On Sat, Feb 09, 2008 at 01:02:15AM +0000, Lalo Martins wrote:
> Yet, you didn't address my actual point ;-)
> I know what site IDs are supposed to be for.  My question is -- do we 
> really want libraries to "ship" as a separate site each?  I realise the 
> key space is pretty large, so "polluting" it is probably no big deal, but 
> I see no big advantage in this case.  (You would need to ship the private 
> key, anyway, right?)

In VOS terms, a "Library" is a set of interfaces, not concrete classes.  
This is why the "Implementation" objects are separate from the Class 
objects.  This idea needs to be developed more, though, since even 
within the VOS type system itself I have found it useful to have both 
abstract classes (that cannot be instantiated ever, interface only) and 
concrete classes.

With regard to shipping the private key, my thinking is that publishing 
an API is like specifying a protocol, and that you really want a way of 
unambigiously referring to a specific API as published by a specific 
entity at a specific version.  If you let everybody have the private key 
then you cannot guarantee that, because anyone could produce a signed 
API document.  One of the foundation concepts in s5 is that ownership 
of a private key implies the ability (and responsibility) to coordinate 
changes to that site so that you don't have conflicting replicas 
floating around from different sources.

[Lead Programmer][Interreality Project][Virtual Reality for the Internet]
[ VOS: Next Generation Internet Communication][ http://interreality.org ]
[ http://interreality.org/~tetron ][ pgpkey:  pgpkeys.mit.edu  18C21DF7 ]

Attachment: signature.asc
Description: Digital signature

vos-d mailing list

Reply via email to