Aliases on safe // petname system

rfc
safe-browser

#1

didn’t want to hijack the jams topic so i thought i could open an topic here and ask for some feedback (!) :smiley:

That sounds like an awesome plan!

I found myself thinking about the petname thing again and again the last days…
… Basically it wouldn’t be too hard… You just need a file with mapping information from your petname to the unique public name


basic thoughts

  • everyone participating in the ALIAS-System has a public container with e.g. the handy name _____sharedAliases_____ (and optionally a private container _____privateAliases_____)

  • if i want to have the alias ‘jams’ directing to safe://jams.demo i just store this alias in my public container - and whenever i type in jams in the address line of peruse and hit enter this gets resolved to safe://jams.demo

  • if i want to show this safelet to my friend @happybeing i tell him that theres an awesome site i called jams and he needs to check it out! - my public alias is riddim -> he just enters jams@riddim into peruse and hits enter -> the name now can get resolved through my public alias container to the full safenet address

  • another friend of mine has the name @hunterlester in RL but sadly there was someone else faster with getting a public alias at the safe network … so his public alias is hunterlester1841 - i now could add hunterlester as alias name for him for all apps resolving aliases -> i myself still could go with jams@hunterlester -> only if he wants to share a globally valid link to his onlineshop (he created through a service and therefore is located at safe://buyAt.awesomeshops/hunterlester) he needs to publish safe://shop@hunterlester1841


privacy and my stored/shared aliases

  • If the key for the mapping is the hash of my alias and the public name is encrypted by the petname too i could just publish the mapping without people seeing my pets (if they don’t bruteforce them) … when including my public name into the hash that would make different hashed for same aliases … but what if i have more than 1 public name …? (and would that make any sense at all …? if i really don’t want anyone to see the alias/website i use i could just make it a private alias …)

what do you think about this alias system? makes sense? too complex/many traps for the user?

On first view implementing this doesn’t look any difficult to me. Sadly I didn’t find the time to play with the Safe Network Playground yet and have no Idea how I would write a small library (and where I would publish it) so that others can just drop it into their safelets :open_mouth:

do you see more problems here? have additional thoughts on this topic?

Which version of npm and nodejs are the currently used ones …? does one of you have a link to a good resource on publishing a library for nodejs?
(sorry for asking this dull - i do know how to google - and i will do it anyway when i start testing this idea [if no-one else is faster - i wouldn’t mind that too - no clue how long this endeavour will take me :wink: ] … just thought if one of you does have a great starting point for me it would make sense to enter there and get a steeper learning curve :slight_smile: )


#2

I don’t have much time for this atm and have not thought this through so there may be some problems with it, but my idea is…

There’s a standard for SAFE Web Services, one of which will be ‘share’, which would work in a similar way to www, but just for shared files.

When you share a file, this container would have a link inserted into it.

To share the file, you share a safe: URI, but instead of it mapping to a www service (eg safe://www.riddim/filename) it maps to a share service (eg safe://share.riddim/filename). These don’t have to use www or share in the URI of course, it’s the service set up for that URI that matters.

The important part of this is that somebody accessing that URI gets access to the file, and I need to investigate this further, but I think it may be possible to do this without any special behaviour (ie just treat it as a Web address), but I haven’t tested that yet.

However, with a standard library, it would be easy to extend this to do things like URI shorteners, and perhaps pet names (or something similar). Or, special handling for special kinds of share, such as JAMS playlists etc

For now though this is just back of the envelope thoughts, but I’m sure that if this works it will be easy to add file sharing to any app, either just by including a library (like the one I’m creating) or creating the service directly but following some conventions.

When I get into this I’ll do some testing and be able to suggest some ideas for comment and maybe create a demo. I have quite a lot to do first thought, related to the Solid project.


#3

Great topic. I have been thinking of a web-of-trust style domain name system which resolves domain names by combining different endpoints matched from a user-selected web of domain name servers. Probably too complex but who knows…

It would destroy the idea of sharing uris since the resolver depends on who’s in your web of dns, but anyway it’ll be cool to see how the domain name squatting problem is solved. Lots of ideas and the petname one is very cool.


#4

hmmm - the wot-idea seems interesting too - yes :slight_smile: (…hmhmm… those dns-servers would then be oracles of some kind :open_mouth: so more like external service providers :thinking: might make sense in the end to enable re-use of no longer used domains … but feels a little bit strange at first to be honest)

the petname proposal pretty much would be a combination of a contact list and publicly shared hosts-files now that i think about how to summarize it


#5

Yes. It seems like a safe way to share safe-site “bookmarks” with someone, but why not just email them a link (via safe) ?

Ex. “Hey Friend, check out this arbitrary safe-site called this cool petname that I concocted right now for this email. Whenever we talk about this site let’s call it my petname…”

How often would you actually tell a friend to verbally to go to “somesite@riddim”? In this day and age they probably wouldn’t even remember and then just ask you to email or text them the link anyway.

