[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] some thoughts on URI namespaces

On 29 December 2014 at 08:18, Markus Sabadello <markus at projectdanube.org>

>  On 12/28/2014 11:51 PM, Melvin Carvalho wrote:
> On 28 December 2014 at 22:45, Markus Sabadello <markus at projectdanube.org>
> wrote:
>> On today's call we talked about whether Plinth or jwchat should be the
>> start page.
>> And we currently have Owncloud at the path /owncloud.
>> I think this question of "URI namespace layout" will become more
>> important as we add more applications to the box.
>> One pattern I have been experimenting with is creating subdomains for
>> each new application which has a web interface.
>> I think this is more reliable than using folders, since some
>> applications may assume they are installed at the root /.
>> So if my PageKite name is markus.pagekite.me, I could have:
>> - owncloud.markus.pagekite.me
>> - plinth.markus.pagekite.me
>> - jwchat.markus.pagekite.me
>> - radicale.markus.pagekite.me
>> - diaspora.markus.pagekite.me
>> - mailpile.markus.pagekite.me
>> - etc.
>  I was doing something similar with one of my domains.
>  It's important in the domain that contains your profile page that the
> document and the person entity are delineated. This will facilitate ability
> to link to our other properties, and also more easily add future proofed
> things such as a public key for PKI.
>  Note: indieweb, owncloud, diaspora do *not* use this pattern.  They are
> all neat systems but I suspect will run into scalability issues for this
> reason.  I also hope there may be some work in fbx and/or debian to support
> WebID.
>  The traditional way to do this separation is with the # character.
> Unfortunately in HTP this char is overloaded to mean many things (anchor,
> linked data subject, media control, hiding device from server) so it can be
> very confusing.  I use #me in my profile, but #i is sometimes used, user
> can choose.
> I remember in Cool URIs, the other way of doing it was 303 URIs, but that
> is not the preferred way anymore?
> In general I think support for RWW/LDP/WebID/etc would be great.
> At some point I might want my root domain name (e.g. markus.pagekite.me)
> to support a range of different services, e.g.:
> - When opened in the browser, an IndieWeb-compatible site such as Known (
> withknown.com)
> - Accessible with LDP protocol backed by gold or rww-play, etc.
> - Smart webfinger service that points to my remoteStorage, OpenID Connect,
> Mozilla Persona
>   Also note that serving up mixed content over different domains, and htp
> vs https is something browsers have enormous problems with.  Even something
> as simple as using the web crypto API will be problematic cross origin.
> Same applies to a lesser extent for AJAX meshups.
> But if you install completely separate applications on subdomains such as
> mailpile, owncloud, diaspora, etc. then why would there be mixed content
> across domains?
> Wouldn't it actually be a big security feature rather than a bug if those
> separate applications can't XSS
> <http://en.wikipedia.org/wiki/Cross-site_scripting> each other?

Do you think an fbx xauth subdomain may be useful here?


Just thinking out loud.

>   So, while I like subdomains, at least today it poses implementation
> challenges.  Possibly best to avoid, unless you're providing fbx entry
> point for family members and/or friends.
>> These should also work with an "internal" (dnsmasq-provided) domain when
>> I access the box from within my home network, e.g.:
>> - owncloud.freedombox
>> - plinth.freedombox
>> - jwchat.freedombox
>> - radicale.freedombox
>> - diaspora.freedombox
>> - mailpile.freedombox
>> - etc.
>> In Plinth, I may want to have an option to set a "default" one, i.e.
>> which one should show up at markus.pagekite.me
>> When using subdomains rather than folders, we also need different Tor
>> .onion addresses for each application, which is probably preferable
>> anyway.
>> Thoughts?
>> Markus
>> _______________________________________________
>> Freedombox-discuss mailing list
>> Freedombox-discuss at lists.alioth.debian.org
>> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20141229/89a7122d/attachment.html>

Reply to: