See also: IRC log
<scribe> scribenick: npdoty_
[show of hands for fans and skeptics of decentralization]
Irina: get input on what is
happening in this space, what you're interested in, what are
the opportunities or concerns
... is there something we can be doing in standards /
w3c?
... context is that we're ever more dependent on the digital,
personally, socially, professionally
... increasingly, interactions with vast monopolies in tech
companies
... based on, for example, freemium/advertising-based business
models
... but we want to be able to message people beyond a walled
garden or signing up for a particular service
... a lack of real choice, with terms of service and privacy
policies that are incomprehensible or not user-supportive
... missing out on potential innovation. for example, email in
a world where you could only reach people at the same provider
would be impoverished
... but we appear to lack the same situation in other social
media communication tools
... lack of healthy ecosystem, but also privacy and resiliency
concerns of centralized databases
... approaches include self-hosting, different protocol layers
(IPFS, blockchain, distributed web),
... problem of adoption and business models
... not great alternatives. difficult to switch everything
away
Irina, W3C Team, redecentralize.org bringing together communities and developing common strategies
Andrei, W3C Team, researcher at MIT with decentralized technologies on the Web
scribe: Solid
deiu: a lot of technologies for
re-decentralization are not on the Web, for example,
blockchain
... redecentralize.org has a very long list of projects
https://github.com/redecentralize/alternative-internet
<shevski> https://redecentralize.github.io/alternative-internet/
deiu: that's a good start if you
want to get involved. but a key aspect is: Standards
... difficult to come up with solution not based on
standards
timbl: could be architecturally centralized, even if it's physically distributed
deiu: unless you keep up to date
with all the new versions of that product, you'll be out of
date
... we should be looking into how we can build standards that
will let us build decentralized solutions
... not just messaging, but a platform for lots of
decentralized use cases
shevski: what are the incentive
mechanisms? different business models?
... what would be necessary for a viable set of
alternatives?
dka: in a previous Social Web
workshop, we had a speaker from the Tahrir Square
protests
... use case was using tools to organize, distribute
information to people involve in a protest, even after the
upstream source was removed
<tantek> dka that may have been the 2011 Federated Social Web Summit / Workshop that was organized by the Federated Social Web Interest Group
dka: was discussed by the TAG
(Technical Architecture Group), but not clear what we could do
in the Web Platform that would help
... distributed cache of pulling content from people around you
also creates privacy problems (about who has visited certain
pages)
mnot: Mark Nottingham,
Person
... security properties of a decentralized protocol are very
different from what we've gotten used to on the Web in
HTTPS
... anything that is decentralized is "mixed content",
different scheme, not the same lock icon, etc.
... don't want others on my network to know what I'm
browsing
... security community is very worried about anything that
makes the security model more nuanced, when users are already
having trouble keeping up
deiu: use case of being cut off isn't just government control, but, for example, emergency disaster scenarios
mnot: decentralized protocols that are more application-specific could be fruitful
<mnot> The blog entry that I mentioned: https://www.mnot.net/blog/2015/08/18/distributed_http
tantek: Tantek, IndieWebCamp,
Social Web Working Group
... IndieWebCamp community was formed to fix those
problems:
... 1) smart people solving decentralization problems with a
centralized project
... ... principles over a single project
... ... specifically avoiding the anti-pattern of
"monoculture", which we see in Diaspora, tent.io, and more
every year
... 2) incentives: admit that everyone has their own
incentives, including self-dogfooding and scratching your own
itch, implementing your own solutions rather than selling
others on it
... ... a good thing to solve problems in parallel
<tantek> https://indiewebcamp.com/#Beyond_Blogging_and_Decentralization
tantek: 3) design first, with
protocols and formats to follow
... earlier movement stalled at Pingback, where social networks
innovated on design, user interface, features, etc.
