Lucifer wrote:Luke-Jr wrote:
Then such 'other communities' should do their own builds (or even edit the URIs/hostnames in a config) to suit their preferences. There is little purpose in having an official website if the game doesn't make use of it by default.
That's not an acceptable solution.
Why not?
Lucifer wrote:While our own community needs will drive development for the foreseeable future to a large extent (because there aren't other communities we know about right now that aren't part of this one), we should be thinking about what other people might want to do with this thing as much as is reasonable.
That doesn't mean defaults cannot be set to work with the official community. They can still do whatever they need with it (even without changing source!), but no-authentication-at-all helps *nobody* except singular server admin who don't wish to participate. Such singular admin can easily opt-out of the official community, but there is no reason to *encourage* or even *suggest* such activity.
Lucifer wrote:It's the difference between an opt-in mailing list and an opt-out mailing list.
A better example would be opting in or opting out of in-game chatting. Of course, most people want to chat, so it is enabled by default.
Lucifer wrote:As far as the history of this community goes, there is plenty of room to question whether or not we should be behaving in a monopolistic fashion with this community.
It's not monopolistic-- other communities can distribute modified configs or even packages with such configs. Likewise, there is no reason the official community cannot include our configs as defaults for our packages.
Lucifer wrote:For one thing, there are many here besides myself who would no doubt object to such a thing.
Why? This seems to have the effect of saying the website is a mere website, not associated with the game itself on more than just the topic.
Lucifer wrote:Besides that, we've already felt the pain of having a single master server controlled by a guy who just disappeared for something like a year (he had already disappeared when I showed up) and there was nothing we could do about it and still retain enough association with the original armagetron that new players would know about us out here in the sticks.
Before z-man disappeared, there virtually *was* no community... just a few loose players. There was also a single developer. A massive community with a team of developers is not going to fall apart that way.
Lucifer wrote:There has also been a number of reasons over the last year or so for people to question the viability of this port. It will take many months still, possibly years, for all of this stuff to work itself out. These are all concerns that need to be addressed in some form or other, and they're all concerns that get thrown out the window in a default installation that depends on any central server for anything, including the master server.
And using the official website for auth does not cause problems when that website is down, other than loss of updates to the global ladder which has no solution (other than server redundancy).
Lucifer wrote:It just so happens that we haven't yet solved the probem with the master server in that area.
We have redundant master servers... not much more you can do.
Lucifer wrote:Nothing about using the central server changes who is permitted or not on the server.
A default setting that uses the central server for authentication creates a situation where someone with a freshly installed server will have a server that behaves in a non-obvious non-intuitive fashion
No, these defaults would be fairly good for an admin to expect and quite obvious.
Lucifer wrote:and forces the server administrator to deal with us directly right away,
Why?
Lucifer wrote:and if he chooses to run his server independently, he has to deal with the fact that new players are more likely to come to us and that he's not on an even playing field with us.
"come to us"?? I'm not suggesting giving server list "points" to those using official auth...
Lucifer wrote:This is the same thing as, I don't know, bundling a web browser with an OS for the purpose of preventing other web browsers from becoming competitive platforms....
Not at all... it's the same thing as any other game with user registration, except that we give server admin and option to turn it off or use another authentication server.
Lucifer wrote:
In this case, it is better to assume key == computer and give the website a new temporary key for each computer you play on. Either that, or users need to go through the hassle of copying the key file around...
Lucifer wrote:Obvious privacy issues. And having GPL code isn't a good enough assurance in this case.
What privacy issues? They're obviously not obvious since I can't think of them.
The fact that server admins and specifically this central server of yours will be able to track which computers people are using? That doesn't ring privacy bells in your mind?
Not really... you can already do that for the most part with IP addresses... o.O
Lucifer wrote:And in this case, we can't throw away the information the same way we can with IP addresses if we thought we needed to.
Sure we can. If users are required to login to the forum every time they start the game, the public key can be forgotten after they stop playing. Of course, in this case I would really want an option to do a perminant key upload for, eg, home computers.
Lucifer wrote:We might not be able to identify the specific computer, but if corroborated with other information, well, developers, companies, and users have all already made the mistake of not considering potential privacy issues and we've all already been bit on the ass over it (smtp/spam for example, now it requires a big consortium working through a standards body to solve).
OT: The only solution to spam is to make it not worth the trouble or to stop using SMTP.
Lucifer wrote:Lucifer wrote:
Please see point #1.
Irrelevant to this point, as far as I can see...
Point #1 was that there shouldn't be a default setting that relies on a central server for authentication, therefore it's irrelevant how people log into the forums,
It is foolish to have default authentication anything but centralised. We can easily fix the problem with downtime by mirroring keys and having per-server caching. Worst case, the game server cannot contact and central server mirrors and doesn't have a local cache of the user keys-- assume it is a 'guest'/unreserved nickname and let them play as "nickname"
Lucifer wrote:what's relevant is how the authentication system in-game works for independent administrators,
Which is a subset of the central auth
Lucifer wrote:and then we hack on our own interoperability stuff with the forums onto that and provide instructions for server administrators to hook into our global setup.
Global setup will be expected as a default.
Lucifer wrote:Anyway, I'm not saying that what you want/need in an auth scheme isn't desired, and if you have anything to add to the default installation then you're welcome to, but pretty much anything that's contrary, such as adding extra hoops for a player that wants to play from his uncle's computer during christmas break, needs to be put in optional space.
And none of my suggestions add these extra hoops. Yours *do*, however, add extra hoops for any players or servers wanting to participate in the official auth/ladder/etc.
Lucifer wrote:If all we have to do is tell a server admin to add one line to their config file that will direct it to use our own community's setup, that's fine.
And that's all it would take.