this is a quick post to announce "project brookdale," an open source implementation of the Virtual World Region Agent Protocol (VWRAP) suite. VWRAP is a collection of specifications produced by the IETF's VWRAP Working Group. these specifications define interoperability for a "second life-like" virtual world. you can find more information about VWRAP on my VWRAP Page or the blog post "what's the virtual world region agent protocol?"
here's a quick list of things you'll find in brookdale:
- Dynamic Structured Data (DSD) and HTTP Transport Bindings
"DSD" is an evolution of the previous LLSD and LLIDL abstract type system and interface description language. the main difference between DSD and LLSD are minor changes in the XML serialization and a "layered" approach making it easier to use VWRAP messages with non-HTTP transports. more information about the motivations behind DSD can be found in a "abstract resource definitions vs. LLIDL". the internet draft draft-hamrick-vwrap-data-00 describes DSD in more detail.
one feature desired by implementers of previous OGP and early VWRAP work was clear guidance or agreement for how to handle content negotiation and caching of VWRAP messages carried over HTTP(S). draft-hamrick-vwrap-foundation-00 builds on the previous work and describes the use and interpretation of HTTP headers and status codes for content negotiation and caching.
project brookdale provides PHP and JavaScript classes and C functions implementing the interface semantics of DSD. it allows web and application developers to easily manipulate VWRAP requests, responses and events.
- a capability management facility and capability broker
web capabilities are an integral part of VWRAP. they allow distributed, trusted systems to grant fine grained access to sensitive resources without a global identity management system. an informal introduction to capabilities in VWRAP can be found in the earlier blog post, "VWRAP essentials : capabilities".
capabilities serve as aliases for RESTful VWRAP resources. composed of a cryptographically unguessable URL, they combine authorization to access a resource with that resource's address. the "capability broker" is the system component that maps a URL managed by a system to the object or database row it represents.
- a simple VWRAP event queue over long poll
the VWRAP event queue is a simple abstraction for unsolicited server to client communication. VWRAP currently reifies the event queue as a "long poll" over HTTP. it is hoped that future work will specify the use of WebSockets as a carrier for VWRAP events.
- simple connection manager with trust model support
trust between components in a VWRAP system is established by asserting identity using an X.509 client certificate. the VWRAP specifications do not require systems to trust any particular entity or certification authority, but they do require entities accept connections that use client side certs. in other words, a VWRAP system is free to ignore X.509 credentials from a client, but it must not disallow clients from sending them.
one ramification of the VWRAP trust model is it requires a "trusted" service to potentially present a destination-dependent certificate to a remote peer. an authentication service, for instance, may identify itself to an asset service by presenting it with a certificate issued by the asset service (or a trusted third party certification authority.) the brookdale connection manager maintains a mapping between destination URLs, client certificates and their related private keys.
- VWRAP Authentication (including OAuth support)
VWRAP defines several "native" authentication technqiues as well as the use of OAuth in protocol transactions. the brookdale authentication components manage the process of user authentication and the seed capability lifecycle.
- Client Application Launch Message processing
the VWRAP client application launch message (CALM) is an optional message sent to a web browser with specific details of which servers a client application (like the second life™ viewer) should contact to complete the login and rez process. intended to be used in conjunction with web authentication and authorization schemes like OpenID or OAuth, brookdale contains PHP, JavaScript and C functions to generate and process calm messages.
we're starting by publishing a few PHP and JavaScript files at the project brookdale page. these files are much more "middleware-ish" than they are "application-ish," but more will be coming in the next week.
- the release of the code corresponds with the latest VWRAP abstract type system proposal. more code will be released at the brookdale site as the newer VWRAP drafts are published this month.
