Question about core networking

[farnoy]

Hello,

When I first heard about diaspora, I thought, that it will have some
kind of masterserver (for listing "nodes"), but it seems, that on
every installation of diaspora, I need to define my friend's node URL
to find him and add as a friend (I'm not wrong?). Wouldn't it be
better, if there's some kind of masterserver, that lists all the nodes
and then you can choose which to "subscribe" to see it's registered
people?

Wasn't this suppose to be simple, or I'm wrong? Please point me in the
right direction

[Clayton McIlrath]

I second this.. a master list containing all the nodes is necessary I think. How do you even go about manually setting up a node?

[seanieb]

From my (limited)understanding, I don't think that would go hand in
hand with the goals of the project. Think of diaspora as being similar
to email, you can advertise your email address or keep it private.
Gmail or Hotmail doesn't list your address, people communicate with
you on your terms. Although it doesn't stop individual nodes providers
(seeds?) from providing an index of their users, but I cant see why
they would do this.

[Alex Wright]

I've not seen any documentation of the protocols used, I expect they're not final yet. But the idea is to decentralize your social network infrastructure. Requiring a single central directory service that lists all the *authorized* Diaspora seeds would completely throw that out of the window.

I think the plan is to use an email address like format, na...@service.provider.com, for example. Like XMPP and Email has done until now.

If any one has any docs on this please point them out to me. I've never touched Ruby and I can't make much sense of the source.

Alex.

[Clayton McIlrath]

I agree it should be decentralized.. but how come out of the box the seeds don't speak to each other? Is there some configuration that needs to happen? I've setup http://diaspor.us and I cannot add other users at other domains let alone my own.

[Arnaud Delcasse]

I have the same issue with my seed (diaspora.chouchoune.fr).

2010/9/16 Clayton McIlrath <clay.m...@gmail.com>

[Clayton McIlrath]

My working link is actually at http://diaspor.us:3000 (by the way, what's the best way to remove the port number from the domain? I've only ever worked with LAMP stacks in the past).

SO can anyone clarify if this is missing functionality in the core, or just my installation not working properly:

Unable to find the host XRD file.

I get this error when trying to add a friend at any domain.

[Arnaud Delcasse]

I'm using Phusion Passenger (mod_rails) : http://www.modrails.org

It's working with Apache just like mod_php.

2010/9/16 Clayton McIlrath <clay.m...@gmail.com>

[farnoy]

I don't think it would throw away that idea. Peer to peer based
networks need a master server to manage them. That masterserver would
be open source too, making easier to create small communities. Instead
of defining every node you want to fetch users from, you would only
write masterserver URL. Let someone from core team take a side.

On Sep 16, 2:48 pm, Alex Wright <alexkwri...@gmail.com> wrote:
>   I've not seen any documentation of the protocols used, I expect
> they're not final yet. But the idea is to decentralize your social
> network infrastructure. Requiring a single central directory service
> that lists all the *authorized* Diaspora seeds would completely throw
> that out of the window.
>
> I think the plan is to use an email address like format,

> n...@service.provider.com, for example. Like XMPP and Email has done

> until now.
>
> If any one has any docs on this please point them out to me. I've never
> touched Ruby and I can't make much sense of the source.
>
> Alex.
>
> On 16/09/2010 13:40, Clayton McIlrath wrote:
>
>
>
>
>
>
>
> > I second this.. a master list containing all the nodes is necessary I
> > think. How do you even go about manually setting up a node?
>

[Christoph Witzany]

No. P2P networks do not need central master servers if they are based on
distributed hash tables. There is a number of protocols, that manage to
do without it.

[farnoy]

You need to specify all nodes in ./config/deploy_config.yml (example
is tom.joindiaspora.com)
However, configuration of that server is coming out of the box, but i
could not search people from that server, I think it has something to
do with PGP, you need to actually have public key of the user that
you're trying to reach.