The relatives test is usually a good indicator. “Can your median computer literate extended family member figure out the UI without asking you for help?” I think that when the network launches there needs to be a “SAFE Network HomePage” with helpful information that shows up first in Peruse in addition to having the authenticator show up. After people get used to that they can set their own home page to what they want. I’m thinking something like a return to 1990’s aol (but safer/better) until the general population beats the learning curve.


#6

hmhmm - it’s something you yourself can utilize too while not being logged into your own account / on a public computer

(at least for me it would be super-awesome … im forgetful and i probably don’t want to log into my account when being on someon elses computer just so show some website… i already was searching for a couple of safe network links in the forum because i couldn’t remember the exact names of the services …)


#7

Seems like that’s why a global shared naming system is better than pet-names. If you want to access your shared bookmarks you can just go to your public safe-site at safe://bookmarks.riddim

Due to community recommendations posted at safe://bookmarks or other conventions or pop trendiness, I too would keep the ones that I want to share publicly at safe://bookmarks.jlpell so riddim or other friends could check them out whenever they want. :grin:


#8

that would be subject to the individual to assess i guess :stuck_out_tongue_winking_eye:

your comparison to bookmarks is very valid and basically it is bookmarks but bookmarks that are easier to use (one click less) and in my opinion are therefore better
hmhmmm - maybe i’m proposing a way to utilize bookmarks here and not a petname system :wink: (or it’s one and the same just 2 different ways to look at it)

ps: and thank you very much for your honest feedback! maybe the whole concept is not the way to go - but for now i think it’s worth a try to see if people use it


#9

Bookmarks are very important for some people. I use them infrequently and often forget what I’ve bookmarked, but I do know some individuals who bookmark just about everything. They can never remember the name of a website where they saw something online, nor do they remember the name of the bookmark, but they remember that they did in fact bookmark it. So their set of bookmarks becomes a summary of things they enjoyed online and want to share, and they often scroll through them from time to time. Therefore I understand that this is an important feature for a lot of people. (I tend to just remember search terms I used and inefficiently keep searching for things over and over again, or loop through my firefox history… I’m doomed without a good SafeSearch…)

I think your basic premise/idea is a good one. I just wonder if a better way to implement it would be to have some kind of safe ‘tool’ (not saying the ‘a’ word anymore) that helps people automate a safe://bookmarks.PublicID service in a much easier way than updating links to a webpage and publishing it. Perhaps, the tool / Peruse plugin would overload “Ctl-B” key to automatically add links to this “bookmarks” service in a pretty and descriptive way… it could be dangerous though. Just my 0.02S for now… cheers!


That’s the way I see it. Maybe someone more well-versed in petnames can enlighten us.


#10

haha - just wanting to share some private joy xD

played a little bit with peruse and now have a browser that insists on visiting only safe://jams.demo no matter what you insert in the address line before you hit enter :slight_smile: looks to me i found the spot where I might want to inject replacements :open_mouth:
(yeah not really hard to find - but still a first success in my playing around and finding out how all this works :roll_eyes: )


#11

@riddim @mav

WOT sounds great to me. It would dilute the power of the main SAFE public ID system, but that could be good. Prevents/mitigates domain name squatting.

Google comes on later, but google is taken. So they use google2 as public id, but then whoever wants to can point to their actual site conveniently.

Sites are known as whatever people want them to be known as.

If something real is already at a domain, then you probably won’t try and save a petname as that, as people probably wont use it. Fine.

But if you care enough… safe://bitcoin can be both for BTC people of BCH people, depending on what you want. Or if you dont care, it just falls back to publicId.


#12

I have a fairly large extended family spanning a wide age range. I would say many are computer literate, including even grandparents in their 90’s who surf the web. I surmise that this type of domain relativism if used to any significant degree would totally confuse just about everyone. I get why a lot of people on the forums may like it, but I still find it a clumsy non-intuitive way to do the UI for the general population of internet users.

A smaller scale way to achieve what you want is to have “bookmarks” in Peruse as usual, but that the user could assign pet-names to these bookmarks as they see fit. When they organize their bookmarks perhaps the folder structure could also be replicated in the address lookup. Anyhow, to achieve your goal any bookmark name entered in the safe:// address bar would be used by Peruse as a shortcut to load the target site or page. @riddim maybe this is exactly what you are talking about and I just misunderstood the thread?

Regardless, it seems like this type of system would still be too confusing because the dns spaces are mixed. You don’t necessarily need to call bookmarks, well “bookmarks”. You could say the safe network uses “pets” or “saves”. It feels far more intuitive (for me) to type in “pets://my-petnames/folder/tree” or “saves://cool-sites/will-read-this-one-later” to clearly define which addresses are referencing the locally defined bookmark/petnames/saves tree, versus an objective global namespace used only for “safe://an-objective-safesite.known-by-everyone” addresses.

