IETF Logo Mail Archive

Re: [vwrap] "Trust Domains", conditioners and refineries

Dzonatas Sol <dzonatas@gmail.com> Fri, 01 April 2011 17:17 UTC

Return-Path: <dzonatas@gmail.com>
X-Original-To: vwrap@core3.amsl.com
Delivered-To: vwrap@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1406C3A68C3 for <vwrap@core3.amsl.com>; Fri, 1 Apr 2011 10:17:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.547
X-Spam-Level:
X-Spam-Status: No, score=-3.547 tagged_above=-999 required=5 tests=[AWL=0.052, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vqtym0R0ZLpd for <vwrap@core3.amsl.com>; Fri, 1 Apr 2011 10:17:56 -0700 (PDT)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by core3.amsl.com (Postfix) with ESMTP id E1C913A679F for <vwrap@ietf.org>; Fri, 1 Apr 2011 10:17:55 -0700 (PDT)
Received: by iwn39 with SMTP id 39so4320092iwn.31 for <vwrap@ietf.org>; Fri, 01 Apr 2011 10:19:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=80K0jMTl/dGOeQRd6O/9StPwA4lmfKCGKBMX9DXh0NQ=; b=Yl8NpeU8csLU47iSOq7bVB3dB1K9mZCEyecp9OZIMxL07MVjjaSNNC0ik7v8DNe+zU LVhT7tSbOF3l9qfvxmJ9bYPC4PWvKpEdIgr1RX1oT9uefKqYfvjmfZCrJTCOO4R6TZF2 4tHzUSvUF7qXjFHPPXqbz0rxXg9wZEf2YoCSU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=opNyqmn8IG/H4BRLoFiF0v7yB+7IdOUwZBJqa52oHFqM9Dlr5vaUzex2+g4F9tbdPH cTSCNhYUyGvkGtpm0kmho+FuO6BPa/MoRe7jE/pMnYbRb28c37nzZNP9vZSlczXY+3cM 96Ds2smfrml7hE9CJ+Lvm/eDpveU+mFWeJ8mc=
Received: by 10.42.136.138 with SMTP id u10mr1773587ict.104.1301678376207; Fri, 01 Apr 2011 10:19:36 -0700 (PDT)
Received: from [192.168.0.50] (adsl-71-137-195-251.dsl.scrm01.pacbell.net [71.137.195.251]) by mx.google.com with ESMTPS id uf10sm1423351icb.5.2011.04.01.10.19.33 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 01 Apr 2011 10:19:35 -0700 (PDT)
Message-ID: <4D960950.8090205@gmail.com>
Date: Fri, 01 Apr 2011 10:20:16 -0700
From: Dzonatas Sol <dzonatas@gmail.com>
User-Agent: Mozilla-Thunderbird 2.0.0.24 (X11/20100329)
MIME-Version: 1.0
To: Morgaine <morgaine.dinova@googlemail.com>
References: <4D93E82C.7060503@gmail.com> <AANLkTinH2vz+HXTs2j60D2S4BsBH0uT=eG1kTnwBctfJ@mail.gmail.com> <4D949BFB.1010804@gmail.com> <AANLkTi=y3nSCw=nFVn0B0Q-6twov_Vq9MgZPrYC51YgO@mail.gmail.com> <4D94B1EF.2030206@gmail.com> <4D95EB3F.8090807@gmail.com> <AANLkTin4Jbho9hEcqDzMW8GanM9Snk70KsLYcnmjGVYk@mail.gmail.com>
In-Reply-To: <AANLkTin4Jbho9hEcqDzMW8GanM9Snk70KsLYcnmjGVYk@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: vwrap@ietf.org
Subject: Re: [vwrap] "Trust Domains", conditioners and refineries
X-BeenThere: vwrap@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual World Region Agent Protocol - IETF working group <vwrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/vwrap>, <mailto:vwrap-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vwrap>
List-Post: <mailto:vwrap@ietf.org>
List-Help: <mailto:vwrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vwrap>, <mailto:vwrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Apr 2011 17:17:57 -0000

I guess your reply is purely April 1st themed, as there are surely 
protocols in use now on the Internet, yet you make it sound like nobody 
trusts the Internet... again

Morgaine wrote:
> I hope you realize that "trust domains" don't actually exist outside 
> of some people's passion for buzzwords.
>
> Having worked in defense security and looked beyond buzzwords into 
> what really happens with information protection and leakage, the 
> concept of technically-secured trust in an open client-server system 
> lies somewhere between delusion and comedy.� No, just no.
>
> Information is secure only when it is not released and not 
> accessible.� In our VW architecture, all visible content is sent to 
> all participants in the simulation by architectural design, and its 
> non-distribution beyond that set of participants is not assurable.� 
> Indeed, it is objectively impossible to assure, because there is no 
> control over public outbound information channels in our architecture, 
> and even less control over covert channels.
>
> That makes all talk about "trust domains" here an exercise in 
> futility, some kind of reliance on "faith" and wishful thinking.
>
> The merits of comedy aside, I suggest that we stick to concepts that 
> we can underpin with concrete technology and implement in protocols.� 
> Trust is not one of them and just wastes time, despite the cuteness of 
> the term "trust domain".
>
> If you want to keep information secure, don't send it to somewhere 
> that is insecure such as a remote client.� That's the technical 
> solution, stripped of wishful thinking.
>
> Whatever one may think of the defense industry, at least they analyze 
> issues to avoid self-delusion.� We may not have a defense budget here, 
> but that's not a reason for promoting concepts that simply don't work.
>
>
> Morgaine.
>
>
>
>
> ======================
>
> On Fri, Apr 1, 2011 at 4:11 PM, Dzonatas Sol <dzonatas@gmail.com 
> <mailto:dzonatas@gmail.com>> wrote:
>
>     Of replies received and to forward this further, the ideal "trust
>     domains" are established in file by X.509 (and more recent claims)
>     or by login credentials/authentication. This flexibility of these
>     two alone to establish such domain already defeats the purpose to
>     use client/server terminology except at the transfer-level.
>     Consider that LLIDL & REST is above the transfer-level (from
>     source-level perspective), there is not much need to use
>     client/server terminology (except if you want pedantic buzzwords).
>
>     Please let me know if there is some other case.
>
>
>     Dzonatas Sol wrote:
>
>         Added "trust domains" to the subject line to hopefully narrow
>         this thread before it goes into some random debate.
>
>
>
>
>     -- 
>     --- https://twitter.com/Dzonatas_Sol ---
>     Web Development, Software Engineering, Virtual Reality, Consultant
>
>     _______________________________________________
>     vwrap mailing list
>     vwrap@ietf.org <mailto:vwrap@ietf.org>
>     https://www.ietf.org/mailman/listinfo/vwrap
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> vwrap mailing list
> vwrap@ietf.org
> https://www.ietf.org/mailman/listinfo/vwrap
>   


-- 
--- https://twitter.com/Dzonatas_Sol ---
Web Development, Software Engineering, Virtual Reality, Consultant

v2.23.0 | Report a Bug | By Email