To run server on port 80 (default for HTTP) add -p 80 to your cmd
starting the server ex.
$ rails server -p 80

On Sep 16, 3:02 pm, Clayton McIlrath <clay.mcilr...@gmail.com> wrote:
> My working link is actually athttp://diaspor.us:3000(by the way, what's

> the best way to remove the port number from the domain? I've only ever
> worked with LAMP stacks in the past).
>
> SO can anyone clarify if this is missing functionality in the core, or just
> my installation not working properly:
>
> Unable to find the host XRD file.
>
> I get this error when trying to add a friend at any domain.
>
>
>
>
>
>
>
> On Thu, Sep 16, 2010 at 7:00 AM, Arnaud Delcasse <delca...@gmail.com> wrote:
> > I have the same issue with my seed (diaspora.chouchoune.fr).
>

> > 2010/9/16 Clayton McIlrath <clay.mcilr...@gmail.com>

>
> > I agree it should be decentralized.. but how come out of the box the seeds
> >> don't speak to each other? Is there some configuration that needs to happen?

> >> I've setuphttp://diaspor.usand I cannot add other users at other

> >> domains let alone my own.
>

> >> On Thu, Sep 16, 2010 at 6:48 AM, Alex Wright <alexkwri...@gmail.com>wrote:
>
> >>>  I've not seen any documentation of the protocols used, I expect they're
> >>> not final yet. But the idea is to decentralize your social network
> >>> infrastructure. Requiring a single central directory service that lists all
> >>> the *authorized* Diaspora seeds would completely throw that out of the
> >>> window.
>
> >>> I think the plan is to use an email address like format,

> >>> n...@service.provider.com, for example. Like XMPP and Email has done

> >>> until now.
>
> >>> If any one has any docs on this please point them out to me. I've never
> >>> touched Ruby and I can't make much sense of the source.
>
> >>> Alex.
>
> >>> On 16/09/2010 13:40, Clayton McIlrath wrote:
>
> >>> I second this.. a master list containing all the nodes is necessary I
> >>> think. How do you even go about manually setting up a node?
>

[farnoy]

Ok, that's true, but the fact I cannot see people from
tom.joindiaspora.com means, that I must have their public PGP key?

[andy baxter]

On 16/09/10 14:28, Christoph Witzany wrote:
> No. P2P networks do not need central master servers if they are based
> on distributed hash tables. There is a number of protocols, that
> manage to do without it.

Isn't the master server the DNS network in effect? Everyone has an id at
a domain, the same as email, which works ok.

[shadowfirebird]

Agreed - see http://en.wikipedia.org/wiki/Distributed_hash_table

[Clark]

I don't think there needs to be a centralized service to maintain a
list of nodes, but I do feel like a project like this needs some way
to index people beyond just your own web of friends. For example, we
don't know the names of every site's IP address, but we rely on
internet name servers to take care of that. If people had the option
to register with a smaller network of nameservers which could simply
be a list of my_...@xdomain.com and a couple fields which the person
wants to share to make them accessible (think phonebook), it would
make the whole friend request process easier than asking, remembering
and entering some arbitrary diaspora address. We need some way to
avoid something like the Wii friend code fiasco, I don't know anyone
who believes that system to be successful.

On Sep 16, 11:52 am, shadowfirebird <shadowfireb...@gmail.com> wrote:
> Agreed - seehttp://en.wikipedia.org/wiki/Distributed_hash_table

[Steve Dekorte]

Gnutella-like searches can accomplish this.
There are many papers on doing this efficiently.

[Steve Klabnik]

Asking for a diaspora address is the exact same thing as asking for an email address, and I hear it's pretty popular.

[Alex Andrews]

Presumably Diaspora seeds will be also indexed by Google if you wish.

Alex

[farnoy]

Hopefully, there will be an easy way to add people's nodes in alpha or
later. Maybe some standards like OpenID will evolve to support
diaspora node address.

[Steve Dekorte]

AFAIK, OpenID is still centralized (in the same way that Jabber is) - it relies on root level nodes. Why not just use a public/private encryption key pair that anyone can generate and remove the need for any notion of a root level?

