2021 SUG meeting week #45 summary

Finian’s Foraois, August 2021 – blog post

The following notes were taken from the Tuesday, November 9th, 2021 Simulator User Group (SUG) meeting. The meeting was recorded by Pantera Północy, and the video is embedded at the end of this summary. Note this summary focuses on the key points of the meeting; where there is something to report, the video should be referred to should full details of the meeting wish to be reviewed.

Server Deployments

  • Tuesday, November 9th saw simhosts on the SLS Main channel restarted, but no actual simulator update, leaving them running version 565008.
  • Wednesday, November 10th should see regions on the RC channel restart:
    • The majority of RC simhosts will be restarted without any update, also leaving them running simulator version 565008.
    •  Those servers on the Bluesteel channel will be updated to version 565204, containing the outcome of the recent work in updating the simulator toolsets. Testing of the simulators using the new tools has shown “significant improvement” in simulator operations, so the hope is that this will be reflected in the deployed version.

SL Viewer

This list reflects those official viewers available via Linden Lab.

  • Release viewer: version version, formerly the Apple Notarisation Fix RC viewer, issued September 24 and promoted October 15.
  • Release channel cohorts (please see my notes on manually installing RC viewer versions if you wish to install any release candidate(s) yourself):
    • 360 Snapshot RC viewer, version, issued October 21.
    • Maintenance RC viewer updated to version, on October 20.
    • Simplified Cache RC viewer, version, dated September 17, issued September 20.
  • Project viewers:
    • Performance Improvements project viewer, version, dated October 12.
    • Performance Floater project viewer, version, issued September 2.
    • Mesh Optimizer project viewer, version, issued September 1.
    • Legacy Profiles viewer, version, dated October 26, 2020.
    • Copy / Paste viewer, version, dated December 9, 2019.

Apple Notarisation Viewer Issue

With the release of the Apple Notarisation Viewer there were updates to many of the viewer’s third party libraries, and some of these updates have be found to cause issues related to playback of certain media types in-world (notably MP3s and MP4s). A fix is in progress, and once ready, LL intend to fast track it through QA ahead of other viewer updates and make an RC viewer with the fix available ASAP.

TLS Changes

Monty Linden provided an update on the status of disabling TLS 1.0 / 1.1 and future certification work:

There are some ongoing issues [with] a combination of effects in play. In Bug-231303, we have reports of failed cipher negotiation. Right now, only three ciphers are available under tls1.2 on login. I hope to strictly expand that. *HOWEVER* this is where that old viewer cert checking code comes in and does the wrong thing. Future certs will not have the ‘key encipherment’ usage extension – and those old checks need to disappear from all viewers and bots and comms libraries. 
We can’t check every combination people try to use. We can’t even check many combinations, but we’re heading in the direction of wider conformity of the rest of the net. I would like to be able to offer testing on Aditi prior to future changes but we’ve coupled the two grids in an unfortunately way. That might take time to separate. Maintained clients that updated the cert check should work. Old libomv stuff that is broken currently may or may not be repaired (some will, some won’t). Anyone truly doing their own thing will have to answer to the crypto gods.
The reg changes should hold up. But more changes will be coming in ’22 and beyond. Things that have gone unmaintained for years are going to be very susceptible to crypto changes in the wider world. This is the warning.
FYI, consider the 2020q1 profile in this as a target.
For client authentication where Linden doesn’t control the server endpoint, I’m thinking other authentication schemes are in order. OAuth2, etc. We had a high-level LSL discussion the other week. Better supporting auth schemes for scripting would be one of these. But it also enters into having private storage and secrets management. I.e. all the stuff real cloud providers have to do. Even that is a project. All of which would be A Really Good Thing.

Monty Linden

This commentary rolled into a wider discussion of potential scripting options and of further HTTP work. In terms of the former, Monty indicated that the Lab is not ready to increase script memory limits, because there is a believe that ” we can make the memory you have do more.” He also indicated that amongst the backlog of work is a Mono update, but could not say when that might progress to a point of being worked on.