tola

In this blog entry, I'd like to address Bob Sutor (of IBM)'s three blog posts about his requirements for a perfect 3D World, implemented as a direct extension to the World Wide Web, as described in my 3D Web design concept.

A pure offline Mode

I think this is part of a wider requirement for certain web applications to work offline. With the recently announced Google Gears and other projects from major industry players like Adobe's Apollo, Mozilla's Firefox 3 (and Parakey, currently vapourware), Django's Offline Toolkit, Microsoft's Silverlight and Joyent's Slingshot I think this is going to become an extremely hot topic. I think we're going to see the boundary between web server and web user agent blur considerably into "Web Servents". So in short, an offline mode can use the same technology as an online 3D web, with a local server or a local cache of data, logic and presentation.

A peer-to-peer model

By using web technology, we can take this for granted to the extent that anyone can run their own 3D web server and we can make hyperlinks between them. The peer to peer idea could be taken a lot further than this though, by users in the same virtual space swarming the data between each other. I don't know about that bit.

A model of many planets

Again, this is basically what the web is.

Much better zoning

This almost touches on the contraversial subject of the .xxx domain.

However, with Second Life the geography works in much the same way as First Life with blocks of land having permenant neighbours. This is a limitation of real physical space that while it might be nice to reflect in virtual worlds, is not necessary. We could have lots of areas of "virtual land" who's boundaries are defined only by their own content and then have portals (hyperlinks) which allow you to move into another space, there is no reason to have permenant neighbours because your neighbours are simply whatever you link to, which is under your control. In this way zoning just becomes a result of the links people make, which works reasonably well on the current web.

If you do want to build a planet with geography like the real world (like Second Life), you can still do so, but you could decide to ban certain activities in that particular planet. That way, if there's some content you don't like you simply don't link to it, and it is only as close as 6 degrees of separation dictate.

In-world Secure Chat

I would argue that secure chat in general isn't particularly widespread on the Internet yet, so this is an issue for the Internet in general. However, see later for more discussion on in-world chat. In short, XMPP encryption extensions.

AI

This would just be part of a web application. A 3D web application that is a 3D game may have AI controlling faux avatars and objects, a sales site may have an AI shop assistant or human-AI hybrid. Server side scripting languages and javaScript manipulating X3D files.

World-to-world communication

XMPP (Jabber) and either Jingle or SIP for voice (and video?) would be great for person to person chat. A couple of interesting points spring to mind:

Firstly, should the jabber client be part of the 3D Web user agent or should it just be another web interface like Google Talk in GMail? Especially with regards to advertising prescense or status of the user (available, away, busy, offline).

Secondly, how do we deal with the issue of hearing people around you in a virtual space and adjusting the sound as people move, in addition to person-to-person conversation between worlds. We certainly don't have standards for this yet so it wil be interesting to watch Linden Labs.

World to world teleportation

Hyperlinks.

Do I need a membership in the other world or is there a notion of guest?

We have the same issue on the web. I think distributed authentication like OpenID is a giant leap forward in this field.

How do I deal with cross-world identity?

By using a URI as a person's identity as in OpenID. You can still have your friendly screename in Jabber, but the URI uniquely identifies you.

Can I bring my money with me?

That's a good question, but I think the answer is that if you want some kind of virtual currency, it simply becomes a service like PayPal where you buy credits of some kind and they sort out "exchange rates". You could then use that currency in any world or any web site by using that service as a broker for payments. I'm obviously making this sound a lot more simple than it really is, nothing is straight forward where money is involved.

Can I bring my clothes with me?

Yes, your avatar and everything your avatar wears is hosted on an avatar server (just an 3D web server) and can simply be included into a scene. This only works if all the worlds use the X3D (or other) standard, which is one of the fundamental requirements of a 3D web in my opinion.

Can I bring more general objects between worlds?

The same as above, "objects" can be an X3D file hosted somewhere on the web which can be included into another X3D file dynamically. This requires a certain level of write access to all 3D web servers, which is probably going to cause all sorts of spam problems like we have on wikis. (Imagine a spamming company putting up billboards everywhere).

