IETF Logo Mail Archive

Re: [vwrap] Why are we standardizing the login handshake? (was RE: one question)

"Hurliman, John" <john.hurliman@intel.com> Fri, 24 September 2010 22:47 UTC

Return-Path: <john.hurliman@intel.com>
X-Original-To: vwrap@core3.amsl.com
Delivered-To: vwrap@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D1FC73A6AF5 for <vwrap@core3.amsl.com>; Fri, 24 Sep 2010 15:47:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.292
X-Spam-Level:
X-Spam-Status: No, score=-6.292 tagged_above=-999 required=5 tests=[AWL=0.307, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MKR2fYP9qTW0 for <vwrap@core3.amsl.com>; Fri, 24 Sep 2010 15:47:15 -0700 (PDT)
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by core3.amsl.com (Postfix) with ESMTP id 35AEB3A6988 for <vwrap@ietf.org>; Fri, 24 Sep 2010 15:47:15 -0700 (PDT)
Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga102.jf.intel.com with ESMTP; 24 Sep 2010 15:47:47 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="4.57,232,1283756400"; d="scan'208";a="660905319"
Received: from rrsmsx603.amr.corp.intel.com ([10.31.0.57]) by orsmga001.jf.intel.com with ESMTP; 24 Sep 2010 15:47:47 -0700
Received: from rrsmsx605.amr.corp.intel.com (10.31.1.129) by rrsmsx603.amr.corp.intel.com (10.31.0.57) with Microsoft SMTP Server (TLS) id 8.2.254.0; Fri, 24 Sep 2010 16:47:47 -0600
Received: from rrsmsx506.amr.corp.intel.com ([10.31.0.39]) by RRSMSX605.amr.corp.intel.com ([10.31.1.129]) with mapi; Fri, 24 Sep 2010 16:47:47 -0600
From: "Hurliman, John" <john.hurliman@intel.com>
To: "vwrap@ietf.org" <vwrap@ietf.org>
Date: Fri, 24 Sep 2010 16:47:47 -0600
Thread-Topic: [vwrap] Why are we standardizing the login handshake? (was RE: one question)
Thread-Index: ActcOZn68s4UEVUtTLy3Re8tvxvfuAAACnBw
Message-ID: <62BFE5680C037E4DA0B0A08946C0933D012AD7E0ED@rrsmsx506.amr.corp.intel.com>
References: <62BFE5680C037E4DA0B0A08946C0933D012AD7E06A@rrsmsx506.amr.corp.intel.com> <4C9D20F5.2020507@ics.uci.edu> <62BFE5680C037E4DA0B0A08946C0933D012AD7E094@rrsmsx506.amr.corp.intel.com> <4C9D2331.1090000@ics.uci.edu> <62BFE5680C037E4DA0B0A08946C0933D012AD7E0CC@rrsmsx506.amr.corp.intel.com> <4C9D2903.6000404@ics.uci.edu>
In-Reply-To: <4C9D2903.6000404@ics.uci.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [vwrap] Why are we standardizing the login handshake? (was RE: one question)
X-BeenThere: vwrap@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual World Region Agent Protocol - IETF working group <vwrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/vwrap>, <mailto:vwrap-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vwrap>
List-Post: <mailto:vwrap@ietf.org>
List-Help: <mailto:vwrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vwrap>, <mailto:vwrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Sep 2010 22:47:16 -0000

