►
From YouTube: waSCC Community Call (2020-11-25)
Description
WebAssembly Secure Capability Connector (waSCC) is a dynamic, elastically scalable WebAssembly host runtime for securely connecting actors and capability providers
https://wascc.dev
A
Okay,
so
we
should
have
a
pretty
fast
meeting
today,
the
wednesday
before
thanksgiving
so
shane.
I
don't
know
if
you
wanna
do
a
quick
introduction.
You
know
I
know
you've
been
in
channel
for
a
little
while,
maybe
like
who
you
are
what
you
work
on,
what
you're
passionate
about.
B
Yeah
absolutely
so
my
name
is
shane
o'donnell,
I'm
a
developer
at
solo.I
o
and
we've
been
using
wasm
in
the
context
of
envoy
proxy,
so
we're
using
wasm
to
create
portable
dynamic
filters
that
can
be
applied
at
runtime.
To
basically
do
anything
you
want
http
filter
to
do
and
that's
a
huge
boost
for
you
know
envoy
over
writing
a
c
plus
plus
filter
which
basically
involves
maintaining
an
entire
envoy
fork.
So
this
is
a
really
awesome
alternative
that
a
lot
of
our
users
are
really
excited
about.
B
So
that's
kind
of
our
main
interest
in
in
wasm
and
so
far
I've
been
mostly
involved
in
the
logistics
of
building
the
filters,
moving
them
around
and
getting
them
into
the
deployments.
But
you
know
I'm
looking
to
get
a
little
more
into
the
nitty
gritty
of
the
awesome
stuff
itself
in
the
coming
weeks.
Okay,.
A
That's
awesome
and
a
welcome
board
glad
to
have
you
so
as
we
look
into
our
to-do's,
we
have
pinned
out
from
last
week.
Chris
and
ralph
are
both
out,
so
I
guess
we
can
pump
both
of
these.
A
For
now,
the
microsoft
team
is,
has
a
scheduling,
conflict
we're
they're
actually
out
this
week
as
well,
so
we're
waiting
on
them
to
see
if
we're
gonna
move
this
meeting
to
12
or
if
they're,
going
to
reschedule
theirs
and
we
had
a
new
architectural
decision
log
submitted
kevin.
Do
you
wanna
speak
to
that?
Is
it
number
four
here.
C
Yep
yeah,
that's
the
newest
one,
there's
a
couple
new
ones
that
we
have
issues
for,
creating
like
there's,
there's
a
big
one
around
the
use
of
n
keys
and
so
on,
but
this
one
basically
just
states
that
whenever
you're
using
wisem
cloud,
you
know
we'll
have
to
change
the
wording
on
this
one,
but
whatever
you're
using
wisem
cloud,
you
cannot
push
or
pull
interacting
with
an
oci
registry
for
either
your
actors
or
your
capability
providers
without
putting
the
embedded
signatures
in
them.
C
In
other
words,
security
is,
is
mandatory
when
you
store
and
retrieve
images
that
way,
the
weismcloud
runtime
can
guarantee
that
if
it
has
pulled
an
image
from
somewhere
that
he
can
then
go
and
do
its
security
checks
on
it.
A
C
Yeah,
so
we
thought
about
that
and
actually
letting
people
not
put
security
claims
inside
their
stuff
kind
of
breaks,
the
wise
and
cloud
runtime,
because
it
assumes
the
existence
of
security,
credentials
and
capabilities,
and
you
basically
can't
dispatch
your
actor
without
the
security
context.
C
A
And
where
is
this
enforced?
Is
this
enforced
in
wash
or
the
registry
itself
is
not
going
to
enforce
it
right.
C
A
A
All
right,
let's
see
the
top
15
review,
was
the
sort
of
the
next
thing.
If
we
wanted
to
kind
of
do
a
roundtable
status
on
different
components
here,
you
know
kevin,
you
want
to
start
how's
the
sort
of
core
rewrite
with
actics
coming
along
here.
