werd.io and idno

May 31, 2013 | 1 comment

werd.io publishing screenI’m posting over at werd.io, a site I’ve set up based on my idno software.

I wrote a short technical introduction to the platform:

idno is a personal attempt at building a publishing platform that adheres to IndieWeb principles: own your own data, publish on your own site, use existing social websites for dissemination but not as an origin. I’ve also tried to use microformats where possible, allowing every page to contain lightweight semantic information, as well as making it skinnable, extensible, and social.

Right now I’m using it as a blog, but the intention is that it could power a whole community, or set of communities. It certainly has the back-end functionality and APIs to do so, and I’ll be writing more about those as time goes on. It’s not immediately obvious unless you’re logged in, but idno has a full plugin system, which allows anyone to write new content types, and syndicate to new sites. (For example, two existing non-core plugins push to Twitter and Facebook, depending on the Activity Streams object type of the content you’re posting.) Access permissions are also baked right into the data model, so you’ll be able to keep non-public content, and share it in a federated way.

I’m pretty excited about it – but I’m also just enjoying posting to it. It’s a breeze. I’ll be opening a community site based on the platform soon, so stay tuned – or take a peek at the GitHub repository.

Respectful software

May 24, 2013 | 2 comments

I’m using the term respectful software to describe software products and services that:

  • Maintain your ownership and control over your data.
  • Allow you to export anything you’ve entered or imported into it.
  • Allow you to extend their functionality with other software, without having to ask them or their developers for permission.
  • Don’t sell your information to third parties.
  • Don’t track your activities outside of the site or app.
  • Don’t use your name, likeness or other aspects of your identity without your explicit permission.
  • Don’t allow your data to be mined by third parties without your explicit consent on a per-party basis.
  • Don’t not attempt to “own” any aspect of your data or computing experience except through fair competition (i.e., by trying to be the best at what they do).

Respectful software is software that is built with respect for each individual user, and is a good steward of his or her identity and data.

What do you think? Have I missed anything?

HTTP signatures

May 6, 2013 | Leave a comment

It looks like I’m not the only person who likes the idea of signed HTTP requests as an authentication method.

Joyent and Digital Bazaar have co-written an Internet draft for cryptographically signed HTTP requests:

Several web service providers have invented their own schemes for signing HTTP requests, but to date, none have been placed in the public domain as a standard. This document serves that purpose. There are no techniques in this proposal that are novel beyond previous art, however, this aims to be a simple mechanism for signing these requests.

Signed HTTP requests are also a key feature of something I’ve been working on. It’s great to see the idea pick up momentum.