I have been pondering the same kind of thing myself lately. In an alternate
bizarro universe, what would the web look like that is modelled more around
plan 9 concepts. Here's my fantastic take on this.
First, there is a focus on simplicity of implementation and interface over
flashiness of UI. As a result, services are much easier to use directly rather
than having to rely on html/js UI's. You just mount search engine, route
planning tool, or even shopping site and echo commands into the ctl file. And
you get back results as numbered files with simple text output. User
doesn't accidentally run malicious software embedded in the service.
It's all just 9P.
If a service is complex enough, due to complexity of the problem it is trying
to solve (not invented complexity). Source code is posted on the service in C
source code form. User runs mk, which is super fast because the compilers are
optimized for this. They run the program in a rfork+rio sandbox. Users quickly
learn how simple this is and do it regularly so that in trusted programs
don't have access to what they shouldn't. The process isn't
automatic so it doesn't happen without user knowledge. Pop ups and such are
User wraps the connection in tls if they don't want any snooping. Sensitive
services such as banking don't allow unencrypted sessions.
URL's are just relative paths, navigable using acme and plumber. Absolute
links to sites don't exist since the user can map their namespaces any way
they choose. Instead, documents may give 9P connection information and
locations. Cross site linking becomes very clear. To facilitate ease of
navigation and discovery services pop up to curate documents with nice easy
relative linking within that service.
Multimedia documents with both pictures and text are compiled into self
contained files kind of like PDF without hyperlinks and arbitrary code
expectation. Links between documents are relative paths as above. Users are
accustomed to using simple text or even markup/markdown for most things. This
rich format is for longer and more focused reading sessions: studying a topic,
Implementers of Internet services have a strong focus on simplicity of
implementation and interface, but also in adopting common conventions. For
example, a ctl file where you send commands and numbered directories with
results of each invocation. Perhaps a new convention could be to include a
readme file and maybe man page with details about how to use the service. Also,
services are designed to be focused enough and standard enough that they can be
easily interact with other services using pipes, redirects, etc. so that the
user can combine them to suit their needs.
Services take advantage of the simplicity of plan 9 and 9P to easily sandbox,
proxy and load balance their services. Also, commodity and mixed architecture
systems are easily integrated for free or new services that are built with
whatever hardware they can find.
Single signon is achieved using symmetric encryption. If the service recognizes
your public key and you are able to sign a message using your private key you
can proceed. Not sure how much overlap there is here with what is in tls and
factotum. Something like factotum could be useful to allow you to specify
different keys (identities) for different services. The point here is that
authentication is in the user's control and not the service. The user ever
only needs to remember one password or store their thumbprint in one place.
That's all I have so far.