C
Like
I
said,
said,
the
sorry,
I'm
dropping
stuff
everywhere,
the
the
main
rewrite
of
the
the
core
engine.
So
the
core
wasn't
cloud
stuff
is
done
and
it
is
probably
95
to
99
feature
complete
on
the
standalone
version.
C
Just
what's
left
yeah
yep
there's
the
the
the
first
95
percent
was
easy.
It's
the
last
95
percent.
It's
gonna
take
forever.
So
that's
that's
where
that
is
lattice.
Rpc
is
in
there
and
done,
and
I'm
probably
about
halfway
through
adding
the
control
interface
to
lattice
on
that
and
yeah
just
making
my
way
through
there
awesome
anything
else.
The
the
hardest
parts
are
all
are
all
the
ones
that
are
done.
A
Great
awesome
and
then
anything
else
kevin.
A
No,
that's
it
awesome
bill.
How's,
the
packaging
coming
along.
D
Yeah
so
wash
the
cli
is
pretty
much
done.
I
need
to
do
a
little
extra
testing
around
like
the
raspberry
pi
distributions
and
things
like
that,
but
we're
looking
good
done
on
rpm
and
dev
or
is
you're
still
not
working
on
brew
right,
correct
yeah,
so
it's
working
for
rpm
and
deb
no
homebrew
for
anything.
Yet
I'm
currently
working
on
the
wasc
d
packaging,
I'm
running
into
some
basic
cross
compilation
errors
using
that
cross
tool.
D
So
I
should
have
that
sorted
out
pretty
soon
just
trying
to
stay
as
consistent
as
possible
between
those
two
tools
with
how
we
actually
build
and
ship
those
packages.
Yeah.
C
It
probably
doesn't
impact
you
too
much,
but
in
the
the
pr
that's
active
right
now
for
the
control
interface,
the
binary
has
been
renamed
to
wasm
cloud,
not
last
d
beautiful.
I
was
kind
of
waiting
for
that,
so
that
works
out.
Thank
you
all
right,
yeah,
I'm
waiting
to
rename
the
repo
until
after
that
pr
is
merged,
but
then
also
the
wasp
repo
will
become
wasmcloud
awesome.
Air
is.
A
For
on
the
cross,
compile
okay.
D
And
so
next
steps
homebrew
packaging
for
both
of
those
tools.
Okay,
and
I
feel
like
mike,
started
looking
into
windows,
one
I'm
not
sure,
if
that's
necessary,
hopefully,
people
use
anyways.
D
Hopefully
they're
easily
using
the
I
forget
what
the
acronym
is
there,
but
basically
ubuntu
on
windows.
C
Wow
liam's
note
taking
brought
me
back
he's
using
c
linked
list
notation
right
there
yeah
that's
right
next
raised
to
the
power
of
next
or.
C
My
own
isolated
world
of
geekdom
here
and
just
pretend
like
you're
you're
dereferencing,
a
like
list.
A
C
A
Can
I
ask
you
know
we
we
have
all
these,
like
you
know
little
death
with
the
corals
and
you
know
all
the
little
dev
board
you
know
for
the
jets
and
the
nvidia
jetsons.
You
know
what
os's
are
we
do.
We
have
on
those
the
corals.
Was
it
the
corals
or
the
jetsons
was
running
something
on?
Is
it
just
dev
and
rpm
compatible.
D
Yes,
yes,
so
it's
more
about
the
architectures.
I
think
I
think
the
quarrel
was
running
and
I
might
be
wrong
about
this.
I
think
it
was
running
some
version
or
variation
of
debian
yeah.
The.
D
A
straight
up:
arc64
linux,
build
that's
perfect
yeah,
so
that's
that's
exactly
what
we
have
the
debian
rpms
for
currently
so
our
arc
64
and
d64
they're,
the
current
builds.
We
can
add
them
pretty
quickly.
So
when
we
once
we
need
more
it'll,
be
easy
to
just
add
them
into
the
packaging.
Okay,.
