General +1's, cheers and yays.
Best regards,
Stefan Andersson
Tribal Media AB
Date: Wed, 18 Mar 2009 11:38:41 -0700
From: d...@metaverseink.com
To: opensim-dev@lists.berlios.de
Subject: Re: [Opensim-dev] Accessing textures via HTTP [bayes]
The road to security is like an obstacle course in the Olympics. The obstacles
range from really easy (what's happening out there with OpenID, and the current
opensim access to inventory) to really hard (have the server disconnected from
the public network and require the physical presence of users in the server
room). Honestly, I don't think OpenSim should decide on "the right" level of
hardship -- that should be up to the people who set up grids to decide.
What we can do is to provide a few reasonable function points along that
obstacle course. And I think that one of those points is, indeed, the no
obstacles whatsoever -- there are many use cases for OpenSim where security is
not an issue; standalone applications, for example, and applications purely
inside firewalls.
Having said that, I think this discussion is diverging. The issue at hand here
is MXP, and what Tommil/Dahlia want to do in the Idealist viewer with respect
to images. Given how easy it is to configure things in OpenSim, this discussion
is theirs. OpenSim does not need to (and should not) converge to one single
strategy. Make it configurable, always.
Kyle Hamilton wrote:
I was under the impression that the asset server was going to require
authentication regardless. It would be possible to keep track, for
each agent, what textures have been 'authorized' (by being in view).
Remember, we can't protect content in the cache of the client, and the
client can be hostile. Anyone can do it, and it doesn't matter what
kinds of roadblocks are put in the way.
This is why some means of detecting copyright violations is necessary.
I'm sorry that my proposal, 6 months ago, was dropped. It seems to
be the only sustainable way to ensure that these kinds of violations
get noticed.
-Kyle H
On Wed, Mar 18, 2009 at 11:08 AM, Dahlia Trimble
<dahliatrim...@gmail.com> wrote:
The current j2k assets transferred over via the xfer protocol provides a
rudimentary protection for texture assets. Opening the doors to jpeg
textures via http effectively makes all textures available for download by
any web browser. This is significantly reduced asset security and may
violate license distribution agreements for existing texture assets.
Any position to reduce asset security in such a manner may be seen as
hostile toward copyright holders of existing content.
Personally I will *not* allow any of my non-open content to be distributed
in this manner.
On Wed, Mar 18, 2009 at 10:57 AM, Tommi Laukkanen
<tommi.s.e.laukka...@gmail.com> wrote:
I would not go so far that I would suggest we should go and try to
protect our assets by using semi supported image format instead of
well supported format...
-Tommi
_______________________________________________
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev
_______________________________________________
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev
_______________________________________________
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev
_______________________________________________
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev
