with @Mike Macgirvin
, principal creator of Hubzilla.
What important lessons did you take from developing DFRN when you decided to go back to the drawing board and develop Zot?
The first big thing I did was solidify the “magic-auth” protocol. In Friendica it was somewhat limited in what it could do. In Zot and Hubzilla magic-auth is really the core of the service.
Access control and privacy can be attached to any resource on your server and restricted to viewers from across the web — no matter what server they have their account on. Your private videos are only visible to select people; and they don’t need an account on your server to view them. Authentication is invisible and you aren’t asked for passwords or tokens. It just happens as you browse your social stream and visit the websites you find therein.
Part of Mike’s grassroots campaign for Hubzilla.
The second important thing we did is provide “nomadic identity”, which is also built into the protocol. In 2010–2012, the free web lost *hundreds of thousands* of early adopters because we had no way to easily migrate from server to server; and lots of early server administrators closed down with little or no warning. This set the free web back at least five years, because you couldn’t trust your account and identity and friendships and content to exist tomorrow. Most of the other free web projects decided that this problem should be solved by import/export tools (which we’re still waiting for in some cases).
I saw an even bigger problem. Twitter at the time was over capacity and often would be shut down for hours or a few days. What if you didn’t really want to permanently move to another server, but you just wanted to post something and stay in touch with friends/family when your server was having a bad day? This was the impetus for nomadic identity. You could take a thumbdrive and load it into any other server; and your identity is intact and you still have all your friends. Then we allowed you to “clone” your identity so you could have these backup accounts available at any time you needed them. Then we started syncing stuff between your clones so that on server ‘A’ you still have the same exact content and friends that you do on server ‘B’. They’re clones. You can post from either. If one shuts down forever, no big deal. If it has a cert issue that takes 24 hours to fix, no big deal. Your online life can continue, uninterrupted — no matter what happens to individual servers.