Last week Urs and me had an interesting discussion about Blogs, FOAF and their implications on self-inflicted loss of privacy. I personally think, that the society will embrace transparency in a practical and useful way and that people will learn to handle and respect that there will be much more personal information around by default in the future. I especially like what Elke recently said to Gregor: "... desire of people to rebuild their existence online". All of this is a very interesting line of thought and I have to elaborate on this further sometimes. Some of my current projects have to do with several distinct aspects of this new publicness.
While I delved away into deep thoughts, Urs immediately started with practical work and went ahead to develop one of the things we touched in the discussion into Postback, a proposal for posting into other blogs. Cool!
There are a few things, I like to add: The proposal touches two things: Privileges and a mechanism for crossposting. And I think that one should discuss these two issues separately as long as possible to enhance reusability. For example, in a simple model, it would be possible to use FOAF as a place to store privileges and then use trackback enabled categories for crossposting. Thus, only the receiving end needs to implement something.
As for security, if you only want to restrict source blogs, but don't want to exclude the possibility that some unknown rogue users crosspost article from privileged blogs that shouldn't actually be crossposted (a relatively minor problem most of the time since no really spamming is possible), then you only need to trust the source for the RDF statements that give the privileges and just using the selfhosted FOAF file is enough. We are getting at implementing the trust layer of the semantic web cake! PGP authentications would only be needed if you wanted external people to manage these privileges. Certainly an interesting direction to think about!
But on the whole the interesting part of the previous paragraph is that you authenticate other blogs instead of other people! Your security would basically state that you allow crossposts from these specific blogs into these specific categories. But who posts to these blogs is beyond this control.
If you wanted to control this, too, then you have to look at things like Ken MacLeod foaf-check and build challenge/response authentication into the Postback transport part. OTOH, this would be an interesting addition for TrackBack et al, too.
I use "crossposting" above, since I believe that these posts should at least also appear on one own's blog - Otherwise we would just have a group blog which I think is a different thing in terms of carrying personality! OTOH, implementing group blogs through privileges expressed in FOAF is a neat reuse of the privileges part. Maybe a whole CMS privilege system can be expressed in this way? Can we reuse existing vocabularies in the FOAF module?
Posted by seefeld at June 28, 2003 13:09Nice thoughts. The crossposting could probably revolutionize content managment. I thought, that it might be helpful, not only to have trusted people defined in the foaf file but also giving levels of permmission. I do not know yet, if this is flexible enough, if there is a scale e.g. from 1 to 10 - again just an idea.
so long, urs
ps: there is a thread on the rdfweb-dev list:
http://rdfweb.org/pipermail/rdfweb-dev/2003-June/011304.html