A
Would
you
mind
just
making
sure
we
run
through
around
a
test
on
those,
like
you
know,
just
make
sure
it's
on
the
to-do
list?
Okay,
absolutely
all
right
and
then
so.
We've
got
home
brews
coming
up
and
for
that
the
demo
that
we
have
in
a
couple
weeks
that
we're
going
to
plan
the
homebrew
will
be
one
of
the
critical
ones
for
them.
It
looks
like
so
that's
yes,
I
did
oh.
D
I'm
sorry,
I'm
sorry
go
ahead.
I
was
just
going
to
say
I
did
a
tiny
bit
of
research
on
that
already
and
it
appears
like
you
need
a
mac
to
with
brew
installed
to
actually
develop
like
a
brew
tap,
which
I
do
not
have.
That
is
off
the
corporate
so
that.
D
A
I
think
the
thing
we'll
want
to
watch
for
is
the
difference
between
the
big
sur
versus
court.
You
know
the
all
the
old
packaging.
It
was
a
lot
of
stuff's
broken
on
big
sur.
Yeah
yeah
was
having
issues,
so
you
all
kind
of
that's
going
to
make
it.
D
Very
interesting,
but
we'll
figure
it
out
we'll
get
it
done.
Super
awesome
anything
else,
though,.
A
Nothing
for
me,
phil
how's,
how's,
the
the
multi-language
support
coming
for
ypc.
E
Still
holding
strong
at
the
three
that
we've
got
not
much
has
really
moved
since
then
yeah,
I'm
trying
to
think
of
where
we
left
off
kevin
with
getting
things
baked
into
the
sdks.
I
think
that's
probably
where
we're
at
so.
C
Yeah,
if
you
look
at
the,
I
forget
the
name
of
the
repo
there's
a
mega
repo
that
has
is
this
on
water
kevin
or
no.
No,
it's
in
mosque.
C
Yeah,
there's
there's
basically
one
language
there
and
it
has
a
bunch
of
pre-compiled
preset
crates
that
you
can
use
for
http
server
and
key
value.
I'm
going
to
be
creating
a
bunch
more
based
on
the
you
know,
the
first
party
providers
that
we
have,
but
what
is
what
is
not?
There
are
the
equivalent
modules
in
tiny,
go
assembly
script.
A
Got
a
tiny
go
silly
script
and.
C
So
we
need
tiny,
go
assembly
script
and
then
the
remainder
of
the
rust
crates
for
the
for
the
first
party
actor
interfaces.
A
Yeah
now,
if
I
go
to
add
a
new,
you
know
actor
or
anything
or
a
new
capability,
I
won't
need
to
update
the
sdk
right
I'll
ride.
On
top
of
the
sdk.
C
So
if
you
build
an
actor
on
the
existing
rust
sdk,
it
will
still
be
binarily
compatible
with
the
new
stuff
that
uses
the
codegen,
but
your
developer
experience
will
be
different,
so
the
the
0.15,
you
know
the
whole
wisem
cloud
rewrite
is
also,
instead
of
coming
with
a
single
monolithic,
actor
sdk,
which
is
what
we
have
today.
C
A
Got
it
and
then
so
when
so,
who
owns
that
kevin?
Do
you
own
the
sort
of
templating
here
or
phil?
Is
that
you
who's
got
the
who's,
got
the
to-do
hanging
on
this
one?
Well,
I.
C
Own
the
rest
of
the
rust
ones-
and
I
was
hoping
phil-
was
going
to
take
a
shot
at
the
tiny
go
and
assembly
script
ones.
E
Yeah,
that's
on
me.
It's
a
matter
of
finding
some
time,
I'm
deep
in
some
other
stuff
right
now,.
A
Fair
enough,
fair
enough,
but
I
know
you've
got
a
lot
going
on
phil.
We
love
all
the
all
the
contributions
here
and
then
are
we
going
to
you
know,
move
a
lot
pc
to
the
wash
directory
so
that
it's
all
the
you
know
together
is
that
one
of
the
things
we've
got
in
flight
here.
