[Freedombox-discuss] Friendika
Melvin Carvalho
melvincarvalho at gmail.com
Wed Jul 13 16:10:19 UTC 2011
On 13 July 2011 18:05, Aitor Pazos <mail at aitorpazos.es> wrote:
> I'm not an expert, but I'm worried about how many federated social
> alternatives are being developed, in many cases without tackling the
> underlying problems. We have protocols for our needs, we just have to
> integrate them, because each one is good for different needs. We have http for
> asynchronous communications with ostatus (microbloging/status), webdav (file
> sharing), groupdav (events and tasks) and html for posts, We have xmpp for
> synchronous communications (including audio and video) and collaboration. E-
> mail should be supported for a complete user experience. The servers are
> already implemented and they are already federated services. It's a matter of
> introducing some abstraction on top of them (akonadi already integrates almost
> all this kind of services) and integrating user management, permissions, etc.,
> and build the web interface on top of that abstraction. But I could still use
> all my normal clients (Kopete, Choqok, Dolphin, Kontact) which is something
> very important for my. If we change the underlying protocols, what will happen
> with all this software? Will developers bother to adapt their applications to
> the "new definitive" protocol before fixing the working protocols? Are we
> willing to render all this great applications useless?
>
>> > WebID
>> > is an SSL infrastructure - which solves privacy issues at a cost of
>> > everybody being accountable to an SSL signing authority. There are other
>> > lesser technical issues, but this is the elephant in the room.
>> >
>
> WebID uses SSL, but as far as I understand it doesn't rely in any CA. The
> certificates can be self-signed and they will work the same. It uses the
> private key installed in your PC (which might not be very convenient) and
> checks if it belongs to the public key (which you have copied sometime before)
> returned by the FOAF file. If they match, your friends server can be sure that
> you are who you claim to be
> ( http://www.w3.org/wiki/Foaf%2Bssl ). In this scheme it doesn't matter which
> the CA is.
Just a quick note. WebID *can* use SSL, but doesnt *have* to use SSL,
that's just the first protocol documented in detail, because it has
widespread availability.
I, for example, use the same key for both my WebID and my OpenPGP key,
so I can use SSH, SFTP, Git signing, Enigma mail etc. too
>
> Aitor Pazos Ibarzabal
> Instant Messaging (Jabber, GTalk): aitor at aitorpazos.es
> Web: http://aitorpazos.es
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
More information about the Freedombox-discuss
mailing list