Re: [ogpx] VWRAP Draft Charter

Hi Vaughn! :-)

Your description of our discussion is quite accurate.  However, it seems to
imply that I advocate in favour of the view that the AD must be the seat of
all policy for connected regions.  I do not.  I was merely explaining the
architecture of AD+RD pairing as it has been described to us repeatedly
throughout the two years of our OGP-related work in the LL+IBM sponsored
Architecture Working Group within Second Life.

After the emails, Carlo and I examined this issue with higher discussion
bandwidth inside SL, and it turned out that we were describing two different
things:  I was explaining the AD+RD relationship in OGP, while Carlo was
describing RDs *as they should be designed* if an RD were an autonomous unit
with its own policies, effectively a small world.  If OGP were designed
differently and less restrictively to allow that, then there would have been
no discussion.  :-)

Of course, OGP is not VWRAP, but only the seedcorn for VWRAP.  We can make
VWRAP as flexible as we like, and it's easy to see its potential flexibility
in David's deployments document.  Consequently, I have high hopes that all
parties will be happy with the eventual outcome. :-)

You may have missed the primary reason why I do not advocate a design in
which an OGP-style AD is the seat of all power, possibly because the
discussion has been spread out across all of OGPX and MMOX.  It's easy to
summarize in one sentence though:  such a design cannot underpin an
Internet-wide metaverse of interoperating virtual worlds because it doesn't
respect the key meme of virtual and non-virtual tourism:  *Destination
Determines Policy*.

This meme is so fundamental and crucial (and obvious) that OGP's support of
the exact opposite is terminally broken, as a basis for the hypothetical
metaverse.  Indeed, you yourself have referred to the problem in the funny
"war over purple". :-)  At best such a design can support only a random
scattering of VPN-like walled gardens, all isolated and *incapable of
interoperating* because they all claim the "one true policy".  We should not
go there.

The most recent description of this problematic aspect of the OGP design was
posted by Magnus Zeisig in his excellent email at
http://www.ietf.org/mail-archive/web/ogpx/current/msg00324.html , which I
fully support.  Such balkanization is not a desireable goal when designing a
VW interop protocol.

So where are we now?  We're at the stage of examining David's VWRAP
deployment patterns to see how the protocol can support them.  And in that
examination, it is likely to become clear that the old OGP model of "AD
determines policy" is completely non-viable for interoperating between
VWRAP-compatible virtual worlds, except when that policy is "nil trust" as a
common denominator.

Consequently, we will either decide to live with the original OGP split and
use "nil trust" as our basis for VW interop, or else we will redesign the
AD/RD relationship to place many more important policy decisions where they
really belong, at destination.  The latter seems the best choice to me, and
of course it would make Carlo happy, and it is also the model that every
single existing world already operates --- when in Rome, do as the Romans
do.  Only the old OGP AD/RD two-way split design is out of step.  Let's hope
that we can correct that in VWRAP. :-))

Morgaine.

====================================

On Tue, Sep 29, 2009 at 9:16 PM, Vaughn Deluca <vaughn.deluca@gmail.com>wrote:

> Carlo and Morgaine have above been involved in a very interesting
> discussion about the nature of the (or *a*) virtual world.
>
> Painting their positions with  broad strokes, Morgaine stresses the primary
> role of the AD as the seat of policy and trust, up to the point where he
> denies the RD any role above that of a convenient extension of the AD, i.e.
> the RD as "colony without a government". Carlo passionately argues for the
> independent role of the RD in policy issues.
>
> I feel that both positions are valid (to some degree), and both can be
> covered by VWRAP.
>
> Calo makes absolutely clear that having all policy in the respective ADs of
> the avatars leads to problems when several avatars meet in one region
> domain, say RD1. Avatars will be busy killing each other over the right to
> wear purple, and for the innocent bystanders caught in the crossfire it will
> be fully unclear were to complain. Stepping in Morgaines shoes, i think i
> would argue that what Carlo asks for can be realised by applying the policy
> of a *particular* AD to RD1. The rules to deal with color of clothes, could
> be formulated in AD1 associated with RD1. In principle Carlo could run this
> domain himself, even without a single avatar in it, and in this way get his
> "government" and set any policy he wants. If two avatars from AD2 and AD3
> visit RD1, The policy in RD1 would be governed by what is specified by AD1.
>
> While this fully fits Morgaines view of "AD rules all", and also fits Carlo
> call for autonomy of RD1, it feels decidedly like a kludge, and in this
> particular case it seems much more straightforward to make RD1 more
> autonomous. Yet, to keep everything within one framework, this kludge seems
> to be the logical solution... I would like to hear what others think about
> this.
>
> One other remark: the minimal example for  a "world"  -one AD and one RD-
> would be more useful when extended with one asset service AS. Explicit
> mentioning of the AS will make it much easier to discuss IP issues.
