Re: [Social-discuss] Yet another idea on a free social network

[Henry Litwhiler]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/22/2010 12:33 PM, Lucas Stadler wrote:
>>> The last basic data type is also the most important. It contains
>>> the definition of the information about a particular persons. I
>>> call this an 'identity'. The minimal information that is required
>>> to be part of the idea, is a foaf:Person definition with a public
>>> key defined in it (WOT - Web of Trust). As I thought that a user
>>> should only make availlable what he/she wants, one can also decide
>>> to encrypt part of the identity and therefor restrict access to
>>> a group. (Again, more on this (the groups) later.)
>>
>> Have you looked at foaf+ssl?
>> http://esw.w3.org/Foaf%2Bssl/FAQ
>>
>> Henry
> Actually I did have a look at it, but I do not know if it is good to
> require all users having to have an URI, because you either need to
> own a domain or find some kind person to give a subdomain or whatever
> to you. And if one would use an URI such as http://facebook.com/~me 
> or something like this, we would end up depending on them anyway.
> Is this view correct or somehow ... wrong?
> 

Having a URI like this does not create the same kind of dependence that
a service like Facebook does now, the main difference being that with
this sort of scheme, the user can *very* easily switch providers,
because the handle is just a convenient way of redirecting requests to
you (your server?).

> I know had a further look at it and it seems that one needs to have a
> web server to use it. At least that is what I guessed from [1]. But I
> think that it should be possible to retrieve such a document just by
> establishing a connection through TCP or whatever direct connection
> one could have between two nodes and encrypt that with SSL.
> Personally, I do prefer this method, as the emphasis on the idea was
> that of p2p connections. Nonetheless, I think that it is important to
> support both, even if the latter would require a server and a domain.
> 
> [1] http://blogs.sun.com/bblfish/entry/foaf_ssl_adding_security_to
> 
> 

It's good to support both, but I think that the direct, P2P approach
might be a better one for two reasons that I can think of at the moment:

1. Some (most?) ISPs prohibit the running of webservers by their
customers, but very few block/modify P2P traffic.
2. I have the feeling that it would be much easier to implement and use
the P2P approach than the "everyone has a webserver" approach.

- --
Henry L
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJL0McnAAoJEIRrI0p6YC9XpcoQAK3xjL5PqpVYMCbZUAigWz3l
kgBVpC9rbj3YdcqLq5L7i1Zq22fZJoJk9JispQWBBhW/GaQz06qSH43jk0aewTTO
aGmD4uwWyhiTU9tTrhW8h34rgm0Lj6rjaNfkNapTaufxvnKyDkHXr1Rd5RIep3KF
GKG6vIPDp6OZMxt9SqUn6VGzmAdROdihSx2CKVtGYweRP2uH9zsqrTNWXMA0q7fU
Z7cSbAKk/Q068h0QgWCDDAFKA1vRKm8xv2dBuNvx6u9wHc5DUAjJFYNeGdY4RgBe
Itmjz/S5s+u0pbkAnfp6gi+qrQ/FEAawhYdwPdlR6GuIJWKmdM+IPr/CCw6A/Hw+
Y0d8iBJXYrIwVVL/2lIK9kN7whMHyylhwyQixEvc2l4/dF4A2Paxp5PnsWM/aOUl
9GSewAp5TjOM9j2SNT40lbcF4tdDPO1jDjUo7sA8++P2vJnZjkvhwhqHt5ZPFMUo
HQh8UyZYi9jGqsf0VCP1/Dkr5LYBFOk3GZUcBB2TWnqg62S82zhBh4QcopFaz5gC
Gru7mWndEk/J14XeY8q3jmMjk6//zxmDjIyZHJ7Hw3wCq2D3jOp5D8zigmsQ6+VT
cPyLLpOP4yM0tK+q8AD2d+dlIpUOJ2o/GuYPQt9iAzaOI9XqKilAqC4dABbrbUST
FVB2eysyAsu8TsIqIl/q
=Iz7d
-----END PGP SIGNATURE-----