Distributed social networks – tools that give you all the social and political benefits of the siloed networks (Google+, Facebook, etc), but without being a massive honey pot for surveillance and data mining, are, in my view, the way we should be heading.

In this model, public posts are easy (that’s just the web), but limiting posts so that they can only be seen by a limited number of your friends is somewhat harder. On Elgg, and similar systems, the standard solution was to make everyone create an account, and profile, on your node. This is, to a large extent, the traditional approach, but basically ends up with you having multiple profiles around the internet (with multiple passwords to remember) which are, crucially, controlled by a third party.

This is a bad thing, and in the post Snowden world, a downright dangerous thing.

I’ve previously discussed a possible approach to providing distributed signon using OpenPGP keys as identity mechanism, and I’ve finally got around to fleshing this out, and building a prototype, now that distributed friending is in Idno/Known core.

Protocol overview

  • Two user profiles, Alice and Bob
  • Alice and Bob generate, or otherwise associate, a PGP key pair with their users (for the most part, only public keys are used in this. You only need to store the private key on the server if you’re automating the process of signing in, and if you can store your private key in your browser, there is eventually no need to store private keys on the server).
  • Alice adds Bob as a friend, and Alice’s site visits Bob’s profile for his public key (see “Public key discovery” below)
  • Rinse, repeat, for Clare, Dave, Emma, Fred, etc…
  • Alice writes a post, and only wants Bob to see it. She lists Bob’s profile URL as an approved viewer.
  • Bob visits the private post, and identifies himself by signing his profile URL with his key, and then POSTing the ascii armoured signature as signature to the post URL.
  • Alice verifies the signature, and confirms that the key’s fingerprint belongs to Bob’s key, and if so, lets Bob see the post.

Public key discovery

Bob makes his public key available by putting it on his web server, and making it easily discoverable to Alice in one or more of the following ways:

  1. Via a HTTP Link header, with a rel of “key”, e.g. Link: https://example.com/bob/pubkey.asc; rel="key"
  2. Via a META tag in the HTTP header, e.g. <meta href="https://example.com/bob/pubkey.asc" />
  3. Via an anchor tag within the page body of rel=”key”, e.g. <a href="https://example.com/bob/pubkey.asc" rel="key">My Key</a>
  4. By pasting the key into the body of the page, and giving it a class of “key”, e.g.

<pre class="key">
-----BEGIN PGP PUBLIC KEY BLOCK-----
....
-----END PGP PUBLIC KEY BLOCK-----
</pre>

Identifying Bob

When Bob wants to see the post that Alice has made, he identifies himself by making a POST request to that page, containing a signed URL of his profile. Alice then verifies the profile URL against those she as allowed access, and verifies that the signature is both correct and that the fingerprint belongs to Bob’s key.

Alice may want to store these access details in a session so she can give Bob access to other resources (logging Bob in, in effect), but this is not strictly necessary.

Other methods are available…

So, why not use OAuth, or signed HTTP requests?

Well first of all, all these authentication methods are not mutually exclusive, so there’s no reason why you can’t use multiple techniques.

Second, we’re using very standard tools (GPG, POST requests, etc), and standard formats, bolted together. Meaning, among other things, although this example (and the Idno implementation) uses a website to do the signing in, this isn’t really required. You can sign in and see a private post, just as easily, using curl and gpg from the command line, if you so require.

Finally, this is entirely distributed, and unlike some implementations of Oauth, or even things like IndieAuth, it requires no central authority to vouch for you. Update:Aaron points out that the latest versions of Indieauth don’t require a central authority.

Idno reference implementation

I have written a plugin that implements this protocol for Idno. In addition to the basic spec, the Idno plugin has the following enhancements, which you may want to consider as well.

Firstly, it uses OpenPGP.js to generate the keypair on the client machine. This preserves server entropy, making it better for hosted environments.

Secondly, the plugin provides you with a bookmarklet, which makes signing in to a compatible site nothing more than a button click.

Please kick both the Idno implementation and the overall spec about, and let me know what you think!

» Visit the project on Github...

Quick post to point out a tiny tool that I’ve found useful while hacking together various webby thing that use and expose open graph meta tags and microformats.

It’s a VERY simple tool, that when passed a URL, will mine the page for Open Graph and Microformat data (using my Open Graph library, and Barnaby Walter’s fantastic MF2 parser). You can even execute it from the command line if you have the CLI version on your path, which I find handy.

Anyway, code on github, and you can see it running on skunk.

» See it running on skunk…

» Visit the project on Github...

The internet as we know it is under threat as never before. Surveillance, government censorship and secret corporate power plays threaten to destroy the Internet as a free and open platform for communication.

Much of the problem originates from the fact that the Internet has become ever increasingly centralised. In recent years, powerful encumbered players and elites have seen their power threatened, and have systematically attempted to “manage” the internet.

Communication and the free flow of information is too important a thing to allow to be threatened in such a way, so is it time that the citizens took control?

Citizen network

So, here’s a few thoughts on what this might look, and what I would like to see.

What I’d like to see are a range of local mesh networks grow up, providing free local connectivity to users. Initially, these will be highly local, but as the edges of the network expand, they’ll start to see other local networks and automatically negotiate routing between them. For networks further afield, perhaps an edge node which also has internet connectivity could provide a tunnelled link over the wider internet.

Hard encryption should be baked in, rather than added as an afterthought, and the network should aim for a situation where no unencrypted traffic is seen.

It should be possible to construct this sort of network with inexpensive and freely available hardware and software; perhaps, for small areas, a network of wifi repeaters, and for larger links perhaps a mixture of technologies – inter-network radio or microwave links, or even laying of fibre depending on the budget of those involved.

The goals of these networks should be to provide free access to anyone, and freedom for anyone to run a node on the network. With any luck, this will eventually kill the ISP business, and, in the UK at least, break BT’s stranglehold on connectivity.

There are a few local net projects about of course (they’re quite popular in Greece, apparently), but so far I don’t think we’ve seen much of an attempt to build them elsewhere, or to connect them together.

It’s a big job, but we built the Internet once, could we do it again?