>
> Vaughn
>
>
>
> On Mon, Sep 14, 2009 at 10:44 AM, Carlo Wood <carlo@alinoe.com> wrote:
>
>> On Mon, Sep 14, 2009 at 06:43:06AM +0100, Morgaine wrote:
>> > Carlo asked for detailed comments on the below, so here goes. :-)
>> >
>> >
>> > On Fri, Sep 4, 2009 at 8:58 PM, Carlo Wood <carlo@alinoe.com> wrote:
>> >
>> >     On Thu, Sep 03, 2009 at 04:28:03AM +0100, Morgaine wrote:
>> >     > The problem you see is that a virtual world is much more than just
>> a
>> >     Region
>> >     > Domain.  It is a complete set of services of which the Region
>> Domain
>> >     service is
>> >     > just one.  Other typical services might be those of the Agent
>> Domain
>> >     (which
>> >     > provides identification and authorization services and possibly
>> others),
>> >     as
>> >     > well as asset and inventory services, IM and other communication
>> >     services, and
>> >     > maybe several more.
>> >
>> >     Well... that is purely semantic. It is a way to define VW, but not
>> one that
>> >     I've been using :/
>> >
>> >
>> > It's a rough top-level projection of the architectural model of VWRAP,
>> once the
>> > various services have been decoupled in the way that David Levine often
>> > describes to us.  Nothing very contentious there, everyone likes a
>> > services-oriented approach. :-)
>> >
>> >
>> >
>> >     For simplicity, assume that only two things are needed to create a
>> complete
>> >     virtual world, like SL or OG: A Region Domain (RD) and an Agent
>> Domain
>> >     (AD).
>> >
>> >
>> > I am happy to consider that simple scenario as representative.  It is
>> quite
>> > reasonable to equate AD with VW because the AD is the focus of almost
>> all the
>> > policy decisions of a VWRAP-based world.  When other decoupled services
>> are
>> > added to this picture, it doesn't change the fundamental architecture of
>> AD +
>> > RDs, only extends it by decoupling more than just the region service.
>>  So
>> > that's fine with me.
>>
>> I totally disagree that the AD is the representative...and why do you say
>> that below a sentence of me where I say "A Region Domain (RD) and an Agent
>> Domain (AD)"?
>>
>> This is like I say "VW = AD + RD", and you go: "yes, VW = AD". We can't
>> have a discussion like that Morgaine.
>>
>> >     Currently, without any interop, each administrative entity (or trust
>> >     entity)
>> >     will need to provide both: an RD *and* an AD, otherwise they don't
>> have a
>> >     functional VW.
>> >
>> >
>> > Correct.  The AD is the seat of most (but not all) of the policy
>> decisions of a
>>
>> I even *stressed* the '*and*' here, and you do it again.
>>
>> > VW, so it's very central to the existence of a VW.  While it's possible
>> to
>> > imagine policy-free VWs that temporarily  take on the policy of any
>> other world
>> > they hook up with, this is clearly a subset situation.  All the
>> currently known
>> > SL-like virtual worlds are grids of the SL kind, with their own
>> individual
>> > policies which they are not going to change on interop.
>> >
>> >
>> >
>> >     Your conclusion is that a VW exist of both 1 RD and 1 AD. But I ask
>> you to
>> >     reconsider if that conclusion is correct, because it is based on the
>> >     current
>> >     situation without any interop. Now "correct" might not be the
>> correct word
>> >     - heh.
>> >     Rather I should say: I ask you to reconsider if that definition is
>> very
>> >     useful.
>> >
>> >     Lets consider the following fictive case:
>> >
>> >     LL runs one RD and AD, called RD1 and AD1.
>> >     CB (Cable Beach) runs another RD and AD, called RD2 and AD2.
>> >     A user that authenticates with either AD1 or AD2 can travel to RD1
>> AND RD2,
>> >     completely symmetrical, keeping their respective AD1- and AD2-
>> assets etc.
>> >     This is possible with the right policies, so for the sake of looking
>> at
>> >     the usefulness of the above definition of VW, assume this is the
>> case.
>> >
>> >
>> > That's not quite right because Cable Beach is not a world provider like
>> LL.
>> > Cable Beach is perhaps best described as a "login mediation" mechanism
>> or
>>
>> I might not understand what the real Cable Beach is or wants to be, I was
>> just
>> trying to give an example to work with. So, again:
>>
>> LL runs one RD and AD, called RD1 and AD1.
>> OG runs another RD and AD, called RD2 and AD2.
>> A user that authenticates with either AD1 or AD2 can travel to RD1 AND
>> RD2,
>> completely symmetrical, keeping their respective AD1- and AD2- assets etc.
>> This is possible with the right policies, so for the sake of looking at
>> the usefulness of the above definition of VW, assume this is the case.
>>
>> > protocol, which provides a model for interaction between a "world
>> service"
>> > (effectively an AD), the user's client, and various decoupled services
>> such as
>> > simulation nodes (possibly an RD) and inventory/asset services.  Let's
>> assume
>> > therefore that your "CB" above means something different (another world
>> > provider similar to LL), and then we can proceed with your example case.
>>
>> Ok
>>
>> >     Would you consider "RD1 + AD1" one VW, and "RD2 + AD2" to be another
>> VW?