... because users care about features more than they do about
low-level technology
<tantek> https://indiewebcamp.com/#Beyond_Blogging_and_Decentralization
tantek: make a decent UI / user experience
Irina: push for adoption of
protocols and execution on UX/design, so as to provide
something that larger silos have an incentive to
interoperate
... governments should care about these standards, because of
the ability of thriving ecosystems in this space
<tantek> npdoty - no insults were levied - just a recognition of difference dominant focus
<deiu> ack
Irina: tax companies that don't use open standards
<tantek> kazue: personal data store as important
kazue: share the situation in Japan. my first time in seeing the phrase decentralized Web. seeing large companies taking hold of our data. seeing a personal datastore as an alternative, where we have control over our own data
<tantek> ++ on ownyourdata
[+1's]
<Zakim> timbl, you wanted to challenge Mnot’s assumptins aout incremental change from http Same Origin etc
timbl: distinction between the
Internet and the Web, Vint Cerf in the 1960s
... the Web is the abstract space of data and information,
HTML, HTTP, URLs, invented in 1989, building on top of the
Internet, without having to ask Vint for permission
... just chose a different port number, based on my parents'
telephone number
... could put a web server up on my NeXT box with a network
connection on my desk, everyone could run their own
webserver
... if you had improved on something I had written, you could
edit it and save it back (a read-write web)
... finding things by following links, no Google in those
days
... looking back over 25 years, we don't have the decentralized
ability to author, or to control your own data
... web model was that you'd have lots of different servers,
controlled by different people
... held together by these common standards
... same-origin security policy assumes that your data is all
inside this website
... which can be disempowering for the person, and the amount
of data that the site has is a barrier to entry
... we should be able to move data from one to another, move
identity, etc.
... when you run an app, there's no reason that the data has to
be stored on a server run by the company that wrote the
app
... personal datastores, PDs or PODs
<dka> Amr Gharbeia was the speaker at the Berlin social web workshop from years ago that I mentioned in my question (https://twitter.com/gharbeia - yes I recognize the irony of sharing a twitter url in a meeting about redecentralizing the web but there you go)
<tantek> that was tried with "LockerProject" - didn't have a compelling UX so didn't get adoption
<dka> Still feel I would like to explore this use case some more.
shepazu: tantek had advocated
dogfooding; Irina had called for scaled solutions -- I think
those are absolutely complementary
... making prototypes and getting people to use those
prototypes is a way to convince larger players or build a
community
... a way to get from here to there: making really compelling
applications
<bigbluehat> +1 to new motivators!
shepazu: more than just re-inventing, but building a new way to connect
<dka> +1 to doug’s comment
<mnot> +1 to doug
<mnot> … especially applications that traditional / centralised / big business can't do.
Irina: Serval Project project lets you make calls when the mobile networks are down
bigbluehat: the original Web was
part UI and part spec, both things at the same time
... the Web is greater than the public Web, like
offline/disaster recovery
<timbl> Person Data Integration
<tantek> bigbluehat: I need a name when that's all gone (domain names)
bigbluehat: I need a name without renting it, need a name even when those resources are gone
<shevski> http://www.servalproject.org/: earlier and open source version of fire chat which you may have heard of
<Zakim> dbaron, you wanted to ask timbl how the system can guarantee that the app doesn't move data out of the personal data store
dbaron: scared by Tim's diagram
[not pictured] -- what do you do to guarantee the properties
that you want
... how do you ensure that the site/app is putting the data in
your personal store
... or alternatively, how do you ensure that the data doesn't
leave the store when you don't want it to
timbl: when we pay for software applications, we historically trusted them
<bigbluehat> incentive model discussion is *huge* for these concerns
timbl: it's a side effect of the
advertising business model is what decreases trust in the
app
... if the user can't trust the app, then it can't empower the
user
<rigo> bigbluehat: the only incentive there is, is to harvest a maximum of data to monetize
dbaron: people using traditional
desktop OS'es downloaded lots of viruses
... which is why mobile and Web have succeeded with a very
different security model
<bigbluehat> rigo: you mean currently. I'm talking toward new incentives
deiu: why should we trust the browser?
dbaron: that's a fair question... although one reason to trust Firefox is that it's open source
deiu: indeed, we generally like apps that we install to be open source, or to develop reputation based on experience with them
dbaron: there is a permissions model for apps that is not "install an app and get permission to everything"
<tantek> +1 to that
dbaron: I don't want to build a world that just works for highly-technical people
[+1s to that]
<tantek> +1 build a world that works for not so technical people
<dka> +1 to how does this work for non-technical people?
timbl: [@@ scribe didn't catch all that@@]
<bigbluehat> the only thing needed is effort on the UX for these new pieces--re: rigo's project that's working to do just that
rigo: important project @@@ between Firefox OS and DT, on a guest mode for sharing your phone with your friend
<dka> Question: has anyone has tried Project Maelstrom (bittorrent browser)?
