with @Mike Macgirvin
, principal creator of Hubzilla.
What important lessons did you take from developing DFRN when you decided to go back to the drawing board and develop Zot?
The first big thing I did was solidify the â€œmagic-authâ€ protocol. In Friendica it was somewhat limited in what it could do. In Zot and Hubzilla magic-auth is really the core of the service.
Access control and privacy can be attached to any resource on your server and restricted to viewers from across the webâ€Šâ€”â€Šno matter what server they have their account on. Your private videos are only visible to select people; and they donâ€™t need an account on your server to view them. Authentication is invisible and you arenâ€™t asked for passwords or tokens. It just happens as you browse your social stream and visit the websites you find therein.
Part of Mikeâ€™s grassroots campaign for Hubzilla.
The second important thing we did is provide â€œnomadic identityâ€, which is also built into the protocol. In 2010â€“2012, the free web lost *hundreds of thousands* of early adopters because we had no way to easily migrate from server to server; and lots of early server administrators closed down with little or no warning. This set the free web back at least five years, because you couldnâ€™t trust your account and identity and friendships and content to exist tomorrow. Most of the other free web projects decided that this problem should be solved by import/export tools (which weâ€™re still waiting for in some cases).
I saw an even bigger problem. Twitter at the time was over capacity and often would be shut down for hours or a few days. What if you didnâ€™t really want to permanently move to another server, but you just wanted to post something and stay in touch with friends/family when your server was having a bad day? This was the impetus for nomadic identity. You could take a thumbdrive and load it into any other server; and your identity is intact and you still have all your friends. Then we allowed you to â€œcloneâ€ your identity so you could have these backup accounts available at any time you needed them. Then we started syncing stuff between your clones so that on server â€˜Aâ€™ you still have the same exact content and friends that you do on server â€˜Bâ€™. Theyâ€™re clones. You can post from either. If one shuts down forever, no big deal. If it has a cert issue that takes 24 hours to fix, no big deal. Your online life can continue, uninterruptedâ€Šâ€”â€Šno matter what happens to individual servers.