[x3d-public] [CfP] Call for Participation. DIS for X3DOM, X_ITE

Christoph Valentin christoph.valentin at gmx.at
Sun Jan 24 19:05:23 PST 2021 

Good Morning, John.

VPN means Virtual Private(!) Network.

That means, it connects several private subnets over the insecure Internet in a secure way. Nobody out there can sniff, what's going on in your private subnets (unless he's equipped with "special" skills and tools and unless he's got the keys for the VPN).

The story is different, if you use a VPN to just access the insecure Internet. The traffic is secure as long as it stays in the VPN, but at some point the traffic must leave the VPN, if the destination is in the Internet. From that point on, the traffic is transported in an insecure way.

Security is not the reason, why I installed a VPN service on my vServer.

The reason for our "Tiny Web3D VPN" is L2 connectivity. Each client in our VPN can reach each other client per MAC address. So broadcasting and multicasting should be possible in order to test the "server-less" mode of the ALP (in some future) or of the DIS (if you like, immediately, if you like with me, next weekend).

Btw: did you already install the vpncal? If you use my "Tiny Web3D VPN", then I would really recommend to install the calendar of the VPN. We can then enter appointments about test sessions into the calendar.

All the best
Christoph

 
 

Gesendet: Montag, 25. Januar 2021 um 00:40 Uhr
Von: "John Carlson" <yottzumm at gmail.com>
An: "Christoph Valentin" <christoph.valentin at gmx.at>, "X3D Graphics public mailing list" <x3d-public at web3d.org>
Cc: "Roman Onic" <roman.onic at kontron.com>, peter.beicht at kontron.com, matthias.weszelits at kontron.com, "Wriston Kevin" <Kevin.Wriston at kontron.com>, "Theo" <theodor.scherney at utanet.at>, "Markus Sonntag" <markus.sonntag at tmo.at>
Betreff: Re: [x3d-public] [CfP] Call for Participation. DIS for X3DOM, X_ITE
Attempts at bringing UDP into the browser:

It would seem like UDP (for any higher level protocol) in the browser
would be "a thing." Indeed, there's even a W3C note:
https://www.w3.org/TR/tcp-udp-sockets/, draft:
https://www.w3.org/2012/sysapps/drafts/raw-sockets/[https://www.w3.org/2012/sysapps/drafts/raw-sockets/] and another note:
https://www.w3.org/TR/raw-sockets/[https://www.w3.org/TR/raw-sockets/]  I think the typical answer is "UDP
is not secure."

https://github.com/NetAsmCom/Socketify[https://github.com/NetAsmCom/Socketify]

Hmm.

https://github.com/networkprotocol/netcode[https://github.com/networkprotocol/netcode] (netcode.io, secure UDP,
works with Unreal and Unity)


Hmm, netcode.io with chrome and ff:
https://github.com/RedpointGames/netcode.io-browser[https://github.com/RedpointGames/netcode.io-browser]


A VPN connection on the local machine would also allow for a secure DIS
(or any protocol we choose), I believe.

There are VPN is a browser solutions, so the question is, how do we
access the VPN from JavaScript?  Indeed, how does someone set up a
browser for VPN?  It appears like you don't set up your browser at all,
you just connect to the desired host (but the VPN server must decrypt
for the server your connecting to, so if you're using insecure UDP, your
packets will be in the clear.  If you use something like HTTPS over VPN,
then it's unecrypted by the web server, not the VPN server.


What I don't like about any VPN server, is that "it's not mine" or "I
have to pay a fee (albeit minimal)"

So the only security the VPN offers over HTTPS, I think, is protecting
your IP address. Indeed, if you communicate in the clear over to your
TUN, then the VPN server sends it fully unencrypted to the target network.


How can I limit the VPN through a router so that it won't send
everything over the network through VPN, rather just specific X3D addresses?


So I'm thinking we should investigate ways of doing secure UDP, unless
the multicast addresses are on the VPN server.