Search

Don't worry, Google will sort that out ;). Seriously though, it could work the same way as the web with spiders and giant indexes.

Device and world compatible link redirection

Now that is a very interesting topic which you could call the Device Independent or Multimodal Web. I think this can be solved with HTTP Accept headers and content negotiation. This is a major part of what my Webscope project is about, a Multimodal Web User Agent.

Distributed Social Networking

Social networking is a huge phenomenon on the Internet and web sites such as Facebook, MySpace and Orkut have enormous user bases. All of these social networks are currently centralised and controlled by a single company and do not allow users to interact between different networks. This can be frustrating for users who may have to sign up to several social networking web sites just to keep in touch with different groups of friends. Several efforts are in place to attempt to cross the boundaries between social networks, but most of these efforts work on the basis of another centralised system which aggregates all of the networks together using their respective proprietary APIs where they exist.

Open standards like FOAF and XFN already exist for expressing the relationships between people on the web, using semantic markup. In fact, I would argue that an open standard exists for every aspect of current social networking sites. By creating applications which use these open standards we can form a distributed social network which uses the web itself and does not require users to sign up to an isolated network. Each user need only create a personal home page using a service which supports the open standards to be part of the worldwide network.

I have started a new design concept on my web site listing common social networking features and corresponding open standards which could be used to implement them in Distributed Social Networking.

It's worth noting that services like Videntity are already supporting standards like FOAF.

Identity and Trust on the Internet

An interesting article in the New York Magazine a couple of weeks ago described how social networking sites are creating the biggest generation gap since Rock and Roll as teenagers are developing a completely separate concept of privacy to their parents. Teens can be very willing to talk about their personal lives and post pictures on public web sites. I don't even believe this is because they don't understand the issues of privacy, I just think they have a different attitude to privacy and are perhaps more open about their feelings than previous generations.

However, this did get me thinking. Whilst compiling this list I realised that one thing I wasn't sure how to achieve was the privacy features of social networking sites. Many of the sites allow you to define which information will be visible to which users. In a distributed system with no central authority to authenticate against it can be very difficult to define trust and granular permissions for information.

I searched the web for a solution and came up with OpenID, SAML and XDI.

OpenID

Being an ex-LiveJournal user I'm familiar with OpenID but hadn't realised how big it has become. AOL and Yahoo have now adopted the standard and even Microsoft are talking about integrating OpenID into Windows Vista.

"OpenID starts with the concept that anyone can identify themselves on the Internet the same way websites do-with a URI". Once someone has confirmed that they own a particular URI and they come across a web site which supports OpenID, they can use their URI to identify themselves. They are simply redirected to their URI's OpenID authentication if they need to log in. No more signing up for an account on every. site. you. visit!

XDI

An article called The Social Web: Creating An Open Social Network with XDI describes an ambitious project to create a new system of unique identifiers for information resources to create a Social Web of people, or more generally, a Data Web. The new scheme uses eXtensible Resource Identifiers (XRIs) to identify resources independent of a specific physical network path, location, or protocol - in a way which is compatible with URIs and IRIs. XRIs are then linked with "link contracts" which express authority, security, privacy, and data sharing rights in a machine-readable format.

Analogies are drawn with the identification and authentication system used in banking where "I-brokers" are "a trusted third party that helps individuals and organizations share private data the same way banks help exchange funds". The XDI project also has ambitious aims like anti-spam protection and identity theft protection.

SAML

According to Wikipedia, SAML is an "XML standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider." Google are using SAML for Google Apps. Basically it allows a service provider to assert that a user has the permission to access a certain resource, by querying a separate identity provider (which could be common across all service providers).

Converging

It turns out that all of these technologies are converging and moving towards the holy grail of system administration - the "Single Sign On". OpenID can now use an XRI to identify a user and there is talk of using SAML in conjunction with OpenID to assert privledges.