[sldev] 3rd party viewer policy post on blogs.secondlife.com

[Lear Cale]

On Wed, Oct 21, 2009 at 10:06 AM, Mike Dickson <mike.dickson at hp.com> wrote:

> On Wed, 2009-10-21 at 13:39 +0000, Lear Cale wrote:
> > On Wed, Oct 21, 2009 at 7:26 AM, Argent Stonecutter
> > <secret.argent at gmail.com> wrote:
> >
> > I agree, but I believe there's a solution to this.  LL could provide a
> > mechanism for developers to register, so that a test client can
> > automatically get a temporary registration.  Trust the people, not the
> > software.  Someone who tests using multiple avatars would need to
> > register each of those avatars.
>
> That seems pretty awkward.  Think of how many registered versions would
> have to be tracked and how you might need to handle revocation lists.
>
Thus these versions being temporary -- valid until you log out, perhaps.
Furthermore, lots of versions isn't untenable: simply assign a UUID
to any registered version, and create a simple database entry for each.
Database entry would contain key or certificates or whatever.
One quick lookup to verify.


> Code signing would seem to be a solution except that it's not binaries
> being sent around it's data.  I can see how you could do it with
> encryption of the data but that seems to be one of the triggers that
> caused the concern in the first place.


I'm skeptical, until someone can post a pointer to a good working model.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.secondlife.com/pipermail/sldev/attachments/20091021/cead3dd9/attachment.htm