-----
	Hash: SHA256
	 
	I am strongly in favour of leaving policy descisions to the RD, but since there seems to be a need for at least some AD managers to be able to make policy decisions as well, I guess the protocol handshake need even more flexibility than the versions scetched on by Meadhbh, Carlo and me so far. I will adapt the diagram style of Meadhbh and Carlo (http://www.ietf.org/mail-archive/web/ogpx/current/msg00520.html), since it's more readable than my text-flow variant. Also, I will leave out parameter examples since there seem to be a risk people get hooked on if a certain parameter should be included or not, rather than the possibility of handling any parameter.
	 
	I may be paranoid, but I still prefer agent domains to be allowed, but not forced by protocol, to reduce the dissemination of information about their clients as far as possible, and there Carlo's AND version in the response is a good step forward (http://www.ietf.org/mail-archive/web/ogpx/current/msg00520.html). We might even wind up with negotiations where one domain requests the actual values while the other domain only wants to disseminate a reply to if it fits a range for one or more of the requested parameters.
	 
	AD -------------------------(name, <RDkey1?, RDkey2?>)------------------------> RD
	AD <--(name, <RDvalue1, RDvalue2, ADkey1?, ADkey2?, agentkey1?, agentkey2?>)--- RD
	AD --(name, <RDvalues OK, ADvalue1, ADvalue2, agentvalue1, agentkey2 range?>)-> RD
	AD <----------(name, <ADvalues OK, agentvalue1 OK, agentkey2 range>)----------- RD
	AD ----------------------------(name, agentkey2 OK)---------------------------> RD
	AD <-----------------------------(name, rez cap)------------------------------- RD
	 
	In this example, RD might have refused giving the required range for agentvalue2, either because it technically doesn't support that kind of negotiation or because of policy, in either case of which the rez cap would have failed. It might on the other hand instead already from the beginning have supplied the required ranges instead of asking for the actual value. I think it would be good if the protocol would enable either of these cases for maximum flexibility.
	 
	It may also be an idea to permit caching of at least AD- and RD-parameters or evaluations of them, especially if we're talking extensive sets with perhaps hundreds of parameters. Since the ADs and RDs should be free to update their own parameters at any time, the handshake in that case must of course contain a check if cached parameters have been updated. Also, if an AD or RD supports several sets of parameters depending on which domain or service it deals with, means to distinguish between them are required, perhaps using policy URI's the way Meadhbh suggested (http://www.ietf.org/mail-archive/web/ogpx/current/msg00523.html). A policy could then basically be broken down into a set of own parameter values and required parameter ranges for the domain or service connecting.
	 
	I also think, like Meadhbh (http://www.ietf.org/mail-archive/web/ogpx/current/msg00523.html), that we will need to suggest, but not require, a number of parameter name and formats to facilitate communication, so that not e.g. US and UK domains can't connect, because one asks about "color" and the other one only can respond about "colour".
	 
	Best regards,
	 
	Magnus
	 
	 
	- -----Ursprungligt meddelande-----
	Från: Carlo Wood [mailto:carlo@alinoe.com] 
	Skickat: den 7 oktober 2009 22:36
	Till: Infinity Linden
	Kopia: Magnus Zeisig; ogpx@ietf.org
	Ämne: Re: [ogpx] Protocol for permitting policy decisions
	 
	On Mon, Oct 05, 2009 at 12:39:32PM -0700, Infinity Linden wrote:
	> option 3: multi-message handshake
	> 
	> AD --------------- (name) -------------> RD
	> AD <-------- (X, age > X? cap) --------- RD
	> 
	> AD ------------------------------------> RD (age > X? cap)
	> AD <------------ (rez cap) ------------- RD
	 
	Note, again, the need for a flexible protocol negotiation:
	we can't know, already, what all will be needed.
	 
	Nevertheless, the more flexibility the better imho.
	I'd prefer to see this:
	 
	AD ------(name, <list with keywords>) -----------> RD
	AD <-----(name, <list with keywords + ranges>) --- RD
	AD ------(name, yes/no)--------------------------> RD
	AD <-----(rez cap) ------------------------------- RD
	 
	Where VWRAP will not define what keywords are possible.
	 
	However, implementers might, for example, choose to use 'AGE' as keyword
	with an integer range, leading to a msg exchange like
	 
	AD ------(name, (AGE)) -----------> RD
	AD <-----(name, (AGE, 21)) -------- RD
	AD ------(name, yes)--------------> RD
	AD <-----(rez cap) ---------------- RD
	 
	or some might implement
	 
	AD ------(name, (AGE, LIKES_BUNNIES)) -----------> RD
	AD <-----(name, (AGE, 13), YES) ------------------ RD
	AD ------(name, yes, yes)------------------------> RD
	AD <-----(rez cap) ------------------------------- RD
	 
	For privacy reasons, I think it would suffice to
	just send the AND of all 'yes's, thus:
	 
	AD ------(name, (AGE, LIKES_BUNNIES)) -----------> RD
	AD <-----(name, (AGE, 13), YES) ------------------ RD
	AD ------(name, yes)-----------------------------> RD
	AD <-----(rez cap) ------------------------------- RD
	 
	or,
	 
	AD ------(name, (AGE, LIKES_BUNNIES)) -----------> RD
	AD <-----(name, (AGE, 13), DONTCARE) ------------- RD
	AD ------(name, yes)-----------------------------> RD
	AD <-----(rez cap) ------------------------------- RD
	 
	Again, neither 'AGE' nor 'LIKES_BUNNIES', would be defined by us,
	but we would define how to handle integer ranges, booleans,
	don't cares, string literals, and perhaps regular expressions.
	 
	- -- 
	Carlo Wood <carlo@alinoe.com>
	 
	-----BEGIN PGP SIGNATURE-----
	Version: 9.8.3 (Build 4028)
	Charset: utf-8
	 
	wsBVAwUBSs2nYe5MlU9XyaiSAQiJLAf/fye7HX0vp2JkZF/wu+7FSVzZ2al3nKcL
	JiB+Z1mxP3ICiGZrvdIojSCHL5+T8k23cj9Q9ggz7yQv12EhRynq4rmlSfgs7Ta/
	cKrKh7vvQHsZsnsaiHaw29DA30rejSJWabkZ5c29zUd18ll86EZr0qIqP9ByIbMJ
	RrppGN98IaYd3rOclzK0/e3LdRKAgLhg1GotudPKJ4vU7qI3XV6sKwuaUOzWzsWm
	tDpcHxcCHhF9O4uDstGFAxbPVvZNnrmzQXRzlQ6pajmpzT0iU25k78Y7bldq/Bnd
	60Ij9GcofockvBuWVUiIDZsxqZG982jnDGz3DQEorg38XtAbKieN8w==
	=2NSu
	-----END PGP SIGNATURE-----
	 
	 

	_______________________________________________
	ogpx mailing list
	ogpx@ietf.org
	https://www.ietf.org/mailman/listinfo/ogpx

v2.8.7 | Report a Bug | By Email