Older blog entries for pelleb (starting at number 4)

DRNS - Naming Schemes for Distributed Storage
While I know that there might be many people who'd disagree with me, I think it is very important in a distributed storage space to have some sort of structured equivalent to DNS. My working title for this is DRNS (Distributed Rights Naming System). This could be non storage protocol specific, so it might work on both MojoNation and FreeNet. Here are some of the ideas I have as requirements:

• It should be able to be plugged in to various storage schemes.
• It should be usable through existing browsers. (You should be able to append the name to an Existing URL for an freenet 2 web gateway for example.)
• Names should be cryptographically unrevokable if wished. This is to avoid many of the disputes seen in the world of domain names right now.
• It should support anonymous ownership. Otherwise why would you be using Freenet in the first place.
• It should be hierarchical of nature, where each level of the hierarchy only controls issuance for the level directly below. Lets say that some one owned the /geovillages/ domain. They can control and set rules for issueing direct subdomains from their domain. But once they domain /geovillages/xxxsites/ domain had been issued by them, they can not control that domain or what goes on in that domain.
• On creation a domain can be set to be expireable. This expiration will be a set time or date and can not be changed once it's been created. When expired a domain can be reissued with a new expiration.
• Because of the hierarchical nature of the system. Given a document with a given name, you can verify that it and each parent domain above it is signed by the above domain.

One way to do this would be to use a hierarchy of PGP keys. Each domain would be described in a simple XML file, that was signed by the domain signer above.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 <drns>
<domain>
/neu
</domain>
<owner href="http://neudist.org">
1B14 4ED3 4CE5 3338 0B91  4640 AB15 3180 761B 4BD4
</owner>
</drns>

 -----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use 
<http://www.pgp.com>

 iQA/AwUBOoJJh4BkJoqOarblEQLSJwCgx0MN2IHwplBZ+klV+yfoN3Oh2r8A
mwaw
wjGb9v7pIQfs9BMh9zxkhvPq
=Hl06
-----END PGP SIGNATURE-----


 

This is the file that you get if you would get if you searched the underlying protocol for a file with the name "/neu". Any subdomains under "/neu" would consist of files similar to above, but signed by the key specified in the above owner tag.

The freenet of mojonation server would verify when a new document comes in, if it's allowed to be posted using the given name. Clients reading the file would also do a check for validity.

DRNS could be part of a layer of protocols to enable distributed, anonymous, p2p, commerce webs (how many more buzzwords can I put in here;). Higher level application specific protocols, could enable transactions and versioning ontop of this naming system and it's underlying storage protocols.

I haven't written anything here for a while (Father, its been 3 months since my last confession :) ).

Seriously I've had many second thoughts about how I was going about developing Neudist. I was very reliant on Java and various other opensource projects, that just weren't quite as stable yet as they should be. I know that I should have spent time trying to debug these, but it became much more of a chore than I wanted it to be.

Also I decided that what is really needed for something as radical as Neudist, is real applications and not just a framework hoping someone will use them. So now I'm rewriting one of my first real Perl projects TravelTalk in Perl as Yet another Community Framework. Now, why don't I just use one of the many others that are available today? Well, none of the ones I've tried really fit in with my vision of what I want, also it's more fun doing all of this from scratch anyway. So I'm doing this thing which will someday be available on http://talk.org. in Perl, mod_perl, Mason and using the Postgresql database as the underlying source.

Let me tell you after having spent several years doing Java and working with clueless commercial appserver vendors, coming back to Perl is like returning home. I absolutely love it, having forgotten how productive you can get in this environment.

So what exactly am I doing that is so different with Traveltalk. Well the current version that is up, was written many years ago (1994-95) and you know the web has changed since then. One of the things I found was that many users of the system in the Caribbean, who were in the travel trade were using it as an important way for them to reach new customers, whom they thought more about like there friends than customers. Having read the Cluetrain Manifesto, with their statement that markets are conversations, I realised that my 2 great app interests (online communities and digital commerce) are closely related. What would be more perfect than to use TravelTalk as an experiment to combine the two. I wont go into too many details right now, but I think it could be quite cool.

So technically speaking I'm putting the final bit of coding on the actual community part now, should be live the end of Feb. Then slowly I will be adding NeuDist functionality to it, allowing people to setup small online businesses. Soap and RSS will be important parts of this. I was glad to see Dave Winer on Advogato. Even though he sells closed source software, he has been really important in building up protocols such as XMLRPC, Soap and RSS. He also pretty much invented the idea of Weblogs. He has also always supported Opensource vendors using the protocols he's been developing.

I had an interesting discussion last night with a friend of mine about auditing of NEU's (Entities within my NeuDist project - think Nanocorps). He was arguing that people would only trust investing money or trading in NEU's if there was some sort of equivalent to the US GAAP and external manual Audits.

I'm a believer that for entities that are entirely online, including all their revenue, expenses, holdings etc. You can do the equivalent entirely in software. If users can see realtime what the status of the entity is and how funds and contracts flow through it, that should bring a level of trust that is unheard of in brickspace.

Independent analysts could make a living analyzing NEU's for investments or the savvy investor could do the same thing.

This requires a few important aspects of the NeuDist software. It has to be opensource so the process is entirely open. The software has to be properly audited like OpenBSD. Idealy there would also be some sort of way for the enduser to find out exactly what build of the server is running.

For other NEU's that venture out into Meatspace, I agree with my friend that we need to have other ways of determining trust. One way is to use an Advogato style trust model, another is to use and external auditing group. NeuDist will support the use of independent certifiers. These are not like todays CA's. Some of them will be underwriters, some will be analysts, there might even be cases where goverments see the usefullness in certifying a NEU for doing business (ie. incorporating) in the real world. The point is that different applications need different kinds of trust. If we at somepoint see Anheiser Bush or Coca Cola becoming NEU's they would need a trust model reliant on an army of auditors keeping track of them.

Before people argue that these entities should be private and none of what goes on should be public, I'd like to point out that that will be the case for probably the majority of NEU's out there. However if you want to receive an investment in terms of equity, bonds etc you may find that no one will give you any money unless you show them your books. This you could then easily do by adding a CAP to your financials. Many models exist, the idea with NeuDist is that we will provide a very basic yet vital layer in a framework for financial and legal trading and communication.

Also a big shout out to sohodojo. His ideas about NanoCorps map very closely to NeuDist.

Finally getting some time to get rid of the last persistent bugs, before the first release of Neudist.

I really like the new Virgule stuff on SourceForge and will try to come up with a way of integrating my secure URL Caps with virgule. Mod_virgule has a lot of cool account management features and the whole trust metric concept that would be cool for use with online entities.

Just noticed in my last diary entry that I was talking about security in Ozone. I actually came up with a way of allowing and disallowing connections from certain addresses. There has been some problems with their CVS server for a few days, but it looks like it's back up again now, so I'll create a patch and submit it to the maintainer.

While doing my Day job in London, I'm on the train 5 hours a day, which I'm currently using for my own little experiment in creating Cyber Entities - NeuDist.

I had to delay the launch as I discovered a new Object database called Ozone. I've been working with it the past two weeks or so, it's pretty cool and has a persistent DOM in it based on openxml. I've been having problems with the fairly nonexistent security model though, so I might have to work a bit on that and submit it to the ozone group.