notes-computer-hypermediaSymmetricAuthoring

Intro

There's a pattern of: (1) people discovering that hypermedia browsers that also have authoring are magical and can engage ordinary people and even kids in 'programming'. (2) Tools are created based on symmetric content creation/consumption. (3) These tools grow to a mass market. (4) But most users use them to consume, not author. (4) The authoring functionality is allowed to wither and ultimately removed. (5) Specialized authoring tools are created instead. But these are hard to use and in addition, because they are not integrated with the browser, people think of authoring as a special activity for other people. Often the most-used specialized authoring platforms (or hosting platforms) are for-profit and young kids can't access them for free.

This is especially concerning because it means that young kids won't be able to create content.

Examples

Key problem

Creators are always a minority; and other users don't want to administer servers, deal with server security, etc. Server providers want to make money, empowering users is not a core end goal (even apple which started out with that eventually dropped it); therefore they focus on the larger market of non-creator users, and then others spring up to focus on the smaller market of creators.

However, a significant fraction of users do want to create; witness the periodic success of social networks that give more customization power to the user, e.g. myspace, tumblr.

Why is running your own server a pain?

What can be done?

Example: the www, although it failed to let kids easily create their own websites, succeeded in democratizing content creation far beyond what it was before. This seems to be due to its decentralization and openness.

Well, if you create local content that is not available on the network (think HyperCard? stacks), you don't need a server admin or a service provider. But then distribution is a problem. Could you do peer-to-peer networking to distribute? Yes, but then you're basically back to the WWW. (on that note, for MMOs/virtual worlds, see the opensimulator / hypergrid stuff ).

Perhaps we distribute in such a way so that the origin server can be offline, or in the case of DDOS, doesn't have to be queried, in order for clients to interact with the content? That way people could 'serve' from mobile devices that are not always on or connected. How could that work?

Architectures that don't contact the server

Notes on PKI updates to websites

If PKI is built into the protocol, and every user can update websites they create only by using their PKI, then inevitably, often these PKIs will be stolen and attackers will gain the ability to take over the site forever and probably to lock out the site owner, just as Bitcoin can be stolen and the transactions cannot be reversed.

Why doesn't this happen with conventional web servers, which are controlled by logging onto to the hosting service with credentials that could be stolen? Because this does happen temporarily, but then the real site owner contacts the hosting service IRL and provides further out-of-band credentials to convince them that they are the true owner of the account.

You could mimic this safety net in a PKI-based system by having, not a single PKI, but a PKI authority chain. Your website's PKI can be issued by a hosting provider, but then that provider has the authority to de-authorize your PKI's over the website, and transfer its authority to another PKI. And the DNS provider has the ability to de-authorize the hosting provider's authority over the website, and transfer it to another one. The root DNS PKI would be updated by constant checking with legacy internet DNS, provided by ISPs, so if it is hacked it could be changed, and/or ISPs could tell their clients, via DHCP, to use a new one.