Category: Thali

HTML5 is built on the assumption of a client/server web. Below I walk through the issues this raises for the peer to peer web. The good news is that we really don’t need terribly many changes to HTML5 to make it peer to peer friendly. Basically we need a new same origin policy that is based on certs rather than hosts, a way to handle mutual auth requests, standardized support for node.js (or equivalent) and a few other minor things.

HTML 5 contains a dizzying array of features. Below I created a cheat sheet identifying features that I think are likely to have some relevance to the peer to peer web. This is mostly for my own reference. Note that not all these features are actually part of HTML 5. Some were standardized separately. Some haven’t finished standardization. But whatever, this gives me a sense of the landscape.

Services built on a peer to peer web inevitably run into the synchronization problem. How do you keep state on multiple peers in synch? Below I walk through the assumptions and requirements that led me to believe a multi-master eventually consistent model is the best base to work off of.

I really need to synch both arbitrary structured data and blobs in in a multi-master peer to peer environment. Oh and I really don’t want to write the code to make this work and it has to work on a variety of mobile, desktop and cloud environments. And yes, I want a pony with that. Thankfully there are pony’s for everyone! The solution? CouchDB, duh!

To help me wrap my head around the peer to peer web I’m going to try and write out some requirements and scenarios. I am not going to worry about tightening up the requirements the way I would in a real spec or standard. My main focus here is to work through a variety of scenarios and get the lay of the land.

[Note: Updated on 9/5 to add section on web applications. Also note that everything to do with Paeony is NOT related to my employer.]

I generally believe that open systems tend to win. They enable creativity and growth in ways that closed ecosystems can’t match. One area clearly rip for opening up is the social space. There is a ton of activity there and I have tried here to capture some of the protocols and open source projects that seem interesting/relevant.

[10/17/2013 - Added Refuge.io]

In the beginning of the net the focus was mostly on getting packets safely from point A to point B. Anyone who knows the history of the early Internet knows how insanely hard that actually was (as a hint think: network of networks, oy). Later some thought was given to privacy and technologies like SSH and SSL show up. Now we are at the point where we need to think hard about traffic analysis. In this article I try to catalog what I think (based on little evidence) are the main types of open source projects trying to create traffic analysis resistant transports on the Internet.

As part of evaluating potential technologies to use for Paeony I need a list of threats I can evaluate those technologies against. This document tries to capture the most basic possible scenario (two users sending messages to each other) and the attendant threats. I can then use this list in creating threat models for potential technologies to determine which are the best to choose.

I have registered the domain paeony.org and pointed it at an empty github site as a tiny baby step in investigating a question of interest to me - what would it take to make it falling off a log easy to create an open ecosystem web of interconnected, monitizable, services that run on user’s devices?

So you are starting on your new project and you decide (gasp) to write actual specifications for the network and API interfaces. Being a good ’open’ type you want to have a solid open license for the specifications. Below I look through what I think are the key terms the license needs and conclude that the Apache 2.0 License seems to have all bases covered.