Hi, folks. I'm sure similar ideas to this have been discussed on this list before, but I wanted to talk about an application that's been living in my head for years and that I keep working on in fits and starts, in the hopes that either someone will "steal" the idea or decide to work on it with me to keep me motivated even when the goal seems so far away.
My apologies for the stream-of-consciousness nature of this post. I don't have much time before I need to grab dinner and I've never really written this all up in a coherent way before. My primary inspiration comes from Zooko's Triangle and the realization that *all* existing naming schemes used for communication are centralized. Email addresses and URLs are rooted in the DNS, which is ultimately controlled by ICANN and the US Government. I want people to "own" their own names, which means self-assigned and self-certifying names, i.e. something based on public keys or their hashes. Beyond that, like many people on this list, I'm interested in chat, publishing, and sharing without the need to rely on some corporation to provide resources other than connectivity (though I have ideas on how to get around that, even). The application I envision is simple: its main window looks a lot like Pidgin's contact list, but it also has a "Share" button that works a lot like Facebook's composer, allowing you to send content that's visible to everyone or some arbitrary subset of your contacts. Contacts would be identified by their (Ed25519) public key. When you add someone, you just paste their public key and type a "pet name" for them, which is what would be shown in your contact list. People could also associate various metadata with their public key in a very similar way to how they do with PGP keys: with metadata packets signed by themselves and other people, thus establishing a web of trust that would enable search, the same way we can reliably search for PGP keys but with an easier-to-use interface that will always show someone's relationship to your current trusted contacts. When you start the application for the first time, it prompts you to generate a public key or import one (it could be generated from a password, but this has some problems associated with it). It lets you put any metadata you want on the key, then connects to the network via an included list of seed peers, or you could type them in yourself. The application would then maintain a list of known reachable peers for future connections. Actual connectivity could be via Tor, I2P, or encrypted uTP. The nodes would form a DHT used for lookup, bootstrapping, and quite possibly publishing, ala gnunet. Another possibility would be to use gnunet or freenet directly for the publishing part. Here are some possible implementation strategies. The only one I've made any progress on so far is uTP: 1. uTP with our own DHT implementation for bootstrapping, lookup, and storage of published stuff 2. I2P + Freenet, all embedded into a Java app. 3. Tor + Gnunet, packaged together. 4. Completely in-browser, using WebRTC and local storage. In general, everything would be based on signatures. You could mark a post as spam simply by publishing a statement saying it was spam, perhaps even with signed RDF. Everything would have a self-certifying identifier based on content hashes. "Blog posts" would just be signed Atom or something like that. Most publications would be about other resources: file metadata and ratings, recommendations of blog posts or authors (identified by public key of course), claims that various items are spam, etc. You'd find stuff via your web of trust the same way we use RSS and mailing list subscriptions now. I could subscribe to the blog of any of my contacts, trust their media ratings, etc. I guess you could call this a p2p, pseudonymous version of Facebook, with all the same functionality and none of the privacy problems because privacy would always be defined by encryption. If you want something public, you post it in the clear. If you want something seen by only your friends, you encrypt the encryption key with each of their curve25519 keys. Comments and suggestions would be very much appreciated, and I'm happy to answer any questions you might have about the idea and what I've done so far after I eat dinner and drive home.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
