Group: GNU Social/Project Comparison

From LibrePlanet
Jump to: navigation, search
Line 41: Line 41:
 
| None (login via OpenID)
 
| None (login via OpenID)
 
| Wiki, groups, forums, bookmarks
 
| Wiki, groups, forums, bookmarks
 +
|-
 +
| [http://wiki.github.com/shashi/shashi.github.com/daisychain Daisychain]
 +
| Proof of concept
 +
| Proof of concept
 +
| Proof of concept
 +
|-
 +
| [http://code.google.com/p/partuza/ Partuza]
 +
| Proof of concept
 +
|
 
|}
 
|}
  
* http://wiki.github.com/shashi/shashi.github.com/daisychain
+
*  
* [http://code.google.com/p/partuza/ Partuza]
+
*  
 
* [http://appleseed.sourceforge.net/ The Appleseed Project]
 
* [http://appleseed.sourceforge.net/ The Appleseed Project]
 
* [http://diso-project.org/ DiSo]
 
* [http://diso-project.org/ DiSo]

Revision as of 23:17, 12 May 2010

Group:GNU Social Project Comparison

Commodity webhosting approach

Pros

  • Deployable on commodity PHP webhosting.

Cons

  • Commodity webhosting happens on virtual machine farms. Encryption, security and privacy are not safe on virtual machines.
  • A federation of such PHP-based servers cannot handle as much traffic as applications using optimized protocols rather than HTTP.

Projects

Commodity hosted services Code maturity Distributed capability Features
StatusNet Production OStatus (login via OpenID) Microblogging
Crabgrass Production Proprietary? Collaboration tools including task list management, meeting scheduling, asset management, wiki, and decision making
Diaspora Starting Planned Planned
Elgg Production None Profiles, microblogging, streams, groups
Pinax Production None (login via OpenID) Wiki, groups, forums, bookmarks
Daisychain Proof of concept Proof of concept Proof of concept
Partuza Proof of concept

Issues specific to this architecture

Open Profile / Browser Certificates approach

Pros

  • The browser can authenticate with a decentralized choice of web servers using a certificate.
  • Certain amount of encryption operations can take place in a regular web browser.

Cons

  • You need to surf to web sites to pick up profiles and information waiting for you, there is no real-time notification stream.
  • You cannot do group encryption.

Projects

  • Open Profiles proposal using x287
  • FOAF
    • FOAF provides web scale profile system that is arbitrarily extensible
    • "I express my network in a FOAF file, and that is a start of the revolution." -- Tim Berners-Lee
  • FOAF+SSL for RESTful p2p authentication - libraries in php, java, perl, python, and Apache module available.

Federation of Servers approach

Pros

  • Existing infrastructure of servers. Familiar traditional Internet architecture.

Cons

  • Still putting a certain degree of trust into servers, but we don't want unencrypted trust networks stored on servers, and can we trust SSL keys to be safe on servers in future?
  • Even if we only let them see encrypted messages, we would still trust our servers to carry our social graph.

A way to solve this dilemma is to allow for more servers to run on the user's computer – then it is fine if the server is involved in group encryption maths, storage of the web of trust and personal data of our friends or even private key encryption on the user's behalf. Essentially bringing XMPP and PSYC into a more P2P mode of operation. This works with PSYC – for XMPP it may need some tweaking.

Projects

  • XMPP
    • "Message oriented middleware" -- should be useful for inter-server communication
    • Need to include an XMPP server in base install?
      • Is it possible to route what we need through an arbitrary XMPP server?
        • You can route whatever you want through the XMPP network, as long it is not binary data.
    • OneSocialWeb is a social network initiative on top of XMPP.
    • Google Wave
    • https://rhizomatik.net/mycelia
  • PSYC for push messaging and portability
    • native one-to-many distribution by multicast trees on top of TCP (or UDP when sufficient)
    • you can come up with your own protocol extensions and deliver binary data with it
    • some social network functions already built-in
    • dyne folks have one running http://hinezumi.im
    • rooms can be scripted to route messages also to JSON (web)
    • multicast encryption scheme (automated shared secrets among groups of people, respectful of optimal routing)

Peer-to-peer (P2P) / Distributed Hashtable (DHT) approach

Pros

  • No doubt peer-to-peer is the approach that respects privacy the best, as it allows any social interaction to be end-to-end or group encrypted.

Cons

  • Needs a special strategy for message delivery when a source goes offline (servers, DHT and/or group communication redundancy)

Projects

Social desktop applications

Pros

  • allows for end-to-end encryption for people and groups
  • heavy integration in the computer desktop experience
  • allows for much richer interactions beyond traditional social networks (like file sharing)

Cons

  • could be done in an unsafe client/server way, so be careful to get it right! Get it right probably means to do it in a P2P way (see section above)

Projects

Distributed Node Architecture

This architecture entails separating an end-user's GNU Social node into five components. See here for more. This essentially brings all of the approaches (and thus existing solutions) mentioned above into a big picture and defines a framework for them to interact.

Pros

  • Allows end-to-end encryption for people and groups and anything else
  • Allows the use of arbitrarily many transport protocols such as HTTP, XMPP, or PSYC for relaying data between nodes
  • "Future proofs" by defining protocols between components and not making assumption about the structure of other aspects of the node
  • Allows users to access the same account using different client programs (web browser, dedicated app, MeMenu, etc.)

Cons

  • Possibility of over-design
Retrieved from "https://libreplanet.org/wiki?title=Group:GNU_Social/Project_Comparison&oldid=16237"