[Steve Dekorte]

The problem with email is that it is still centralized. Why unnecessarily tie your system to DNS?
Particularly when you'll need public/private keys to sign your data with anyways.

[mauser]

On 16 Sep., 15:28, Christoph Witzany <christ...@crofting.com> wrote:
> No. P2P networks do not need central master servers if they are based on
> distributed hash tables. There is a number of protocols, that manage to
> do without it.

But even when you're using a dht-based technique like chord or pastry,
you need to know the network address of one node which is on the
network at that time.
That's hard to solve if you don't have some kind of master nodes which
are only every time. I remember that some applications which are based
on such protocols are
using an 'inner circle' of always-on-peers.

[mauser]

On 16 Sep., 21:40, Steve Klabnik <st...@steveklabnik.com> wrote:
> Asking for a diaspora address is the exact same thing as asking for an email
> address, and I hear it's pretty popular.

I think that this is a crucial point. A lot of people i know are using
the social networks to
find people like old classmates or old friends who moved to another
city.. You're looking
often for people which you can't contact in 'real life'.
So i think that asking for a dispora address( or "looking someone up
in a social network") might not be
the same as "asking someone for an email address".
Maybe a central, voluntary, 'index' would do it. All nodes could look
up people there
and you can add yourself to it, if you want to.

[Ben Schumacher]

On Thu, Sep 16, 2010 at 3:12 PM, mauser <sebasti...@googlemail.com> wrote:
> I think that this is a crucial point. A lot of people i know are using
> the social networks to
> find people like old classmates or old friends who moved to another
> city.. You're looking
> often for people which you can't contact in 'real life'.
> So i think that asking for a dispora address( or "looking someone up
> in a social network") might not be
> the same as "asking someone for an email address".
> Maybe a central, voluntary,  'index' would do it. All nodes could look
> up people there
> and you can add yourself to it, if you want to.

Sounds like a potential business model, I suppose. Though one which I
will refrain from participating in much the same way I've refrained
from participating with Facebook.

Ben

[Steve Dekorte]

On 2010-09-16 Thu, at 02:27 PM, Ben Schumacher wrote:
> Sounds like a potential business model, I suppose. Though one which I
> will refrain from participating in much the same way I've refrained
> from participating with Facebook.

I won't participate if identity has to be tied to email as it, 1) makes the system dependent on DNS, which is effectively owned by a particular government (say what you will about FB, but at least they don't torture and kill people) and 2) excludes the possibility having an identity which is not susceptible to man-in-the-middle attacks.

[farnoy]

This whole idea of encrypting data and that you can search only
peoples that you have public pgp keys is perfect for ones that use
those keys. Simple end-user who uses facebook, he doesn't even know
what those keys do. If diaspora will aim at those users, there's need
for some kind of index, but this breaks all the privacy. Maybe sending
an email with an invite to a friend including your public key, so that
he can search you and actually add as a friend? Or maybe just the
times are too early and we should wait until everyone on the streets
will carry some kind of smart card with public key on it that you can
scan it with mobile? :D

[shadowfirebird]

The appeal of Diaspora for me is that it is both encrypted and
distributed. Writing in a central server would sour the deal for me;
I don't want to be dependant on a site that can be subject to legal or
technical attack. (On general principal - I'm not doing anything
shady...)

It's true that this would limit the ability of people outside of
diaspora to search for us. I'm not sure we should be terribly
bothered by that, though. We shouldn't kid ourselves that Diaspora
will supplant all other forms of social networking. There are always
going to be tools out there that perform that function. (Last time I
found a lost friend, it was via Twitter...)

[farnoy]

From http://github.com/diaspora/diaspora/wiki/Roadmap
Wishlist:
"A DHT (distributed hash table) to serve as a directory of Diaspora
Users/seeds installed over the internet to help with discovery."
Isn't this impemented yet? I thought it was priority...

I am new user to diaspora adding a friend's node to my instance.
My friend has database of 5 more instances, that have 20 more people.
Now, that I'm friending this friend, I can lookup those 20 more
profiles in my search box.
But if those 20 people have more and more friended seeds, and again
those people have more friended instances, I can see everyone using
diaspora anyway?

