[messages] [Developers] Re: Human readable saved games
uckelman at nomic.net
Thu May 26 10:00:41 MST 2011
Thus spake swampwallaby:
> > The impossible thing is to have security when one player can take
> > actions which reveal hidden information, and needs to do so offline.
> Exactly. That will be a built-in limitation. Take the example of the
> current 'Invisible' trait. Only an action by the owner of the invisible
> trait can make it visible. No action by any non-owner can do this. The
> hidden 'state' in this case is the location of the piece and the state
> of all traits 'under' the invisible trait. And this hidden state needs
> to be recorded in the saved games which will be human readable, so the
> hidden state will need to be encrypted within the saved game. Making the
> saved game somewhat less human readable :)
My point about saves being human-readable is about the nonencrypted
parts (and about the plaintext corresponding to the encrypted parts).
I agree that the ciphertext won't be human-readable, in any case.
> > So, for example, if I need to be able to take any one of your cards,
> > or
> > flip over one of your pieces, then my computer needs to have access to
> > the data that's hidden so it can show me what card I took or the other
> > side of the piece I flipped.
> I don't believe I ever suggested this. As in the current Vassal, only
> the owner of a piece would be able to un-hide or un-obscure it.
> Non-owner clients will need to maintain this encrypted hidden state, and
> save it, load it and copy it to other clients, but will not be able to
> do any operations on it.
Yes. I'd like to make it easy to toggle access restrictions, though, so
that the same module can be used with access restrictions, or offline
without them, as the players choose. (E.g., I have no problem playing
against my usual opponent with unencrypted save data, as he's not likely
to cheat and having relaxed access restrictions epeditese making moves
which require revealing hidden information.)
More information about the messages