I am making progress with the new website that handles registrations, player associations, etc.  Currently, I am accepting logins via OpenID from any provider that supports SSL/TLS on the channel between our web server and it (e.g. Yahoo, AOL, Google, MyOpenID, most others), as well as via Windows Cardspace.  A single account can have as many OpenID and CardSpace cards associated with it as the user wants, and the CardSpace stuff should magically disappear for users that don't support it.

Groups, including groups with start/end times (e.g. subscriptions) are fully functional, and I have activation codes approximately 10% done.  I hope to get those done this weekend, but may/may not get to it and it may have to wait until next week.

When I get it done, we'll need to re-establish the accounts.  I'm going to do that by e-mailing activation codes, and letting people who should have access enter the code and activate.

Note: there is also support for OAuth, and that is how I will be providing third party websites with access.  OAuth works similarly to Facebook applications, when an app wants to use information from us, it asks.  You go to your profile here, and you approve it.  Until it's approved here, the app gets nothing.  From a control panel here, on the account management screen, you can control the access -- including revoking it.  OAuth is an open standard, and there are multiple available implementations, and so it should work well for this application.

Note: I also have an XMPP server close as well.

Forgot your password?  Since we don't have passwords, that can be an issue -- so keep the account key around.  The account key and information on the account can be used to re-establish with a new OpenID or CardSpace provider, in order to reconnect to the account. 

Cleared out another batch of the spam.  Yay!  Any real commentors can post again if i caught you by mistake.

Cleared out around 90 spam posts -- if yours wasn't spam, then reply to this one and I'll put it back.

Spammers are trolling now, that's probably a good tactic -- they probably think people will approve those comments and reply.  Still working on moving the blog, I'm making sure everything is in place first (note: the new one is excluding known bot nets, and will be using a different technique for nailing the spam that I'm hopeful will be more effective).

I've got some other information to pass along, but not tonight.

As part of testing with Windows Azure, I will be moving the blog from Blog Engine to Azure sometime this week most likely.  I will be bringing the account management services up around the same time.

Due to continued spamming after I enabled comment moderation, I've installed a plug in to check against a shared database.  We'll see if that cuts it down a bit.

I updated the blog software over the last couple days to the latest version of Blog Engine.  Because I’m still working on the OpenID stuff, it’s using SQL Server for a couple days.  Everyone’s logins should still work.

Because of the number of spam comments, I’ve enabled moderation on comments.

Tentative update to Minimum System Requirements:

Intel ATOM 1.6Ghz or faster.

1GB RAM

Windows XP Home for Ultra Lowcost Computing

 800x600 min resolution (the specific device I am targetting is 1024x600).  16bit or 32bit color.

*** I believe that 1.6ghz is probably a reasonable target clock speed.  If we can run successfully lower than that, that's great, but I think that the target clock should be right around that anyway.  Like I said, I have a specific device in mind.

*** The invite still will be coming soon for the staff player association.  I'm testing things now, and will send it off as soon as I am sure that it is working.  Long term, the Wiki and blogs will have a visible change as well (authentication will be for all of BattleBazaar.net/BattleBazaar.com, and not for individual pages). 

 *** Part of the delay is that I want to make sure the web features as they stand are "working right."

* Launcher requires the "Install Software" permission on Windows.

* Patcher requires no permissions on Windows.

* Content updates do not require patching (at all).

* Launcher requires root to install for all users on Unix-like operating systems.

* Patcher requires a setuid process on Unix-like operating systems.

I've updated the TLS certificates for BattleBazaar.net and BattleBazaar.com.  Sorry for taking so long, but just did the rekey and reinstall.  That means no more nasty warnings when viewing them about them being expired.

I am getting ready to post a beta version of the patcher and some other software.  Among other things, I'm experimenting with SIP (Session Initiation Protocol) which is what Sony is using for their voice chat, and what Microsoft uses in Exchange.  That would allow us to have voice chat without being "in the middle."  I'll update on that when I determine if it's something I want to go forward with or not.  SIP is the protocol used by most VOIP phones also, which makes it convenient to route to soft phones for support.  It's also used by most Internet PBX-equivalent phone systems.  It is almost certain that I will go that way in place of the XMPP support I had been working on, just because of the potential to support Voice in this way.

* Be aware: if you're on the development or staff mailing lists, you will be receiving a link soon.  That link will get you set up with the OpenID software on the server.  The invite will be on the TLS (HTTPS) site, and will be to the "GM-Developer" and/or "GM-Staff" player associations.  You should accept those invites, and fill out your profile as needed.  If you're using Yahoo's OpenID provider, they will not provide profile information.  If you are using MyOpenID.com, they'll ask you what fields you want to share and you should mark them.