>> >     Or do you think it would make most sense in THIS case to speak of a
>> single
>> >     VW?
>> >
>> >
>> > They're two worlds because you defined them as such, as each has its own
>> AD.
>> > :-)  But that aside, if they were set up separately then they have two
>> > different sets of policies, two different sets of residents, two
>> different
>> > ToS's, possibly two different legal jurisdictions, two different
>> mechanisms for
>> > abuse control and conflict resolution, and so on and so forth.  If they
>> were
>> > created to be worlds that can stand alone but interoperate when desired,
>> then
>> > each of these is a diffferent world.  I don't see how that can be
>> disputed.
>>
>> As I stated in one of my first posts, it will (hopefully!!!) be mainly the
>> the *RD* and NOT the AD that all of those things are a function of!
>>
>> You keep saying that it's mainly the AD that determines these things, but
>> that would be confusing and very annoying. If two people meet in a virtual
>> world, that is - if they are standing next to eachother in one region and
>> using local chat - then they should fall under the same legal jurisdiction
>> and the same ToS: it is the region that determines the rules, not the AD
>> that they used to login with.
>>
>> As example, ToS1 says: it's ok to be naked; and ToS2 says: it's a bannable
>> offence to be naked. Do you really think that it's even workable if the
>> ToS to be applied is a function of the AD? Say you login using AD2, so
>> ToS2 applies to you. You meet someone else that is naked. You know that
>> you are not allowed to and you are offended. You create an abuse report;
>> where does that report go to? To your AD administration? That makes no
>> sense: that naked person is using a different AD. To his/her AD
>> administration
>> then? That makes also no sense since they allow it.
>>
>> Seriously, there is only one reasonable thing to do: the ToS that applies
>> is a function of the Region Domain *only*, and if you write an abuse
>> report,
>> it should go to the administration of the region that you are in and not
>> to your or the others AD administration. Same holds for the things related
>> to legal jurisdiction and any other 'rules' that applies at any given
>> moment (to users). The only thing that might be a function of the AD are
>> technical policies that are automatically enforced by VWRAP.
>>
>> >     I think this is what Infinity means when she says that "virtual
>> world"
>> >     cannot
>> >     be defined, because what could be perceived as being a VW is highly
>> >     dependend
>> >     on the exact situation (and policies) and in certain configuration
>> that are
>> >     not as clear as the current situation (no interop) or the above
>> example
>> >     (100%
>> >     interop).
>> >
>> >
>> > This is incorrect.  "Virtual world" is defined by each provider of a
>> virtual
>> > world and by nobody else, and each provider knows full well how it is
>> defined,
>> > what its boundaries are, and what makes it distinct.  Nobody else can
>> define
>> > what a virtual world is, and it's not our business to define it either
>> (nor to
>> > conjure up a fictitious definition).
>>
>> Sorry, but I think you should try harder to understand my point of view
>> first.
>> I didn't give the examples so you can ignore them.
>>
>> > We only need to define the protocol interactions at the endpoints
>> presented by
>> > those worlds, and not to define "virtual world" structurally nor any
>> other way.
>> >   Doing so is what has got us into this mess, by creating a fictitious
>> > definition based on reachability and hence blocking any ability to talk
>> about
>> > actual virtual worlds.  Those worlds exist.  They won't go away.  They
>> want to
>> > interoperate, but they don't want to be told that they don't exist.
>>
>> I was trying to make you understand WHY Infinitely tells you they don't
>> "exist",
>> if you understand her (and you don't, imho) then it will be easier to
>> solve this
>> miscommunication.
>>
>> > The contention that we don't know what "virtual world" means is just
>> plain
>> > bizarre.
>>
>> Only if you already have a definition of "virtual world" they way you do.
>>
>> > I don't know of any VW operator who doesn't know what their world is.
>>
>> That is the *current* situation... which is 100% simpler than what we'll
>> have in the future.
>>
>> Compare with math... currently we only have Integers (Z). We're about
>> to introduce division and by that we need to extend the definition of
>> 'number' from Z to Q. Q aren't integers, even though currently every
>> number is an integer doesn't mean you have to hold on tight the
>> "definition"
>> of "number" == integer. That definition will be broken and you will
>> have to redefine "number".
>>
>> >   Every single one of them could provide the necessary endpoints for
>> VWRAP
>> > within their world without any scratching of heads at the meaning of
>> "virtual
>> > world".  That repeated allegation has been a complete misrepresentation.
>>  It's
>> > just not true.
>>
>> You CANNOT define "virtual world" as "AD" (see above) nor as "AD + RD"
>> because
>> that is too simple and only holds in the current situation. You can only,
>> at most,
>> if you really want, say - well, lets define it as being some RD.
>>
>> > And possibly even worse is the excuse  that "virtual world" is not being
>> > defined but is being used non-normatively, while in practice using the
>> phrase "
>> > the virtual world" to create a totally fictitious single virtual world
>> instead.
>>
>> I agree that as long as it isn't normatively defined, the term shouldn't
>> be
>> used in documents except in places where it can literally mean anything
>> without
>> that anyone will care (like in the protocol name).
