2010/4/22 Lucas Stadler
<address@hidden>
Firstly, I would like to say hello to all the nice people here
as I did not write anything up until now.
In consequence I am not sure if a similar or even identical
idea has been on the list previously and if there was a
discussion about it. If so, please point me somewhere to
read it.
I only have _some_ experience with programming and software
design in particular. But nonetheless, I am quite interested
in both of it and additionally, free social networks are something
I have been thinking about a lot.
My idea is a decentralized, distributed *and* free social network.
There are no servers, no central 'places' and nothing that can be
controlled by people having nothing to do with it.
Basically it is just a collection of XML documents, which are sent
around between users. The good thing about it is, that RDF is used
to provide metadata about all exchanged data, in particular
foaf for identification of users. Another special thing about this
is, that one provided public key is used for both user identification
and data encryption, but later more on this.
As different types of information have several things in common
there must be a XML container element to hold both the RDF metadata
and (after it) the actual piece of information. I will call this
thing - I do not know why - a 'piece'. Any exchanged information
except requests encapsulated in those pieces.
The second basic 'type' is something like a request. It maintains
everything concerned with communication between clients such as
connection establishing, pieces exchange and request for
particular pieces. Again, this request is simply a XML element
containing metadata about the 'subject'. The two obviously required
things are the user id (i.e. the public key or the finger print)
and the type of request.
The last basic data type is also the most important. It contains
the definition of the information about a particular persons. I
call this an 'identity'. The minimal information that is required
to be part of the idea, is a foaf:Person definition with a public
key defined in it (WOT - Web of Trust). As I thought that a user
should only make availlable what he/she wants, one can also decide
to encrypt part of the identity and therefor restrict access to
a group. (Again, more on this (the groups) later.)
I will sum up what we have onto this point. We have inter-client
data exchange, and a type for the actual data. If requested by
the user some of the data can be encrypted for a particular person
or perhaps even a group of persons. The data can be of any type,
including XML based languages such as HTML. However, I recommend
to include type of request that explicitely requests the pure text
form of the data. Finally we have a user which is identified by
just a public key and what he/she wants to publish.
The next part is the connection and data storage part. I am not quite
sure how to think about this, but I think a lot is to be learned
from the p2p projects (BitTorrent, Freenet, ...). I want to mention
EOF[1], which is a 'secure, peer-to-peer (p2), decentralised
anonymous chat network'. It is rather low-level, but I think that it
could serve as one of the protocols that have to be supported by a
client. I forgot to mention DHTs (Distributed Hash Tables) in the
first place. As far as I know, they could be used to discover other
nodes that are online or availlable aswell.
The next is the storage of 'common' information. One might also call
them 'shared', as they are not owned by a particulary person, but a
group of persons. This also some rather complex topic I do not know
much about. But I think that there are smart people out there, that
could help with that. (The current pre-draft state idea is expected
to evolve anyway.)
Another thing, is the mirroring of information. I think that it is
a good thing to save all the retrieved information locally. This way,
information would never get lost if it is interesting to others.
Another possibility is to store information (always encrypted) somewhere
else e.g. on a trusted persons computer. This provides additional
security by not giving sensitive data to unknown parties.
I think that data stored on a clients computer can be stored in any
way. It just has to be exchanged in a standard (XML and RDF) way.
Another recommondation is to encrypt data even on the machine one is
working on (with oneselfs public key).
As this idea shares several concepts and ideas with other projects,
there are similar but somehow insufficient projects:
- any proprietary social network (shoudl be obvious)
- XMPP (central servers, need to be registered on one)
- ...
These projects are also a source of inspiration.
I have to emphasize that this is more a collection of existing ideas
and technologies into one new project rather than a revolutionary
new bunch of protocols and languages.
Finally just one last list of 'features' and requirements:
- distribution
- multiple clients
- ONE exchange format
- handwritable (as RDF can be expressed with n3)
- any information (XML, others through something like XMPPs Jingle?)
- security (public key encryption (+ connection encryption?))
- privacy (public keys, publish what you want)
Great post, and nice summary.
Important to note that most of these technologies are interoperable anyway.
This is a comprehensive lits, I think one piece you may have overlooked from the selection is dyndns.
Most of the things you have mentioned are solved in at least one way, it's a case of putting things together right now, or finding someone that wants to package things.
Some comments:
- Top down data driven design is the way to go for maximum freedom (RDF/FOAF fits here)
- Should be HTTP compatible, for maximum reach, while not excluding other techs
- FOAF+SSL & WAC are very good starts for privacy and security
- SPARQL Update (SPARQL 1.1) can be used to exchange data, as can WebDAV or simple HTTP PUT, other protocols are fine too
- Public keys / strong authentication are a big plus, imho
- XMPP integration is also a plus
- A good triple store is a plus
- Encryption isnt that well advanced but hopefully will get better tahoefs is an idea
- WOT will arise from this infrastructure as it gets more popular
I have all of these things running on my desktop secured through apache and FOAF+SSL.
So we can do much of what you are looking for today...we just need more of the 100 million+ FOAFs to start becoming power users, then we can start having some fun! :)
- ...
After having a short view on the ideas page of daisychain/GnuSocial it
seems to me that this idea and your wishes have quite a lot of parts in
common.
I think thats basically all of it. I posted it as it is an important
thing to do things in a group and to get feedback and so on. This is
also my excuse for bad style, unclear or not too precise statements.
If there are any questions, feedback, suggestions and interest in
general, please simple answer to this thread.
(Again I want to say that this a prior-to-be-readable conclusion of my
ideas. I post it as I am eager to get some feedback and of course to
soon have a p2p and fun free social network running somewhere out
there :)
Thank you for reading (if you got through it...).
[1] http://www.nico.schottelius.org/software/ceofhack
_______________________________________________
foaf-dev mailing list
address@hidden
http://lists.foaf-project.org/mailman/listinfo/foaf-dev