I have been pondering the same kind of thing myself lately. In an alternate 
bizarro universe, what would the web look like that is modelled more around 
plan 9 concepts. Here's my fantastic take on this.

First, there is a focus on simplicity of implementation and interface over 
flashiness of UI. As a result, services are much easier to use directly rather 
than having to rely on html/js UI's. You just mount search engine, route 
planning tool, or even shopping site and echo commands into the ctl file. And 
you get back results as numbered files with simple text output. User 
doesn't accidentally run malicious software embedded in the service. 
It's all just 9P.

If a service is complex enough, due to complexity of the problem it is trying 
to solve (not invented complexity). Source code is posted on the service in C 
source code form. User runs mk, which is super fast because the compilers are 
optimized for this. They run the program in a rfork+rio sandbox. Users quickly 
learn how simple this is and do it regularly so that in trusted programs 
don't have access to what they shouldn't. The process isn't 
automatic so it doesn't happen without user knowledge. Pop ups and such are 
not possible.

User wraps the connection in tls if they don't want any snooping. Sensitive 
services such as banking don't allow unencrypted sessions.

URL's are just relative paths, navigable using acme and plumber. Absolute 
links to sites don't exist since the user can map their namespaces any way 
they choose. Instead, documents may give 9P connection information and 
locations. Cross site linking becomes very clear. To facilitate ease of 
navigation and discovery services pop up to curate documents with nice easy 
relative linking within that service.

Multimedia documents with both pictures and text are compiled into self 
contained files kind of like PDF without hyperlinks and arbitrary code 
expectation. Links between documents are relative paths as above. Users are 
accustomed to using simple text or even markup/markdown for most things. This 
rich format is for longer and more focused reading sessions: studying a topic, 
leisure reading.

Implementers of Internet services have a strong focus on simplicity of 
implementation and interface, but also in adopting common conventions. For 
example, a ctl file where you send commands and numbered directories with 
results of each invocation. Perhaps a new convention could be to include a 
readme file and maybe man page with details about how to use the service. Also, 
services are designed to be focused enough and standard enough that they can be 
easily interact with other services using pipes, redirects, etc. so that the 
user can combine them to suit their needs.

Services take advantage of the simplicity of plan 9 and 9P to easily sandbox, 
proxy and load balance their services. Also, commodity and mixed architecture 
systems are easily integrated for free or new services that are built with 
whatever hardware they can find.

Single signon is achieved using symmetric encryption. If the service recognizes 
your public key and you are able to sign a message using your private key you 
can proceed. Not sure how much overlap there is here with what is in tls and 
factotum. Something like factotum could be useful to allow you to specify 
different keys (identities) for different services. The point here is that 
authentication is in the user's control and not the service. The user ever 
only needs to remember one password or store their thumbprint in one place.

That's all I have so far.


Reply via email to