>>
>> >   That phrase is unnecessary, it is misrepresentative of the actual
>> situation,
>> > it bypasses policy controls of one world by not mentioning its AD, it
>> prevents
>> > us from mentioning virtual worlds by blocking the normal meaning of the
>> term,
>> > and it provides nothing useful as a benefit in return.  Unless total
>> confusion
>> > is a benefit. ;-)
>>
>> Sorry, but that is like saying that defining the Rational Numbers (Q)
>> makes it
>> impossible to talk about 'numbers', because 3/7 isn't an integer.
>> What you have to do is let go of your current definition.
>>
>> >     In one of my first posts about this topic I stated that "virtual
>> world"
>> >     should
>> >     be considered to be the Region Domain (although I didn't use that
>> term at
>> >     the
>> >     moment) and be completely independent of the Agent Domain, based on
>> typical
>> >     cases of abuse and griefing etc: if anyone annoys some other user,
>> or
>> >     breaks
>> >     almost any ToS, it will be region based; which is why I've always
>> said that
>> >     any type of abuse can and should be handled at the sim (single
>> region)
>> >     level:
>> >     the estate owner and managers in SL, even, but that idea definitely
>> extends
>> >     to "world administrations": the people running the REGION (domain)
>> is the
>> >     one
>> >     that should decide what is the local ToS and deal with abuse etc.
>> That is
>> >     why I strongly argue to define "virtual world" as Region Domain, and
>> leave
>> >     the AD out of it. Nevertheless, now I have the term "Region Domain"
>> I don't
>> >     need "virtual world" anymore.
>> >
>> >
>> > But that's not how OGP is structured.  It's the AD that is the focus of
>> service
>> > policy choices in OGP, and it's the "world service" that is the focus of
>> > service policy in Cable Beach.  The AD and the world service are the
>> source of
>> > capabilities that determine pretty much everything else, and the region
>> domain
>> > is very subsidiary to that.
>>
>> No, if the service prodiver of some AD disagrees with the (say) a ToS that
>> applies
>> when you go to some RD then they should disallow you go there; they should
>> not
>> allow you to go there and then demand that you follow their ToS, that
>> would not
>> be a practical solution that is workable.
>>
>> To use mathematics again, it's easy to make two ToS that have no
>> intersection:
>> Say, ToS1 says: you MUST wear purple clothes, and ToS2 says: you MUST wear
>> blue
>> clothes. Obviously those will apply to regions.
>>
>> So then we have:
>>
>> Provider1: RD1 --> TOS1 --> purple clothes
>> Provider2: RD2 --> TOS2 --> blue clothes
>>
>> *if* Provider 2 runs an AD (AD2) and they allow people logged in with it
>> to go to region RD1 then the people there should wear purple clothes:
>> TOS2 will not apply because of the AD you use.
>>
>> If it's against providers religious believe to support wearing purple
>> clothes than they might disallow people to go to RD1, that is their
>> choice (policy).
>>
>> > Indeed, a region domain may have no policy of its
>> > own at all, but merely extend an existing virtual world by accepting the
>> > policies of that world's AD.  That's the model in the original OGP
>> before it
>> > gained aspirations of becoming a cross-VW interop protocol.
>>
>> That makes no sense :/
>>
>> There can be any number of people in a given RD, and each can in principle
>> be using a different AD! PLEASE let the RD determine the rules they have
>> to live by! Anyone else that disagrees with me about that?!
>>
>> > If RDs determined VW policy and generated seed capabilities for
>> everything and
>> > ADs were merely login services then your model would apply, and RD could
>> be
>> > considered "VW".
>>
>> Ah! At last..
>>
>> > But that's not how it is currently structured --- RDs are
>>
>> If you are refering to OGP, then OGP should be changed.
>>
>> > merely the land + physical simulation components of worlds, and in SL's
>> case,
>> > also an elaborate system of proxies.  And that's why we need multiple
>> ADs to
>> > interact in VWRAP before we can consider that there is VW-VW interop.
>>  RDs
>> > don't handle it.
>>
>> What I seem to keep missing is the fact that VWRAP is already completely
>> defined in those previous OGP documents and we're merely here to rewrite
>> them in an IETF document of sorts.
>>
>> Yes we need multiple ADs to interact, and they will.
>> But yes, RD's will handle whatever they have to handle with VWRAP.
>> I never said that capabilities equal 'rules' (ToS and legal jurisdiction
>> isn't something that should be enforced or controlled by the protocol) by
>> the way.
>>
>> ... sorry my RSI forces me to stop typing here... shouldn't have
>> typed this much alrady anyway :(
>>
>> >     > In our new protocol, these services may either be implemented
>> internally
>> >     within
>> >     > a virtual world, or some might be implemented as external services
>> >     offered by
>> >     > third parties, the choice being a policy and design decision for
>> each
>> >     world
>> >     > operator.  In all cases however, the virtual worlds are defined by
>> a set
>> >     of
>> >     > services, and not just by a Region Domain.