> -----Original Message-----
> From: vwrap-bounces@ietf.org [mailto:vwrap-bounces@ietf.org] On Behalf
> Of Crista Lopes
> Sent: Friday, September 24, 2010 3:41 PM
> To: vwrap@ietf.org
> Subject: Re: [vwrap] Why are we standardizing the login handshake? (was
> RE: one question)
> 
> On 9/24/2010 3:36 PM, Hurliman, John wrote:
> >> -----Original Message-----
> >> From: vwrap-bounces@ietf.org [mailto:vwrap-bounces@ietf.org] On
> >> Behalf Of Crista Lopes
> >> Sent: Friday, September 24, 2010 3:16 PM
> >> To: vwrap@ietf.org
> >> Subject: Re: [vwrap] Why are we standardizing the login handshake?
> >> (was
> >> RE: one question)
> >>
> >> On 9/24/2010 3:11 PM, Hurliman, John wrote:
> >>
> >>>> -----Original Message-----
> >>>> From: vwrap-bounces@ietf.org [mailto:vwrap-bounces@ietf.org] On
> >>>> Behalf Of Crista Lopes
> >>>> Sent: Friday, September 24, 2010 3:07 PM
> >>>> To: vwrap@ietf.org
> >>>> Subject: Re: [vwrap] Why are we standardizing the login handshake?
> >>>> (was
> >>>> RE: one question)
> >>>>
> >>>> John,
> >>>>
> >>>> You may also want to read the intro draft.
> >>>> http://tools.ietf.org/html/draft-ietf-vwrap-intro-00
> >>>>
> >>>> This is in 4.4:
> >>>>
> >>>> "VWRAP defines formats  for describing objects and avatar shapes,
> >>>> but more importantly it
> >>>>       describes the mechanism by which those digital asset descriptions
> are
> >>>>       transferred between client applications, agent domains and region
> >>>>       domains."
> >>>> ...
> >>>> "Accessing and manipulating digital assets is  performed via
> >>>> capabilities which expose the state of the asset to an authorized client.
> "
> >>>>
> >>>> In other words, assets are fetched by the client. So if my world
> >>>> pushes them to the client, it's not VWRAP-compliant.
> >>>>
> >>>>
> >>>>
> >>> You keep saying "if my world does X, it's not VWRAP-compliant".
> >>> That's not
> >>>
> >> correct. "If my world does not have service endpoint X, it's not
> >> VWRAP- compliant" is the correct statement here. Your world can send
> >> assets to your client in any way it wishes, but if your asset service
> >> does not expose a VWRAP asset fetch capability (regardless of whether
> >> your own client uses it or not) then it is not VWRAP-compliant.
> >>
> >>>
> >> So what exactly does this mean? (especially the 2nd sentence, the 1st
> >> is just for context of the word "client")
> >>
> >>
> > Let's say I have a blog running Wordpress. The default way to leave
> comments on the blog is to create an account, confirm the e-mail activation,
> login, then leave a comment. Wordpress is doing a non-standard login
> (equivalent to "if my world does X"), which makes it neither compliant with
> OpenID nor non-compliant with OpenID. It is completely orthogonal.
> >
> > Now I install an OpenID plugin for Wordpress that allows people to either
> use the traditional method, or use OpenID authentication when leaving
> comments. I've added a service endpoint for accepting OpenID
> authentication, and my blog is now OpenID compliant.
> >
> > Pushing assets to your client does not make your world non-compliant with
> VWRAP. Being compliant with VWRAP depends on whether you also have a
> service endpoint that speaks the VWRAP language, in addition to whatever
> else your system might be doing.
> >
> 
> So why is this prescription in the intro document at all?
>   "Accessing and manipulating digital assets is  performed via capabilities
> which
>   expose the state of the asset to an authorized client. " (where client means
> the client application, in the context of that section)
> 

As Morgaine said, the intro doc is in desperate need of a rewrite. But in this specific case I don't see the conflict. I read that as:

"If my client is trying to fetch an asset from a foreign asset service or save an asset to a foreign asset service, where I don't have the luxury of using my optimized non-standard protocol and will be using the VWRAP interop protocol, then my client will be doing that using one or more HTTP capabilities with carefully crafted protocols."

HyperGrid uses this same model, except assets are only fetched server to server instead of directly from the client. When a foreign user is in a grid, there are a set of capabilities (service URLs in HG terminology) attached to that presence and there is an implicitly defined protocol about how you use the asset service URL to fetch a remote asset.

v2.8.7 | Report a Bug | By Email