An attempt to escape Livejournal and Facebook...
or, what do we need to replace facebook?
Published on May 13, 2010 By Kazriko In Virtual Communities

They make a good case, http://gizmodo.com/5537502/diaspora-the-student+made-privacy+respecting-facebook-alternative , trying to replace facebook using a distributed network of sites. Of course, others have rightly stated that really, the web is already a social network. There's tons of sites for doing individual pieces of what facebook needs.

The main problem I see with that vision is that it doesn't seem like we have unified privacy and access controls across sites. I can publish stuff and share it on google reader, but the only ones I can give access to read and post to it are other google reader users. I can post pictures on Flickr, but how do I give access to my friends who might only be on Livejournal or Facebook?

This site mentions a few components of what might be an open stack or open mesh of apps to do this sort of thing. http://blog.broadbandmechanics.com/2008/11/19/the-open-stack-diso-and-all-those-closed-stacks/

OpenID addresses some of this, allowing people to use one identity across many sites and to comment using their identity. OAuth gives you the ability to share content with other applications, but doesn't seem like it covers sharing it with other users, and seems to be mildly cumbersome. Opensocial? It seems to cover embedding one site's content inside another, something RSS also does. XRD/XRDS-Simple seems to be a way of describing what format data is in. PortableContacts seems promising, but it doesn't seem to provide a way of specifying on a site where that site should look for a list of who is permitted to do what. It also seems to be geared more towards collecting your contact info rather than using it as an access list.

I'm also disturbed by the way that some of these things seem to keep changing their name. YADIS became XRDS-Simple then became XRD. Thus, everyone who used to have Yadis tags on their site are now obsolete, old programs that look for those tags are obsolete, etc.

I think I really would prefer something that used public key crypto to authenticate users as well.

Is there any standard that is designed around distributed access control?


Comments
No one has commented on this article. Be the first!