>> >
>> >
>> > Indeed.  But access to such decoupled services is provided by the AD
>> through
>> > the capabilities that it delivers to authorized parties, and regions are
>> just
>> > one such service.  You're giving RDs credit for something that they
>> don't do.
>> > :-)  Perhaps the VWRAP model should be redesigned along your lines so
>> that RDs
>> > become the VWs and are the generators of seed caps, and then ADs become
>> just a
>> > subservient policy-free login mechanism. :D
>> >
>> >
>> >
>> >     I'm afraid that is purely a matter of opinion. I agree that it is
>> likely
>> >     that a single 'administrative entity' that runs a RD will also run
>> an AD
>> >     and allow users authenticated with their AD visit their RD, but it
>> is no
>> >     more than *likely*. There will almost certainly be service provides
>> that
>> >     ONLY run an AD, and don't have a RD! And I can imagine that there
>> will
>> >     be some that only run a RD and do not care about running their own
>> AD.
>> >
>> >
>> > Oh sure, there will be all combinations of services, that is to be
>> expected.
>> > But it is the seat of policy that is the heart of each virtual world,
>> and
>> > currently the seat of policy lies in the AD.  A VW that doesn't have an
>> AD in
>> > the VWRAP model is just a colony without a government, ready to be
>> assimilated
>> > into a world that has an AD and that therefore sets policies, instead of
>> being
>> > a sovereign world that merely wants to interop with that other world
>> through
>> > VWRAP.
>> >
>> >
>> >
>> >     Therefore, "virtual world" cannot be synonym for "the set of
>> services
>> >     run by a single administrative entity" as you seem to argue, and at
>> >     the SAME time be argued to include an RD *and* AD at all times.
>> >
>> >
>> > I don't follow that.  Two worlds that can run independently (that's very
>> > important) can certainly each be defined as a set of services that
>> includes the
>> > functions of an AD and an RD, and those worlds each continue to include
>> the
>> > functions of an AD and an RD even after they start interoperating
>> (assuming
>> > that VWRAP is extended to allow cross-VW interop).  No world is going to
>> give
>> > up part of its services portfolio on interop.  Interop is an additional
>> > benefit, not a loss of capability.
>> >
>> > [It's worth noting that there may actually be a small loss of capability
>> > occurring on interop in VWRAP, although it is rarely mentioned.  You can
>> be
>> > present in two worlds simultaneously with the same login credentials
>> > pre-interop (a feature that we enjoy currently between SL and OSgrid for
>> > example), but post-interop this may no longer be possible --- it depends
>> on the
>> > implementation.  No doubt we will visit this issue within VWRAP.]
>> >
>> >
>> >
>> >     > This is easy to see by looking at a couple of archetypal examples
>> in this
>> >     > space:
>> >     >
>> >     >
>> >     >     Is Second Life a virtual world?  Undoubtedly.  Is Second Life
>> just a
>> >     Region
>> >     >     Domain (assuming it were implemented using VWRAP)?  No, of
>> course
>> >     not, SL
>> >     >     includes all of the services mentioned above, and others.
>> >
>> >     Of course, LL happens to run all services that are needed to create
>> one
>> >     virtual world; there are no third parties they can hire from yet, so
>> they
>> >     have to provide it all themselves.
>> >
>> >     But after SL implemented VWRAP they might decide to do away from one
>> of
>> >     their services and only keep their RD. Unlikely, but possible.
>> >
>> >
>> > You're confusing RD functionality with AD functionality again there.
>>  The AD is
>> > the heart of a world because it defines its capabilities and policies.
>>  The RD
>> > is just a pile of region hosts that could easily be farmed out to a
>> third party
>> > to run without them determining policy, and indeed this is already being
>> done.
>> > While it is a very important pile of hosts which gives a world its
>> physical
>> > characterists, the RD is a subservient service to the AD in OGP, just as
>> the
>> > equivalent "simulation nodes" provide a subservient service to the
>> "world
>> > service" under Cable Beach.  The RD is well named --- it provides region
>> > services only, not the package of internal + external services that
>> together
>> > create a virtual world.
>> >
>> >
>> >
>> >     >     Is OSgrid a virtual world?  Undoubtedly.  Is OSgrid just a
>> Region
>> >     Domain
>> >     >     (assuming it were implemented using VWRAP)?  No, of course
>> not, it
>> >     >     currently runs all the UGAIM services, which in a VWRAP
>> context would
>> >     >     become similar to those of Second Life.
>> >
>> >     Exact same argument.
>> >
>> >
>> > Exact same response because the same applies. :-)   What's more, in
>> OSgrid this
>> > is even easier to identify, because every person or company that adds
>> regions
>> > to OSgrid is subscribing to the notion that they are participants in
>> OSgrid ---
>> > OSgrid is their virtual world.  They are merely providing additional
>> land mass
>> > and simulation capacity.
>> >
>> > Also, in this example there is no need to hypothesize region services
>> being
>> > farmed out to third parties, as there already are hundreds to thousands
>> of
>> > independent third parties involved in supplying regions.  Those regions
>> and
>> > clusters of regions (equivalent to RDs) together combine to create the
>> virtual
>> > world of OSgrid.  There is a clear distinction between R/RDs here and
>> the VW
>> > itself, which also includes a variety of other services as Charles has
>> > described several times.  The R/RDs are a very important part, but
>> functionally
>> > they are not the VW, nor are they the VW perceptually.  They are places
>> within
>> > the world, not the whole world.