tantek: important to come back to
UI, like using OAuth to give a clear and specific way to give
certain permissions
... has scaled to large solutions. our work on micropub is also
based on OAuth
<Zakim> tantek, you wanted to amplify doug's message about more compelling apps
<rigo> except that bearer tokens are the road to hell from a security point of view :)
<tantek> micropub uses OAuth, deliberately
mnot: distributed naming, for example for a DNS replacement, could be tangibly achievable
<tantek> https://indiewebcamp.com/micropub
mnot: possible for the blockchain to scale to DNS-size in the next couple of years
timbl: naming can be done in ways that aren't just blockchain-based
<tantek> agreed, blockchain is unnecessary
mnot: just got .onion registered
in a not too painful fashion, could consider alternatives
... who doesn't love ICANN?
Karen: what is the timeline for this kind of initiative? how will we overcome the public misunderstanding of what constitutes the Web?
Irina: redecentralize.org is a
way to coordinate that kind of planning. but I think we may
need some concrete organization with funding to promote
... or a consultancy that helps projects with their UI and
explaining
... and high profile cases of things that go wrong, so that
ideas are likely to spread
<shepazu> (prototypes and adoption help convince browsers and big players that an idea is worth investing in)
Irina: a highly-successful Netflix series about decentralization (markw smiles)
shepazu: everyone wins when the biggest player has lots of competition
bigbluehat: "ego-centric
architecture" as an alternative phrase
... that is, with you (the user) in the middle of things
[plug for a later session]
bigbluehat: don't want browsers to conclude that fascism as a solution to security problems
bhill2: Facebook security. I gave
up on running my own email server because of spam, which I had
trouble overcoming in a decentralized way
... having a centralized view of spam/abuse/attacks at Facebook
gives us a chance to see patterns of those attacks / broader
view
... the systems that knock out spam/abuse give the best user
experience
<dbaron> My small email provider deals decently with incoming spam, but it's getting more common for *my* email to get rejected because it's email not from gmail/yahoo/ms, so it must be spam.
bhill2: which is a big advantage for Facebook over Myspace, for example
<bigbluehat> bhill2: is the Mozilla spam control information openly available and reusable elsewhere by others?
<Zakim> tantek, you wanted to amplify doug's message about more compelling apps
bhill2: which are key things to the user experience (+1 to tantek)
tantek: +1 on compelling apps,
curious what people really want
... like a push-up app, which counts based on how often his
nose touches his phone, and then uploads to his website
<Zakim> timbl, you wanted to mention geek community as an early adopter community “we are outnumberd” - smaller communities
<tantek> see Vouch for an attempt at distributed spam solving http://indiewebcamp.com/Vouch
tantek: and encourage people to look at the projects that matter just to them
timbl: scratching your own itch
-- can be difficult to show off the prototypes because the data
is so personal
... having a domain name with no public web pages, for
example
<tantek> yet there's plenty we can learn from people scratching their own itch!
<tantek> the point is not that there aren't private use-cases - of course there are! the point is that there are SO MANY public use-cases we can learn from that we should!
timbl: re: designing for geeks,
and the people who are managing the technology are outnumbered,
but indeed you need a small number of early adopters so that
it's possible to convince a significant fraction so that it can
virally take off
... starting with developers as a target might make sense
[have to start somewhere]
dka: anarchists!1!
... that's the community you want to start with :)
Irina: thank you all for
coming
... follow up on redecentralize.org
... but also, find friends with lots and lots of money to
invest
... for a beautiful future of whistleblowers and happy
children
This is scribe.perl Revision: 1.140 of Date: 2014-11-06 18:16:30 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/@@@/Serval Project/ Succeeded: s/one reason to trust Firefox/that's a fair question... although one reason to trust Firefox/ Found ScribeNick: npdoty_ Inferring Scribes: npdoty_ WARNING: No "Topic:" lines found. Present: Appelquist Benjamin_Young Bert Bos Dan dbaron npdoty rhiaro Got date from IRC log name: 28 Oct 2015 Guessing minutes URL: http://www.w3.org/2015/10/28-redecentralize-minutes.html People with action items: WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report[End of scribe.perl diagnostic output]