diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/about/about_hubzilla.bb | 313 | ||||
-rw-r--r-- | doc/about/hubzilla_project.bb | 185 | ||||
-rw-r--r-- | doc/developer/api_zot.md | 40 | ||||
-rw-r--r-- | doc/toc.html | 5 |
4 files changed, 258 insertions, 285 deletions
diff --git a/doc/about/about_hubzilla.bb b/doc/about/about_hubzilla.bb index 38b99f83d..f249df66f 100644 --- a/doc/about/about_hubzilla.bb +++ b/doc/about/about_hubzilla.bb @@ -1,150 +1,42 @@ -[h3]Project Overview[/h3] - -$Projectname is a decentralized community server providing communications, identity, and access control services which work together seamlessly across domains and connected websites. It allows anybody to publicly or [b]privately[/b] publish a range of web/media/personal content. The cross-domain privacy implementation is unique and somewhat revolutionary, as identity and access rights are negotiated by servers invisibly in the background. - - -$Projectname provides distributed web publishing and social communications with [b]decentralised permissions[/b]. - -So what exactly are "decentralised permissions"? They give me the ability to share something on my website (photos, media, files, webpages, etc.) with specific people on completely different websites - but not necessarily [i]everybody[/i] on those websites; and they do not need a password on my website and do not need to login to my website to view the things I've shared with them. They have one password on their own website and "magic authentication" between affiliated websites in the network. Also, as it is decentralised, there is no third party which has the ability to bypass permissions and see everything in the network. - -$Projectname combines many features of traditional blogs, social networking and media, content management systems, and personal cloud storage into an easy to use framework. Each node in the grid can operate standalone or link with other nodes to create a super-network; leaving privacy under the control of the original publisher. - -$Projectname is an open source webserver application written originally in PHP/MySQL and is easily installable by those with basic website administration skills. It is also easily extended via plugins and themes and other third-party tools. - - -$Projectname is free and open source. It is designed to scale from a $35 Raspberry Pi, to top of the line AMD and Intel Xeon-powered multi-core enterprise servers. It can be used to support communication between a few individuals, or scale to many thousands and more. - -$Projectname aims to be skill and resource agnostic. It is easy to use by everyday people, as well as by systems administrators and developers. - -How you use it depends on how you want to use it. - -It is written in the PHP scripting language, thus making it trivial to install on any hosting platform in use today. This includes self-hosting at home, at hosting providers such as [url=http://mediatemple.com/]Media Temple[/url] and [url=http://www.dreamhost.com/]Dreamhost[/url], or on virtual and dedicated servers, offered by the likes of [url=https://www.linode.com]Linode[/url], [url=http://greenqloud.com]GreenQloud[/url] or [url=https://aws.amazon.com]Amazon AWS[/url]. - -In other words, $Projectname can run on any computing platform that comes with a web server, a MySQL-compatible database, and the PHP scripting language. - -Along the way, $Projectname offers a number of unique goodies: - -[b]Single-click identification:[/b] meaning you can access sites on $Projectname simply by clicking on links to remote sites. Authentication just happens automagically behind the scenes. Forget about remembering multiple login names with multiple passwords when accessing different sites online. - -[b]Cloning:[/b] of online identities. Your online presence no longer has to be tied to a single server, domain name or IP address. You can clone and import your identity (or channel as we call it) to another server (or, a hub as servers are known in $Projectname). Now, should your primary hub go down, no worries, your contacts, posts[i]*[/i], and messages[i]*[/i] will automagically continue to be available and accessible under your cloned channel. [i](*: only posts and messages as from the moment you cloned your channel)[/i] - -[b]Privacy:[/b] $Projectname identities (Zot IDs) can be deleted, backed up/downloaded, and cloned. People have full control of their own data and content. Should you decide to delete all your content and erase your Zot ID, all you have to do is click on a link and it's immediately deleted from the hub. - - -[h4]Additional Resources and Links[/h4] -For more detailed, technical information about Zot, check out the following links: -[list] -[*][url=http://hubzilla.org]Hubzilla project website[/url] -[*][url=https://github.com/redmatrix/hubzilla]Hubzilla core code repository[/url] -[*][url=https://github.com/redmatrix/hubzilla-addons]Hubzilla official addons repository[/url] -[/list] - -[h4]$Projectname Governance[/h4] -Governance relates to the management of a project and particularly how this relates to conflict resolution. - -[h5]Community Governance[/h5] -The project is maintained and decisions made by the 'community'. The governance structure is still evolving. Until the structure is finalised, decisions are made in the following order: - -[ol] -[*] Lazy Consensus - -If a project proposal is made to one of the community governance forums and there are no serious objections in a "reasonable" amount of time from date of proposal (we usually provide 2-3 days for all interested parties to