>> >
>> >
>> >
>> >     > So you see, the idea that has been floated which claims that "VW
>> == RD"
>> >     is
>> >     > completely wrong, and misrepresents what constitutes a "virtual
>> world"
>> >     despite
>> >     > the very clear examples before us.
>> >
>> >     If you want to put it that way (including everything above that you
>> said)
>> >     then
>> >     I have to side with Infinity: you cannot define a virtual world that
>> way
>> >     and
>> >     use it for useful discussions regarding VWRAP.
>> >
>> >
>> > I think you may have misread that.  I did not define "VW == RD".  That's
>> the
>> > opposite of what I said, but I agree with you on the negative
>> conclusion.  If
>> > one defines "VW == RD" then it becomes impossible to have a meaningful
>> > discussion about VWs in VWRAP.  It also becomes impossible to have a
>> meaningful
>> > discussion about VWs in VWRAP if one conjures up a fictitious meaning of
>> > "virtual world" based on reachability.  And that's why we should not
>> define it
>> > in either of those two ways.
>> >
>> > The most useful and forward-looking way of defining virtual worlds in
>> VWRAP is
>> > as a collection of service endpoints, regardless of who operates them.
>>  All we
>> > should care about is the protocol between endpoints, and not conjure up
>> some
>> > non-existent single virtual world.
>> >
>> >
>> >
>> >     In the end, one virtual world as defined by "all services together
>> to make
>> >     things work" will be, or can be, a mix of many RD's and many AD's
>> with a
>> >     complex
>> >     web of trust/non-trust between them that makes the concept of
>> "virtual
>> >     world"
>> >     rather fuzzy at best.
>> >
>> >
>> > You're right but you're not being clear about what is fuzzy.  The
>> concept of "
>> > single virtual world" is not only fuzzy, it is totally non-existent in
>> practice
>> > (because there are many, not one) as well as impossible in theory
>>  because of
>> > balkanization through incompatible trust domains, as described so
>> magnificently
>> > by Magnus a week or two ago.  We should not go there.
>> >
>> > In contrast, the concept of multiple virtual worlds is crystal clear.
>>  Several
>> > people here in the group operate virtual worlds, but nobody would
>> suggest that
>> > they are unclear about what they operate.  We've been sold a bridge on
>> that
>> > "uncertainty".  Multiple virtual worlds presenting VWRAP endpoints are
>> the
>> > natural way of approaching interop between VWs, and you don't have to
>> define
>> > VWs structurally for that.  You only have to define the endpoints that
>> VWs need
>> > to present to the protocol, and avoid any notion of "single virtual
>> world".
>> >
>> >
>> >
>> >     [...]
>> >     > As we move into analysis of the problem space, these issues will
>> be
>> >     > disentangled and clarified and the protocols will be defined and
>> evolve,
>> >     but
>> >     > from the current OGP perspective there is no symmetrical
>> relationship
>> >     possible
>> >     > between VWs that could be described as "peering".  It is the
>> asymmetry of
>> >     the
>> >     > VW-RD relationship that has been the crux of the "no VW interop"
>> issue.
>> >     For
>> >     > symmetrical peering, the protocol would need to mention at least
>> two
>> >     > communicating VWs.
>> >
>> >     You can about peering with just two RD's and one AD, or one RD and
>> two
>> >     AD's.
>> >
>> >
>> > I think you're confusing RDs with VWs again --- RDs only provide
>> regions,
>> > nothing else.  For peering between two VWs, you would need interaction
>> between
>> > their two ADs because their ADs provide their policies.  If you bypass a
>> VW's
>> > AD then you bypass its policies, so you're not interoping with that
>> world.  And
>> > I don't think we're encouraging bypassing and hence subverting a world's
>> > policies.
>> >
>> >
>> >
>> >     > Of course the situation could change as the protocol evolves.  For
>> >     example,
>> >     > once or twice we have heard mention that multiple ADs could be
>> involved
>> >     in some
>> >     > way, and it seems certain that communication services from
>> multiple VWs
>> >     will be
>> >     > merged because residents demand this.  This would start to take us
>> into
>> >     VW-VW
>> >     > interop territory.  However, there is no such thing in VWRAP
>> currently,
>> >     and
>> >     > it's not in the list of deliverables to include it, and therefore
>> we
>> >     cannot say
>> >     > that VWRAP will provide VW-VW interop at all.  For now. ;-)
>> >
>> >     I can't comment on that cause I didn't see VWRAP yet, but from the
>> >     charter and the comments on this list I'd think that full support
>> >     for interop between any number of RD's and AD's is intended.
>> >
>> >
>> > Well you've put your finger on the problem here.  Everyone is saying
>> what they
>> > think is intended because the intention is not actually spelled out in
>> the
>> > documents.  Why cannot it be spelled out clearly that interop between
>> multiple
>> > ADs is intended?  If it were, this entire discussion could be avoided
>> because
>> > it's easy and reasonable to equate ADs with VWs in practice.
