[sldev] Capabilities URLs

Ryan Williams rdw at lindenlab.com
Thu Sep 6 14:45:29 PDT 2007

Previous message: [sldev] Capabilities URLs
Next message: [sldev] [VIEWER] Re: New viewer released with logging of the owners of speaking objects and their location
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rob Lanphier wrote:
> On 9/1/07 5:51 PM, Dale Glass wrote:
>   
>> On Sunday 02 September 2007 02:31:20 Harold Brown wrote:
>>   
>>     
>>> The cap URLS I posted do not require authentication, and as such appear
>>> to be static at the moment
>>>     
>>>       
>> Ok, that's good to know, thanks :-)
>>
>> Then the list only shows the ones that require authentication and you have 
>> permission to use?
>>
>> If so, where is the list of services that anybody can use?
>>   
>>     
>
> This thread spawned a long thread about what we should and shouldn't be
> encouraging on this front.  To summarize:
>
> *  We have two classes of cap.secondlife.com URLs:   One used by the web
> team for the reg API and the APIs in Harold's message.  The other used
> by the simulator for giving viewers access to various functions.
>   
Sorry, Rob, I believe that this is incorrect.  Our two cap classes are:
  - cap.secondlife.com
  - simFOO.agni.lindenlab.com:12043

Cap.secondlife.com caps appears to be used for two purposes:
  - sort of a temporary/hacky way to implement web apis.  In this case 
the cap url is basically a way for the webdev team to muck with 
accessing internal data structures without going to the trouble of 
implementing a nice url structure.  These should eventually be migrated 
to clean urls that are not https.
  - reg api participants.  The reg api participant is given a set of 
capability urls that are intended for its use only, since each cap is 
authentication-included.   Authentication-included means that anyone 
getting ahold of the cap url can act on behalf of the participant to 
whom the cap was granted!  These caps should all be invoked over https 
to hide the url from sniffers.  If you have one of these urls, you would 
know it.

simFOO caps are for viewer<->sim communication, and are granted for the 
duration that a viewer has a connection to a simulator.  They are also 
https.
> *  The two classes of caps URLs are visually indistinguishable.  Yes, we
> know that's a problem.
>
>   
The two cap.secondlife.com usages are indeed impossible to distinguish, 
but basically the rule with a cap is, if you know it, you can use it.  
There should be no deeper decision-making process on this side of the 
equation.  Cap.secondlife.com capabilities tend to be fairly long-lived, 
but not infinitely long-lived, and they can be revoked at any time, so 
you cannot rely on them as a stable API.

The decision-making process about whether to share a cap url that you 
have should hinge on what the cap does, and how it was granted to you, 
and whether you want other people to do the same things that you can do 
with it.  In the case of caps in the map api, apparently some Linden 
made the decision that they can be public, because the information that 
they grant access to is public, and they don't grant any ability to 
change any internal data structures.   In the case of reg api caps, you 
would definitely not want to share them, because a person holding one of 
your caps can do things in your name!

You will be able to distinguish caps to a simulator, since they don't go 
to cap.secondlife.com.  It's unlikely that you'd really come across one 
of these by accident, but you similarly do not want to share them.

> Much love to whoever finds a home for this information on the wiki (and
> actually posts it).
>
>   
True!

-RYaN

Previous message: [sldev] Capabilities URLs
Next message: [sldev] [VIEWER] Re: New viewer released with logging of the owners of speaking objects and their location
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the SLDev mailing list