[Freedombox-discuss] Friendika

Subject: [Freedombox-discuss] Friendika
From: mail@aitorpazos.es (Aitor Pazos)
Date: Wed, 13 Jul 2011 18:05:33 +0200
Message-id: <[🔎] 2634902.okpP1JjPDN@apidell>
In-reply-to: <mailman.214.1310558410.19832.freedombox-discuss@lists.alioth.debian.org>
References: <mailman.214.1310558410.19832.freedombox-discuss@lists.alioth.debian.org>

I'm not an expert, but I'm worried about how many federated social 
alternatives are being developed, in many cases without tackling the 
underlying problems. We have protocols for our needs, we just have to 
integrate them, because each one is good for different needs. We have http for 
asynchronous communications with ostatus (microbloging/status), webdav (file 
sharing), groupdav (events and tasks) and html for posts, We have xmpp for 
synchronous communications (including audio and video) and collaboration. E-
mail should be supported for a complete user experience. The servers are 
already implemented and they are already federated services. It's a matter of 
introducing some abstraction on top of them (akonadi already integrates almost 
all this kind of services) and integrating user management, permissions, etc., 
and build the web interface on top of that abstraction. But I could still use 
all my normal clients (Kopete, Choqok, Dolphin, Kontact) which is something 
very important for my. If we change the underlying protocols, what will happen 
with all this software? Will developers bother to adapt their applications to 
the "new definitive" protocol before fixing the working protocols? Are we 
willing to render all this great applications useless? 

> > WebID
> > is an SSL infrastructure - which solves privacy issues at a cost of
> > everybody being accountable to an SSL signing authority. There are other
> > lesser technical issues, but this is the elephant in the room.
> > 

WebID uses SSL, but as far as I understand it doesn't rely in any CA. The 
certificates can be self-signed and they will work the same. It uses the 
private key installed in your PC (which might not be very convenient) and 
checks if it belongs to the public key (which you have copied sometime before) 
returned by the FOAF file. If they match, your friends server can be sure that 
you are who you claim to be
( http://www.w3.org/wiki/Foaf%2Bssl ). In this scheme it doesn't matter which 
the CA is.

Aitor Pazos Ibarzabal
Instant Messaging (Jabber, GTalk): aitor at aitorpazos.es
Web: http://aitorpazos.es
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110713/a7033467/attachment.pgp>

Reply to:

Follow-Ups:
- [Freedombox-discuss] Friendika
  - From: melvincarvalho@gmail.com (Melvin Carvalho)
- [Freedombox-discuss] Abstracted configuration (was: Re: Friendika)
  - From: henri@asseily.com (Henri Asseily)
- [Freedombox-discuss] Friendika
  - From: otto@celera.net (Ing. Otto Marroquin)

Prev by Date: [Freedombox-discuss] Friendika
Next by Date: [Freedombox-discuss] Friendika
Previous by thread: [Freedombox-discuss] Friendika
Next by thread: [Freedombox-discuss] Friendika
Index(es):
- Date
- Thread