>> >
>> > Notice however that even if the protocol were modified to be able to
>> handle two
>> > ADs at a time, use of an unadorned "the virtual world" in the documents
>> would
>> > continue to raise the perennial question of "Which virtual world?".
>>  After all,
>> > there would be two of them being discussed.
>> >
>> > It's this phraseology that stems from OGP's original goal of adding
>> single
>> > regions or RDs to an existing single virtual world (namely SL in the
>> prototype)
>> > that is creating such a problem.  That phraseology was appropriate for
>> that
>> > original goal.  It is not appropriate for the goal of interoperating
>> multiple
>> > virtual worlds --- it makes it impossible to even talk about the goal
>> sensibly,
>> > because "the virtual world" in the OGP sense has no plural.
>> >
>> > It's unfortunate, but this whole affair is just the product of legacy
>> wording
>> > from OGP.  That's never going to work in a multi-world setting where we
>> need to
>> > talk about the endpoints in different worlds.
>> >
>> >
>> > Morgaine.
>> >
>> > PS. If anyone else read this far other than Carlo, you have a lot of
>> stamina
>> > and dedication. ;-)
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > ==============================================
>> >
>> > On Fri, Sep 4, 2009 at 8:58 PM, Carlo Wood <carlo@alinoe.com> wrote:
>> >
>> >     On Thu, Sep 03, 2009 at 04:28:03AM +0100, Morgaine wrote:
>> >     > The problem you see is that a virtual world is much more than just
>> a
>> >     Region
>> >     > Domain.  It is a complete set of services of which the Region
>> Domain
>> >     service is
>> >     > just one.  Other typical services might be those of the Agent
>> Domain
>> >     (which
>> >     > provides identification and authorization services and possibly
>> others),
>> >     as
>> >     > well as asset and inventory services, IM and other communication
>> >     services, and
>> >     > maybe several more.
>> >
>> >     Well... that is purely semantic. It is a way to define VW, but not
>> one that
>> >     I've been using :/
>> >
>> >     For simplicity, assume that only two things are needed to create a
>> complete
>> >     virtual world, like SL or OG: A Region Domain (RD) and an Agent
>> Domain
>> >     (AD).
>> >
>> >     Currently, without any interop, each administrative entity (or trust
>> >     entity)
>> >     will need to provide both: an RD *and* an AD, otherwise they don't
>> have a
>> >     functional VW.
>> >
>> >     Your conclusion is that a VW exist of both 1 RD and 1 AD. But I ask
>> you to
>> >     reconsider if that conclusion is correct, because it is based on the
>> >     current
>> >     situation without any interop. Now "correct" might not be the
>> correct word
>> >     - heh.
>> >     Rather I should say: I ask you to reconsider if that definition is
>> very
>> >     useful.
>> >
>> >     Lets consider the following fictive case:
>> >
>> >     LL runs one RD and AD, called RD1 and AD1.
>> >     CB (Cable Beach) runs another RD and AD, called RD2 and AD2.
>> >     A user that authenticates with either AD1 or AD2 can travel to RD1
>> AND RD2,
>> >     completely symmetrical, keeping their respective AD1- and AD2-
>> assets etc.
>> >     This is possible with the right policies, so for the sake of looking
>> at
>> >     the usefulness of the above definition of VW, assume this is the
>> case.
>> >
>> >     Would you consider "RD1 + AD1" one VW, and "RD2 + AD2" to be another
>> VW?
>> >     Or do you think it would make most sense in THIS case to speak of a
>> single
>> >     VW?
>> >
>> >     I think this is what Infinity means when she says that "virtual
>> world"
>> >     cannot
>> >     be defined, because what could be perceived as being a VW is highly
>> >     dependend
>> >     on the exact situation (and policies) and in certain configuration
>> that are
>> >     not as clear as the current situation (no interop) or the above
>> example
>> >     (100%
>> >     interop).
>> >
>> >     In one of my first posts about this topic I stated that "virtual
>> world"
>> >     should
>> >     be considered to be the Region Domain (although I didn't use that
>> term at
>> >     the
>> >     moment) and be completely independent of the Agent Domain, based on
>> typical
>> >     cases of abuse and griefing etc: if anyone annoys some other user,
>> or
>> >     breaks
>> >     almost any ToS, it will be region based; which is why I've always
>> said that
>> >     any type of abuse can and should be handled at the sim (single
>> region)
>> >     level:
>> >     the estate owner and managers in SL, even, but that idea definitely
>> extends
>> >     to "world administrations": the people running the REGION (domain)
>> is the
>> >     one
>> >     that should decide what is the local ToS and deal with abuse etc.
>> That is
>> >     why I strongly argue to define "virtual world" as Region Domain, and
>> leave
>> >     the AD out of it. Nevertheless, now I have the term "Region Domain"
>> I don't
>> >     need "virtual world" anymore.
