2010/4/22 Lucas Stadler <[email protected]> > Firstly, I would like to say hello to all the nice people here > as I did not write anything up until now. > In consequence I am not sure if a similar or even identical > idea has been on the list previously and if there was a > discussion about it. If so, please point me somewhere to > read it. > > I only have _some_ experience with programming and software > design in particular. But nonetheless, I am quite interested > in both of it and additionally, free social networks are something > I have been thinking about a lot. > > My idea is a decentralized, distributed *and* free social network. > There are no servers, no central 'places' and nothing that can be > controlled by people having nothing to do with it. > Basically it is just a collection of XML documents, which are sent > around between users. The good thing about it is, that RDF is used > to provide metadata about all exchanged data, in particular > foaf for identification of users. Another special thing about this > is, that one provided public key is used for both user identification > and data encryption, but later more on this. > As different types of information have several things in common > there must be a XML container element to hold both the RDF metadata > and (after it) the actual piece of information. I will call this > thing - I do not know why - a 'piece'. Any exchanged information > except requests encapsulated in those pieces. > The second basic 'type' is something like a request. It maintains > everything concerned with communication between clients such as > connection establishing, pieces exchange and request for > particular pieces. Again, this request is simply a XML element > containing metadata about the 'subject'. The two obviously required > things are the user id (i.e. the public key or the finger print) > and the type of request. > The last basic data type is also the most important. It contains > the definition of the information about a particular persons. I > call this an 'identity'. The minimal information that is required > to be part of the idea, is a foaf:Person definition with a public > key defined in it (WOT - Web of Trust). As I thought that a user > should only make availlable what he/she wants, one can also decide > to encrypt part of the identity and therefor restrict access to > a group. (Again, more on this (the groups) later.) > I will sum up what we have onto this point. We have inter-client > data exchange, and a type for the actual data. If requested by > the user some of the data can be encrypted for a particular person > or perhaps even a group of persons. The data can be of any type, > including XML based languages such as HTML. However, I recommend > to include type of request that explicitely requests the pure text > form of the data. Finally we have a user which is identified by > just a public key and what he/she wants to publish. > > The next part is the connection and data storage part. I am not quite > sure how to think about this, but I think a lot is to be learned > from the p2p projects (BitTorrent, Freenet, ...). I want to mention > EOF[1], which is a 'secure, peer-to-peer (p2), decentralised > anonymous chat network'. It is rather low-level, but I think that it > could serve as one of the protocols that have to be supported by a > client. I forgot to mention DHTs (Distributed Hash Tables) in the > first place. As far as I know, they could be used to discover other > nodes that are online or availlable aswell. > The next is the storage of 'common' information. One might also call > them 'shared', as they are not owned by a particulary person, but a > group of persons. This also some rather complex topic I do not know > much about. But I think that there are smart people out there, that > could help with that. (The current pre-draft state idea is expected > to evolve anyway.) > Another thing, is the mirroring of information. I think that it is > a good thing to save all the retrieved information locally. This way, > information would never get lost if it is interesting to others. > Another possibility is to store information (always encrypted) somewhere > else e.g. on a trusted persons computer. This provides additional > security by not giving sensitive data to unknown parties. > I think that data stored on a clients computer can be stored in any > way. It just has to be exchanged in a standard (XML and RDF) way. > Another recommondation is to encrypt data even on the machine one is > working on (with oneselfs public key). > > As this idea shares several concepts and ideas with other projects, > there are similar but somehow insufficient projects: > - any proprietary social network (shoudl be obvious) > - XMPP (central servers, need to be registered on one) > - ... > These projects are also a source of inspiration. > I have to emphasize that this is more a collection of existing ideas > and technologies into one new project rather than a revolutionary > new bunch of protocols and languages. > > Finally just one last list of 'features' and requirements: > - distribution > - multiple clients > - ONE exchange format > - handwritable (as RDF can be expressed with n3) > - any information (XML, others through something like XMPPs Jingle?) > - security (public key encryption (+ connection encryption?)) > - privacy (public keys, publish what you want) >
Great post, and nice summary. Important to note that most of these technologies are interoperable anyway. This is a comprehensive lits, I think one piece you may have overlooked from the selection is dyndns. Most of the things you have mentioned are solved in at least one way, it's a case of putting things together right now, or finding someone that wants to package things. Some comments: - Top down data driven design is the way to go for maximum freedom (RDF/FOAF fits here) - Should be HTTP compatible, for maximum reach, while not excluding other techs - FOAF+SSL & WAC are very good starts for privacy and security - SPARQL Update (SPARQL 1.1) can be used to exchange data, as can WebDAV or simple HTTP PUT, other protocols are fine too - Public keys / strong authentication are a big plus, imho - XMPP integration is also a plus - A good triple store is a plus - Encryption isnt that well advanced but hopefully will get better tahoefs is an idea - WOT will arise from this infrastructure as it gets more popular I have all of these things running on my desktop secured through apache and FOAF+SSL. So we can do much of what you are looking for today...we just need more of the 100 million+ FOAFs to start becoming power users, then we can start having some fun! :) > - ... > > After having a short view on the ideas page of daisychain/GnuSocial it > seems to me that this idea and your wishes have quite a lot of parts in > common. > > I think thats basically all of it. I posted it as it is an important > thing to do things in a group and to get feedback and so on. This is > also my excuse for bad style, unclear or not too precise statements. > If there are any questions, feedback, suggestions and interest in > general, please simple answer to this thread. > (Again I want to say that this a prior-to-be-readable conclusion of my > ideas. I post it as I am eager to get some feedback and of course to > soon have a p2p and fun free social network running somewhere out > there :) > > Thank you for reading (if you got through it...). > > [1] http://www.nico.schottelius.org/software/ceofhack > _______________________________________________ > foaf-dev mailing list > [email protected] > http://lists.foaf-project.org/mailman/listinfo/foaf-dev >
