Re: [Social-discuss] Onesocialweb source code and federation

[Laurent Eschenauer]

On Thu, Apr 15, 2010 at 2:54 PM, Rob Myers <address@hidden> wrote:

On Thu, 15 Apr 2010 11:11:34 +0100, Story Henry <address@hidden>
wrote:

> On 14 Apr 2010, at 21:17, Laurent Eschenauer wrote:
>
>> But in the end... how do I authenticate (in an entity authentication
>> sense) to the
>> PuSH node ? That is a big piece missing at this stage in the HTTP
world,
>> and
>> where XMPP really helps.
>
> Have you looked at foaf+ssl? What is it that is missing? It uses HTTP,
> it's decentralised
> (and could even be used to secure XMPP)
>
>    http://esw.w3.org/Foaf%2Bssl/FAQ

Certainly https + FOAF is a "lowest common denominator" solution, which
would fit a keep-it-simple approach. I don't mean any disrespect to either
technology by saying this, I just mean that they are widespread and
relatively well understood by a large audience.

I just said that such a mechanism is missing in PuSH and Salmon is not a complete answer. I think that if you guys can bring authentication in PuSH via FOAF+SSL or whatever else solution, you have a winner.

In our case, we did not need anything like that having made the choice to build this on XMPP. Which in my opinion is much better suited for this kind of realtime server-server federation. But that debate is almost a religious one so I won't have it here :-)

Suffice to say that if someone (e.g. GnuSocial) comes with a HTTP based protocol to solve these use cases, we'll be happy to implement in onesocialweb.

Cheers,

Laurent