>> >
>> >     > In our new protocol, these services may either be implemented
>> internally
>> >     within
>> >     > a virtual world, or some might be implemented as external services
>> >     offered by
>> >     > third parties, the choice being a policy and design decision for
>> each
>> >     world
>> >     > operator.  In all cases however, the virtual worlds are defined by
>> a set
>> >     of
>> >     > services, and not just by a Region Domain.
>> >
>> >     I'm afraid that is purely a matter of opinion. I agree that it is
>> likely
>> >     that a single 'administrative entity' that runs a RD will also run
>> an AD
>> >     and allow users authenticated with their AD visit their RD, but it
>> is no
>> >     more than *likely*. There will almost certainly be service provides
>> that
>> >     ONLY run an AD, and don't have a RD! And I can imagine that there
>> will
>> >     be some that only run a RD and do not care about running their own
>> AD.
>> >
>> >     Therefore, "virtual world" cannot be synonym for "the set of
>> services
>> >     run by a single administrative entity" as you seem to argue, and at
>> >     the SAME time be argued to include an RD *and* AD at all times.
>> >
>> >     > This is easy to see by looking at a couple of archetypal examples
>> in this
>> >     > space:
>> >     >
>> >     >
>> >     >     Is Second Life a virtual world?  Undoubtedly.  Is Second Life
>> just a
>> >     Region
>> >     >     Domain (assuming it were implemented using VWRAP)?  No, of
>> course
>> >     not, SL
>> >     >     includes all of the services mentioned above, and others.
>> >
>> >     Of course, LL happens to run all services that are needed to create
>> one
>> >     virtual world; there are no third parties they can hire from yet, so
>> they
>> >     have to provide it all themselves.
>> >
>> >     But after SL implemented VWRAP they might decide to do away from one
>> of
>> >     their services and only keep their RD. Unlikely, but possible.
>> >
>> >     >     Is OSgrid a virtual world?  Undoubtedly.  Is OSgrid just a
>> Region
>> >     Domain
>> >     >     (assuming it were implemented using VWRAP)?  No, of course
>> not, it
>> >     >     currently runs all the UGAIM services, which in a VWRAP
>> context would
>> >     >     become similar to those of Second Life.
>> >
>> >     Exact same argument.
>> >
>> >     > So you see, the idea that has been floated which claims that "VW
>> == RD"
>> >     is
>> >     > completely wrong, and misrepresents what constitutes a "virtual
>> world"
>> >     despite
>> >     > the very clear examples before us.
>> >
>> >     If you want to put it that way (including everything above that you
>> said)
>> >     then
>> >     I have to side with Infinity: you cannot define a virtual world that
>> way
>> >     and
>> >     use it for useful discussions regarding VWRAP.
>> >
>> >     In the end, one virtual world as defined by "all services together
>> to make
>> >     things work" will be, or can be, a mix of many RD's and many AD's
>> with a
>> >     complex
>> >     web of trust/non-trust between them that makes the concept of
>> "virtual
>> >     world"
>> >     rather fuzzy at best.
>> >
>> >     [...]
>> >     > As we move into analysis of the problem space, these issues will
>> be
>> >     > disentangled and clarified and the protocols will be defined and
>> evolve,
>> >     but
>> >     > from the current OGP perspective there is no symmetrical
>> relationship
>> >     possible
>> >     > between VWs that could be described as "peering".  It is the
>> asymmetry of
>> >     the
>> >     > VW-RD relationship that has been the crux of the "no VW interop"
>> issue.
>> >     For
>> >     > symmetrical peering, the protocol would need to mention at least
>> two
>> >     > communicating VWs.
>> >
>> >     You can about peering with just two RD's and one AD, or one RD and
>> two
>> >     AD's.
>> >
>> >     > Of course the situation could change as the protocol evolves.  For
>> >     example,
>> >     > once or twice we have heard mention that multiple ADs could be
>> involved
>> >     in some
>> >     > way, and it seems certain that communication services from
>> multiple VWs
>> >     will be
>> >     > merged because residents demand this.  This would start to take us
>> into
>> >     VW-VW
>> >     > interop territory.  However, there is no such thing in VWRAP
>> currently,
>> >     and
>> >     > it's not in the list of deliverables to include it, and therefore
>> we
>> >     cannot say
>> >     > that VWRAP will provide VW-VW interop at all.  For now. ;-)
>> >
>> >     I can't comment on that cause I didn't see VWRAP yet, but from the
>> >     charter and the comments on this list I'd think that full support
>> >     for interop between any number of RD's and AD's is intended.
>> >
>> >     --
>> >     Carlo Wood <carlo@alinoe.com>
>> >
>> >
>>
>> > _______________________________________________
>> > ogpx mailing list
>> > ogpx@ietf.org
>> > https://www.ietf.org/mailman/listinfo/ogpx
>>
>>
>> --
>> Carlo Wood <carlo@alinoe.com>
>> _______________________________________________
>> ogpx mailing list
>> ogpx@ietf.org
>> https://www.ietf.org/mailman/listinfo/ogpx
>>
>
>

Re: [ogpx] VWRAP Draft Charter - 2009 09 01