A
A
All
right,
let
me
put
a
pin
in
that
on
combining
the
github
get
up
stuff
later
we
can
take
that
offline
and
then
you
know
I've
been
go
to
my
update.
I've
got,
we've
talked
a
bit
about
you
know,
like
you
know,
combining
a
bunch
of
the
messaging
into
and
the
the
blogging
into
a
wasn't
cloud
as
a
name
as
like
the
broader
name.
A
So
I
took
some
time
here-
and
I
shared
this
out
with
a
few
of
you
to
build
out
what
we
think
the
sort
of
experience
will
look
like
on
the
new
website,
with
dot
15
we've
got
sort
of
a
rewrite
of
the
docs
here.
The
stuff
in
bold
are
the
headers
of
what
I
was
modeling.
This
after
was
zeke.org.
Here
I
thought
they
did
a
good
job
on
managing.
A
You
know
the
sort
of
like
experience
and
the
layout,
including
you
know,
like
you,
know,
documentation
for
long-term
release
and
some
other
stuff
as
part
of
the
documentation
rewrite.
I've
looked
at
docusaurus,
obviously
sphinx
and
a
few
other
tools
that.
C
I
don't
know
if
you
noticed
or
not,
but
the
the
page
you
pulled
up
for
zeke's
documentation
is
a
hugo
template.
This
is
spanx.
Actually
it's
still
a
hugo
template.
Okay,
I
mean
there's,
I
don't
know
what
engine
they're
using
to
host
it
or
whatever,
but
that
that
template
the
css
and
stuff
for
it
is
either
hugo
or
hugo
ish.
But
one
of
my
open
questions
is:
have
we
decided
on
a
layout
css
template
for
the
docs.
A
No,
I
think
you
know
sphinx
is
pretty
pluggable,
but
I
think
the
first
thing
is
sort
of
to
sort
of
decide.
What's
the
engine
we're
going
to
use,
whether
it's
you
know
sphinx
or
I'm
not
married
in
any
way
to
docusaurus,
it
just
looks
like
a
very
modern
way
to
make
open
documentation,
websites
and
some
of
the
some
of
the
examples
you
know,
look
look
pretty
good
as
far
as
like
the
guides
here.
A
Versions,
yeah,
you
got
it
and
that's
to
me
feels
like
the
critical
one
on
you
know
having
you
know,
there's
a
long
term
support
release
versus
a
future
release
and
versus
what
the
master
is
that
what
I
was
really
kind
of
going
for
here,
so
being
able
to
version
all
the
apis
and
having
different
landing
pages,
or
you
know
what
we
launched
under
wasn't
cloud
felt
right
and
then
also
doing
you
know
trying
to
pay
a
little
more
care
on
the
onboarding
experience
on
how
to
get
into
the
community.
A
You
know
the
faqs
and
stuff
the
tutorials
linking
the
demonstrations
here,
the
providers
that
we
have
in
day
one
and
then
organizing
the
community
stuff
a
bit
better
with
some
upcoming
events.
So
this
is
the
1.0
for
the
site.
A
If
anybody
has
any
feedback,
feel
free
to
just
drop
it
in
slack
or
here
for
next
week,
I'm
going
to
try
to
have
a
first
cut
of
this,
so
an
mvp.
I
have
no
idea
what
technology
I'm
gonna
use
to
do
that
it
will
likely
just
be
a
hugo
template
cabin
here
that
we
can
integrate
into
integrate
into
github
actions
in
netlify
or
cicd.
Is
that
for
me
it
is
oh.
Thank
you.
I'm
recording
a
call
right
now,
though.
Thank
you
so
much.
A
A
I'm
gonna
just
put
the
lights
inside
for
right
now,
so
any
questions,
your
thoughts
about
the
website
plan
and,
like
you
know
what
we're
going
to
do
there.
