[tech, lj] Distributing LJ
Ever since the Strikethrough of '07 -- actually, ever since I realized that LJ was something of an attractive nuisance of basket in which to store eggs, way back when -- I've been thinking about how one would go about turning LJ, the software, from a client/server model to a peer-to-peer model. That is, how to make LJ distributed
( Read more... )
Are you familiar with how OpenID works? Because what you write makes absolutely no sense in light of OpenID, so I can't figure out if that's because you don't know OpenID or if you're making some other profound and subtle point which is eluding me, which has nothing to do with authentication.
The whole point of my premise is that, as OpenID works, each LJdist becomes the authenticating server for its account. You no more know who someone is "for real" in LJdist than you do on LJ. On LJ, all you know is that they have a consistent pseudonym -- unless you have Out-Of-Band information tied to their pseudonym. For instance I don't know who you are, all I know is that livejournal.com feels it can assure me you're probably the person who registered "merle_", i.e. all I know is that you're probably merl_@livejournal.com. In exactly the same way, the LJdist server on your box would assure anyone who asked that you were "merle_@yourdomain.com".
If I really cared about establishing that there was consistent meat behind "merle_@yourdomain.com", well, we know how to solve that problem: it involves airplanes and public keys, and nothing less will do. The problem of authentication is so hard to do to that level, that almost no public systems on earth do it. I see no reason to feel we need to have a higher standard of authenticity than LJ already provides.
(LJ's ability to authenticate users is dependent on DNS. As you say, DNS is woefully centralized, but not so much as in Ye Olde Days. That is a deep internet problem. For that matter, backbone redundancy is, by many accounts, profoundly inadequate, causing internet-wide centralization problems, to say nothing of making it especially easy for our government to spy on us. But I'm no personal interest in seeing the project of attempting to liberate LJ users from LJ tied to the anchor of needing to solve those much deeper, internet-architecture level problems. I see absolutely no reason not to use domain names for authentication, and never intended to use IP numbers instead.)
So what's left to have a repository for? Interests and LJ search, both of which I've mentioned as not particularly plausible, and neither of which strike me as at all critical or important (and LJ search is already third party, and doesn't observe permissions properly).
Reply
OpenID does seem very much like DNS (albeit login-based and not site-based) these days, on review. It does seem to have evolved. But it still relies on some core of servers, which makes it not a pure peer-to-peer system (indeed, I don't think such a thing can ever exist except for very small subnets).
LJ authentication requires DNS? Not the way I use it. The computer at my IP address gets a cookie with a session token. It doesn't care what domain name I resolve to. (it does care what IP livejounal.com resolves to, but I could just use an IP address for one of their servers and bypass that)
Interests and search are certainly not well implemented, but although they seem unimportant to someone entrenched, I can say that without such things, I would never have found anyone on LJ: I started out not knowing a single person on here. It took months of searching to find interesting people.
Here's a question, then. If we are not too concerned about determining the face behind the mask, then why did we move beyond personal web sites and usenet to things like LJ? Was it just the convenience of having a username (domain) and a way to find when content on other places was updated (there were many tools for this over a decade ago)? Or is what you are looking for (and I know this will sound artificial) is a way to have semantic content posted in a personal syntactic realm, but open and distributable?
Reply
No, actually, I think you're just wrong. Factually incorrect. Just plain mistaken. Don't know what you're talking about.
OpenID does seem very much like DNS (albeit login-based and not site-based) these days, on review. It does seem to have evolved. But it still relies on some core of servers
No, it doesn't. Here's the URL: http://openid.net/ Get back to me when you can in anyway reference anything on that site which substantiates your repeated claim that it requires centralized core servers.
LJ authentication requires DNS? Not the way I use it.
Well, it does to precisely the same way and in the same extent that OpenID does. You're the one who brought up the insufficiency of distribution of DNS, and that is the only place it applies.
Interests and search are certainly not well implemented, but although they seem unimportant to someone entrenched, I can say that without such things, I would never have found anyone on LJ: I started out not knowing a single person on here. It took months of searching to find interesting people.
. <- World's smallest violin, playing just for you.
If we are not too concerned about determining the face behind the mask, then why did we move beyond personal web sites and usenet to things like LJ?
Well, I'm pretty sure that there is no "we" here, because if Interests was in some fashion useful to you, "we" certainly didn't come here for the same reasons. The "we" I belong to is the lion's share of LJ users who came here because it was where their friends already were, and an account was required to access their friends' secure content.
You tax my patience. I feel you are wasting my time on self-indulgent, pointless wankery which is baseless, feckless and useless. Either do something to change my mind on that in a hurry or take it somewhere else, because I feel I have spent too much courtesy indulging someone would couldn't even be bothered to RTFM.
Reply
I apologize. Clearly my understanding of OpenID was quite sketchy.
Reply
Leave a comment