I agree that there needs to be a way to eliminate or minimize domain squatting on common dictionary words from the global dns or master publicID catalogue; I just don’t think petnames, aliases, and dns relativism are the best ways to do it. I don’t think there is a benefit to diluting or destroying the common language of navigating the internet that people are accustomed to. Doing away with the .com, .net, .org system will be enough of a learning curve. At the same time, I do see value in aliases/petnames as an easier way to organize/manage/utilize local “pets” from the address bar. As I’ve mentioned before in another thread, the Gentoo package manager uses a type of petname system called “overlays” that I see as a prototype for what you are talking about. There is the main Gentoo tree which is analogous to a globally unique dns, but if a user wants to install different packages that have different features they can select to mount an overlay subtree over this global package tree to redefine behavior for specific packages (analogous to giving aliases to site names). There are a many publicly shared overlays and they can be installed or removed to the system with a single command. If you haven’t already, you might want to investigate the Gentoo linux package manager and overlay system for inspiration. However, sometimes these shared overlays are hard to trust which would be the same issue for petname use on safe. Another way to look at aliases might be to use “git branch” as inspiration…


#13

I’ve not looked into Gentoo’s package manager at all. Sounds interesting though I will give it a wee read. :+1:

Thanks for the thoughts @jlpell!


#14

Once you’ve made the commitment to learn/use Gentoo, it’s hard to enjoy another OS, except for the fast updates. A lot of times the overlay’s just add new packages not found in the main tree, sometimes it replaces packages with the same name to gain additional functionality. I highly recommend Gentoo for any dev with the patience to learn/use it. I think Google Chromebooks use a custom Gentoo build. There is a great community at #gentoo on freenode.

https://overlays.gentoo.org/


#15

Ah cool. I’m eyeballing chromebooks for a dedicated linux machine, so that’s interesting indeed!


#16

If we ever wanted to come up with a custom “SafeOS” image that would have all of the vault and networking software ready to go, then Gentoo / Hardened Gentoo might be a good starting point. It pretty much offers infinite customization. Although there are some other good options too I suppose that may be more “safe” in philosophy (Qubes).


#17

hmhmmm so an overlay is like an alternative dns provider :thinking: (with the difficulty that you don’t really know whom to trust because they might redirect you :roll_eyes: ) or did i understand this wrong?

ps: oh one moment :open_mouth: … you can use multiple overlays like part-namespaces that get replaced …?

pps: so if you visit safe://google and installed [namespaces of my friends] i would crawl the namespace-overlays used by my friends and actually would visit safe://google2 because google was taken … and if someone explicitly adds safe://google3 i would be requested “which google do you mean? google2: used by rid, jlpell, mav / google3: used by suspiciousGuyIKnow” alternative names could become a counter that is reduced by 1 for every iteration :open_mouth: … spreading alternative names … [if you’re the one where the counter hits 0 you get asked if you want to add it to your namespace if you enter the site name and like this the counter starts again with a larger number]

ppps: oh - thats probably gossip protocol now - there will be ready to use solutions :open_mouth: i think i need to do some research


#18

Yup. Trust is an inherent issue. Just like you inherently trust your linux package manager, or you trust windows update not to mess up your system, or you trust your friend who gives a pet-name directory. Most linux distros allow you to specify multiple repositories from which to pull packages, so I guess I view all of those means as analogous to the a pet-named dns. These all need to be trusted in order for people to want to use them. The easiest one to trust is usually the one used most often by the majority of people without ill effect, ie. the master Gentoo/Portage Tree, or the vetted Debian Stable, or the original public dns on SAFE. Best when all open and easy for anyone to audit. I don’t usually use overlays or 3rd party repositories unless I absolutely have to, for example when something is not supported anywhere in the standard repos.

Usually if you do an update, it would pull the most recent version of the package from the set of overlays or repositories. Otherwise you need to explicitly specify which one you are going to use to install the package. I know @riddim does Ubuntu, so it’s really no different than using “apt-get install -t” to target a particular repo to pull packages from different community repositories. An overlay is just the Gentoo flavor of this functionality and I think may be a bit more explicit at the package level.

Anyhow, I bring up the gentoo overlays and community repos because I think they give a good example of how well or how poorly pet-name systems can work or be managed depending on use case. Gentoo has some tools to make working with them (easier), but overlays and custom repos are still a pain though if you use them too much. It would be a nightmare for average joe/jane internet user to have to deal with something like it for looking up a safe-site compared to typing in (or double-clicking) one of their “saves” or “pets” and then rely on the main public SAFE dns otherwise.

EDIT: Although I have a pessimistic view on the topic of pet-names, I know @WhiteOutMashups is a proponent, so he might be able to point out some ways that it, aliases, and such can work well. Pet-names definitely are a solution to domain squatting, but one destroys the ability to have a common internet “language” in the process.