A
All
right-
that's
my
that's
my
friday,
so
I'll
give
you
guys
I'll
start
just
dropping
out
early
early
feedback
and
and
something
else
you
know
the
the
real
intention
here
with
the
wasn't
cloud
stuff
is
too.
We
have
all
of
these
disparate
discussions
happening
across
the
crestlet
blog,
the
diaz
blog
wasp.dev.
A
We
want
to
get
all
those
together
and
wasn't
cloud
is
actually
a
new
llc,
because
we
have
a
couple
of
discussions
where
we
want
to
do
some
logo
exchange.
So,
for
example,
if
we're
able
to
successfully
get
through
the
coral
google
coral.ai
partner
program,
we
want
to
get
our
logo
there
and
their
logo
here.
So
we
want
to
start
getting
those
compatible
with
you
know:
google
coral
compatible
with
nvidia
jetson
compatible
with
you
know.
Iv.
A
I've
got
a
meeting
with
ibm
cto
on
monday
by
the
way
about
getting
there
doing
an
interchange
with
them
too,
and
getting
some
support
across
the
board.
Here,
it's
look
we're
getting
some
really
cool
adoption
of
the
tooling
in
various
places.
A
You
know
phil
with
ypc
and
wasp,
and
but
we're
not
we're
not
like
reflecting
that
as
a
community
and
saying
join
us
as
a
team
and
that's
what
the
goal
is
with
wasn't
cloud
ultimately
wasn't
cloud:
the
will
go
into
a
foundation
whenever
we
get
that
set,
but
we're
all
sort
of
up
to
speed
on
with
the
bytecode
alliance's
team's
transition
from
mozilla,
vastly
the
linux
foundation
and
the
other
parties.
A
There's
just
not
a
certain
core
plan
out
here
yet
for
where
we
end
up
at
the
end
of
the
day
and
my
my
point
is:
it
could
be
another
six
months
or
a
year
before
that
stuff's
ready
and
the
sooner
that
we,
like
you,
know
just
collaborate,
the
better.
So
that's
what
I'm
trying
to
organize
around
lawson
cloud,
any
thoughts
or
questions
on
that.
A
So
I'm
super
excited
about
it
and
you
know
like
we'll.
You'll
start
to
you
know,
do
things
on
your
backlog
there,
let's
see
so
doc's
rewriting
mentioned,
wasn't
cloud
the
adrs
we've
got
a
crustal
update
that
we're
waiting
on
we'll
get
the
microsoft
folks
on.
Maybe
next
week
kevin
you
brought
up
the
coda
tutorials.
C
It's
it's
more
like
an
idea.
That's
really
it's
sort
of
mentally
in
the
backlog
in
your
website
map,
there's
a
a
section
that
says
play
with
wasm
cloud
online
yeah
and
that's
essentially
where
the
code
of
containers
are
going
to
go.
The
idea
is
that
we
want
to
give
people
a
tanker
playground
that
they
can
use
to
get
over.
That
initial.
A
I
really
love
that
kevin,
that's
so
thoughtful
and
that's
probably
as
we
you
know,
go
through
our
you
know.
Do
the
we
probably
want
to
prioritize
this
a
little
bit
into
the
first
pass
of
the
docs
a
first,
because
that'll
involve
a
rewrite
of
liking
of
the
script
for
the
tutorials,
and
then
we
can
try
to
run
this
through
on
on.
You
know,
kinda
coda
and
see
how
they
sort
of
show
up
and
how
they
work
and
stuff
like
that.
But
I
like
that,
a
lot.
C
What
the
heck
is
are
those
things
called
the
mooc,
the
mooc,
the
the
the
edx
online
class
for
linux
foundation,
that
that
deadline
is
january
ish,
so
that
there
will
also
be
another
source
of
learning
and
documentation
for
this
stuff.
Great.
A
Super
okay:
well,
I
knew
we
were
gonna
have
a
fast
one.
Today
anybody
have
any
follow-up
questions
on
what's
in
flight
or
how
things
are
coming
along.