Hey all, there’s a proposal around using a standard set of SDKs available to the community which would use an encryption standard for logins and communications.
The proposal is here: Entidad_MarketOrganic_ProposalTemplate - Google Docs
@paul121 @Symbioquine , maybe others… what do you think? Would this work easily for FarmOS? Do you think the kind of SDKs they would develop would work in Drupal? Do you feel this is valuable for the community?
Just curious for any feedback or thoughts.
Just starting to skim through this. I’ll add questions and thoughts here as I go - some may need answers/responses and some may just be useful to illustrate how a technical reader becomes acquainted with the idea/document. (I may answer some of them for myself so don’t feel the need to respond right away.)
My first questions are:
- Surely other systems do a lot of this stuff already?
- Where does this land on the continuum of “security vs convenience”?
- Who needs to trust who/what in the proposed system?
- How will this solve the “app fatigue” problem, you’re just adding another option? Surely all (many?) of the previous potential apps that are relevant also thought they were going to be the “one app to rule them all” too?
- At first reading this, I’m seeing a super high level proposal to form a group to figure some stuff out, but pretty quickly we get into bits that sound like they’re connecting existing apps/services. Maybe it would be helpful to lead with how much of this is a green field kind of thing vs you’ve already decided to use some specific technologies.
- A proposed architecture diagram up top somewhere with which bits are existing and hypothetical might be really helpful too.
- I’m curious about some of the assumptions that are implicit in what’s being described.
- What kind of networking connections are required at what points in users’ workflows?
- Are we assuming fast Internet connections always exist?
- What parts of these things work offline or over very marginal connections?
- Does peer to peer just mean something like i2p over the Internet or does it also work over direct device to device communications?
- What kind of devices and compute power are we talking about?
- Will you support truly free personal computing (insofar as that’s possible - nonfree binary hardware blobs aside) e.g. As a thought exercise would rms be willing/able to connect to your service from an underpowered PC or on the other end of the spectrum are we just talking about modern phones blessed by Apple’s or Google’s walled gardens?
Might be worth adding an FAQ and heading off some of those questions explicitly so the reader doesn’t need to fully grok the idea and compare it to their knowledge of possible other options. Presumably you folks did some shopping around and found there wasn’t something that already did what you wanted…