So how does DHT fit into this? Should I see all friends of my friends,
or only those, which I have public keys?

[Martin Sivak]

If I understand it correctly it will still have to rely on PGP
keyservers (and DNS service to get their IP addresses). You have to
retrieve the keys somehow.

To the DHT question.. you need to have at least one known running
"seed" node to join the hash table space. So you either configure the
seed node manually, which requires you to know at least one running
node or you use some service to pick one for you - DNS can provide
this service as can some dedicated server. But unless you want to hunt
for the ip address, you will have to use DNS somewhere in the chain.
And with IPv6 coming, the need for DNS would be even bigger.

You can also design fully distributed way without seed server, but you
will have to identify the users by some...@domain.name and you will
get their server (and use it as seed) using DNS. This will have the
disadvantage of nobody being able to find you (and you not being able
to search) until you manually add at least one person from inter-
connected node.

So either way, there is no possibility of going without a nameserver
of some sort - you need it for PGP operations, node discovery and
possibly user discovery. You can of course use some independent DNS
service (with it's own root nodes) or write /etc/hosts file manually.

On Sep 16, 11:36 pm, Steve Dekorte <st...@dekorte.com> wrote:

[John Favorite]

For me its the secure and distributed nature of things. I can build my own server, point at a pod via dht or someone I know and start playing. Or if I dont want to be bothered go to washington.joindiaspora.com and get the same content. I *want* to be found so I can communicate. What I do not want is a corporation deciding how to pimp my information I am sharing out. I also want to make it harder for the government to seize my existence on the web. Again, I am not doing anything wrong but I also have a healthy distrust of our government. As a citizen it is my right to communicate privately, and my duty to hold them accountable for their actions on my behalf.

[shadowfirebird]

I rather assumed that the public keys would be part of the distributed
network.

You'd still need to know one node to join -- but once you joined that
node you'd have access to all the public keys.

I wish all this was written down somewhere.

On Sep 17, 11:57 am, Martin Sivak <m...@montik.net> wrote:
> If I understand it correctly it will still have to rely on PGP
> keyservers (and DNS service to get their IP addresses). You have to
> retrieve the keys somehow.
>
> To the DHT question.. you need to have at least one known running
> "seed" node to join the hash table space. So you either configure the
> seed node manually, which requires you to know at least one running
> node or you use some service to pick one for you - DNS can provide
> this service as can some dedicated server. But unless you want to hunt
> for the ip address, you will have to use DNS somewhere in the chain.
> And with IPv6 coming, the need for DNS would be even bigger.
>
> You can also design fully distributed way without seed server, but you

> will have to identify the users by someth...@domain.name and you will

[Tristan Sloughter]

But why not use the vast minds willing to help to map out the protocol and such as you go. At least blog posts describing decisions on architecture.

[Ori Pekelman]

Well, without the "Torture and kill" part (which is true but
irrelevant) +1

I would accept, some reliance on DNS (grinding my teeth) but that's
about it. Anything else that needs to centralized will be evil. Any
GUIDs are evil. Small scale gossip systems probably acceptable. The
protocol can be worked around; Now time to work on the protocol.

Just one important point: Having a global directory basically defeats
the purpose of distributed social networking. Being *a bit* harder to
find is a feature. You will learn how to make yourself discoverable,
if you wish, and better hidden if you are a more rational person :).
There will be services for that. You will just be hidden by default.
Defaults matter.

On Sep 16, 11:36 pm, Steve Dekorte <st...@dekorte.com> wrote:

[mauser]

That's true. I wish that there will be an API which lets us choose a
"service provider" for this task(user discovery).
I guess a sane default setting would not use such a service. Or, if
at
all, makes you only visible for other seeds on the same pod.
It's then up to you to use your favourite central directory to a)
look
for peers or b) leave your vcard at that directory.
And if diaspora turns up with some kind of dht-based discovery, you
could hook it up with that api as well.
- Sebastian