|Subject:||[foaf-protocols] replacing email with atom and foaf+ssl|
|From:||Story Henry (henr...@bblfish.net)|
|Date:||May 3, 2010 12:49:10 pm|
In the early days of Atom, people were speaking of using it to replace e-mail. This is in fact easy to do, we just need to try it out.
1. The problem.
Before explaining the solution, it is important to understand the problem. Currently Atom works like a public mailing list: everyone can read everybody's published email/post/entry. The advantage over mailing lists, is that emails automatically have global identifiers, and that the content does not need to be shoved around global networks, as spam has to be currently. People GET the entry when they want to.
What we want is to be able to narrow this down, so that one can publish (email) to only a select number of people: to one's friends for example, or just to one person. Ie we want to do the same with Atom as we do with email.
This requires two things: - A way of notifying someone or a group of a new post for them - A way of allowing software to access a atom entry in one simple click
2. The Solution
2.1 RESTful Identity and Authentication
foaf+ssl gives us WebIds, global identifiers tied to a public key, which allows
one click authentication. This works in all browsers.
There is more here: http://esw.w3.org/Foaf%2Bssl/FAQ
You can try some early demos out by going to http://webid.myxwiki.org/ for
example or any of the list of Identity Providers http://esw.w3.org/Foaf%2Bssl/IDP
Without foaf+ssl this is not really possible. Getting a username/password for
each of one's friends web servers would be impossibly complex, tedious and
insecure. OpenId is close, but still too complex, though it can also be made to
work nicely with foaf+ssl.
2.2 A ping mechanism
It just requires one new relation to be added to a foaf file. A link to a
simple form, which could be a atompub:Collection / sioc:Container . I went into this
in great detail in a recent post where I cover what I know of the pinging mechanism history, and show how this can be simplified further.
Writing such a pinging mechansim is really really easy. Adding a relation to a
foaf is also easy, as we can see from the recent adoption by Facebook, which is rdfa enabling
all its web pages.
When you want to publish an atom entry to someone, you would just need one of
their WebIds, and give access to only that WeBId for that entry. (A good GUI would
speak of this in a human way of course)
How would you get that WebId? Well if you have a blog for them, you have their
atom ID which can be used to find a webid. Or they could just give it to you at a party
on a card. Or it could be linked to from one of your friends foaf file....
When your reader access it, he just connects to your server with https, the
server asks the client for the X509 certificate, which can be sent. On authentication the
Entry is returned. That's all there is to it.
As a result we would have a system that would be pure p2p, RESTful email
equivalent. If A sends B a message, only A and B (and routers along the way) need to know
about that communication. Nobody else. With email they are routed all over the place,
for all kinds of people to observe.
Furthermore one would have built in SSL security in as a default.
Finally it is really easy to add client cert support to any application, as this is completely standard based.
Social Web Architect http://bblfish.net/
_______________________________________________ foaf-protocols mailing list foaf...@lists.foaf-project.org http://lists.foaf-project.org/mailman/listinfo/foaf-protocols