Okay.  So google has HTTPS over UDP (I think), called QUIC). Node.js
implementation here:  https://nodejs.org/api/quic.html[https://nodejs.org/api/quic.html]


Also:  https://web.dev/webtransport/[https://web.dev/webtransport/]


I think I'm ready to read Christoph's paper.


Thanks,


John


On 1/24/21 1:29 AM, Christoph Valentin wrote:
> Hello John, hello all, Don,
>
> Cannot leave this uncommented..........see *inline* at [CV:].
>
> KR
> Christoph
>
>
>
>
> Gesendet: Sonntag, 24. Januar 2021 um 07:44 Uhr
> Von: "John Carlson" <yottzumm at gmail.com>
> An: "X3D Graphics public mailing list" <x3d-public at web3d.org>
> Betreff: [x3d-public] [CfP] Call for Participation. DIS for X3DOM, X_ITE
> I'd like to add "multiuser-aware" DIS to X3DOM and X_ITE, per this
> section of the X3D V3.3 standard (or we can go with X3D4 if there's  a
> link).
>
> https://www.web3d.org/documents/specifications/19775-1/V3.3/Part01/components/dis.html#CommonDISfields[https://www.web3d.org/documents/specifications/19775-1/V3.3/Part01/components/dis.html#CommonDISfields]
>
> I have used open-dis-python, open-dis-javascript, and
> node-disnetworkclient, so I think the only thing left is to define HTML5
> browser to/from node.js DIS enabled server (or python server, if you
> prefer).
>
> Christoph, could you do a write-up based on open-DIS of the technologies
> we could use in HTML5 browser to/from DIS sender/receiver gateway?
> [CV:]No (reason below)
>
>
> I suggest we start with X_ITE and work on fully implementing the DIS nodes
> there.  We may need to send the address and port from the HTML5 browser
> to the DIS sender/receiver (gateway).  I am not really sure what to do
> to handle multiple DIS ports and addresses on a page.  Something to
> think about in this case.  I don't know if the address/port is in the
> PDUs or not.  Someone can answer that?
>
> Do we need a DIS protocol which transmits addresses and ports? Seems
> like X3D does that?   How is DIS-EXI doing?
>
> Can we get xmlpg support for possibly adding addresses and ports to
> PDUs? How do we route to HMTL5 browsers?
>
> I suggest we reimplement https://github.com/open-dis/DISWebGateway[https://github.com/open-dis/DISWebGateway][https://github.com/open-dis/DISWebGateway[https://github.com/open-dis/DISWebGateway]] in
> javascript or python, so installs aren't a pain.   And if we go an
> XML/JSON route for browser to DIS network communication, we use EXI
> (comments?).
>
> There should probably be one person writing the back end and one person
> writing the front end.
>
> Are there similar efforts?  Christoph has shown an interest in planning,
> [CV:] You are right in that all people who are interested in X3D MU or
> in MU at all should cooperate. Would be funny, if the creators of
> collaborating did not collaborate :-)
> You are right, in that I have shown interest to be a part of this
> game in one or the other way.
> BUT IT IS A MISCONCEPTION to believe I would actively work on
> HLA/DIS implementations during my precious spare time.
> I once answered to Don - and I think everyone could read it - that
> I have done a personal decision to offer the scarce rest of my
> ressources to the Network Sensor (actually to the ALP) and to work
> for HLA/DIS only during office hours. If I install open-dis-python
> on my vServer, then it is just a favour to you personally, John,
> because I admire the diligence you show up, when pursuing your
> goals.
>
> Thanks!
>
> John
>
>
> _______________________________________________
> x3d-public mailing list
> x3d-public at web3d.org
> http://web3d.org/mailman/listinfo/x3d-public_web3d.org[http://web3d.org/mailman/listinfo/x3d-public_web3d.org][http://web3d.org/mailman/listinfo/x3d-public_web3d.org[http://web3d.org/mailman/listinfo/x3d-public_web3d.org]]
>
> _______________________________________________
> x3d-public mailing list
> x3d-public at web3d.org
> http://web3d.org/mailman/listinfo/x3d-public_web3d.org[http://web3d.org/mailman/listinfo/x3d-public_web3d.org]

More information about the x3d-public mailing list