So, I thought I’d sketch up some thoughts on how private and friend only posts might work in a distributed social network:
- On account creation (or if there isn’t a key present) a key pair is generated, this key pair is used to identify a user’s profile to that user’s friends.
- I’m not sure exactly what kind of key this should be at this point, although I’m leaning towards a PGP key pair, although OpenSSL has its merits (of course, there is no reason why we can’t use multiple technologies).
- We’ll probably have to have the private key stored on the server for the purposes of signing, although there’s no reason why these have to be your main keys.
- When Alice follows Bob, as described in my previous post, they both pull the public keys from each other’s profile as part of that exchange, which have been marked up using Microformats 2. Any keys found are saved against the record of that user.
- For security, we probably want to do some sort of key validation here; perhaps key fingerprint, or perhaps better some web of trust based on mutual friends…
- How key revocation might work is an open question, but I think the easiest way might be for Alice to send another subscription request to Bob, and have that re-trigger this process, rather than (as happens at the moment), returning an error that Alice is already subscribed to Bob.
- When Bob writes a friends only post he lists Alice’s profile UUID in a list of people who can view the post, then ping’s Alice’s endpoint.
- When Alice visits Bob, or Alice’s site visits Bob’s permalink, it identifies itself by signing the request using her key. If the signature is valid and belongs to a key for a user for which Bob has allowed access to the permalink, the data is displayed, otherwise a HTTP 403 code is returned.
Just some rough thoughts for now, let me know your thoughts!