weigh in), no vote needs to be taken and the proposal will be considered approved. Some concerns may be raised at this time, but if these are addressed during discussion and work-arounds provided, it will still be considered approved. - - -[*] Veto - -Senior developers with a significant history of project commits may veto any decision. The decision may not proceed until the veto is removed or an alternative proposal is presented. - - -[*] Community Vote - -A decision which does not have a clear mandate or clear consensus, but is not vetoed, can be taken to a community vote. At present this is a simple popular vote in one of the applicable community forums. At this time, popular vote decides the outcome. This may change in the future if the community adopts a 'council' governance model. This document will be updated at that time with the updated governance rules. -[/ol] - -Community Voting does not always provide a pleasant outcome and can generate polarised factions in the community (hence the reason why other models are under consideration). If the proposal is 'down voted' there are still several things which can be done and the proposal re-submitted with slightly different parameters (convert to an addon, convert to an optional feature which is disabled by default, etc.). If interest in the feature is high and the vote is "close", it can generate lots of bad feelings amongst the losing voters. On such close votes, it is [b]strongly recommended[/b] that the proposer take steps to address any concerns that were raised and re-submit. - - - -[h4]Privacy Policy[/h4] - - -[h5]Summary[/h5] - - -Q: Who can see my content? +[h3]What is Hubzilla?[/h3] +$Projectname is a [b]free and open source[/b] set of web applications and services running on a special kind of web server, called a "hub", that can connect to other hubs in a decentralised network we like to call "the grid", providing sophisticated communications, identity, and access control services which work together seamlessly across domains and independent websites. It allows anybody to publicly or [b]privately[/b] publish content via "channels", which are the fundamental, cryptographically secured identities that provide authentication independently of the hubs which host them. This revolutionary liberation of online identity from individual servers and domains is called "nomadic identity", and it is powered by the Zot protocol, a new framework for decentralised access control with fine-grained, extensible permissions. + +[h3]Right... so what is Hubzilla?[/h3] +From the practical perspective of hub members who use the software, $Projectname offers a variety of familiar, integrated web apps and services, including: +[ul] +[li]social networking discussion threads[/li] +[li]cloud file storage[/li] +[li]calendar and contacts (with CalDAV and CardDAV support)[/li] +[li]webpage hosting with a content management system[/li] +[li]wiki[/li] +[li]and more...[/li][/ul] +While all of these apps and services can be found in other software packages, only $Projectname allows you to set permissions for groups and individuals who may not even have accounts on your hub! In typical web apps, if you want to share things privately on the internet, the people you share with must have accounts on the server hosting your data; otherwise, there is no robust way for your server to [i]authenticate[/i] visitors to the site to know whether to grant them access. $Projectname solves this problem with an advanced system of [i]remote authentication[/i] that validates the identity of visitors by employing techniques that include public key cryptography. -A: By default ANYBODY on the internet, UNLESS you restrict it. $Projectname allows you to choose the privacy level you desire. Restricted content will NOT be visible to "spy networks" and advertisers. It will be protected against eavesdropping by outsiders - to the best of our ability. Hub administrators with sufficient skills and patience MAY be able to eavesdrop on some private communications but they must expend effort to do so. Privacy modes exist within $Projectname which are even resistant to eavesdropping by skilled and determined hub administrators. - -Q: Can my content be censored? - -A: $Projectname (the network) CANNOT censor your content. Server and hub administrators are subject to local laws and MAY remove objectionable content from their site/hub. Anybody MAY become a hub administrator, including you; and therefore publish content which might otherwise be censored. You still MAY be subject to local laws. - - -[h5]Definitions[/h5] - -**$Projectname** +[h3]Software Stack[/h3] +The $Projectname software stack is a relatively standard webserver application written primarily in PHP/MySQL and [url=https://github.com/redmatrix/hubzilla/blob/master/install/INSTALL.txt]requiring little more than a web server, a MySQL-compatible database, and the PHP scripting language[/url]. It is designed to be easily installable by those with basic website administration skills on typical shared hosting platforms with a broad range of computing hardware. It is also easily extended via plugins and themes and other third-party tools. -Otherwise referred to as "the network", $Projectname is a collection of individual computers/servers (aka **hubs**) which connect together to form a larger cooperative network. - -**hub** - -An individual computer or server connected to $Projectname. These are provided by a **hub administrator** and may be public or private, paid or free. - -**hub administrator** - -The system operator of an individual hub. - -[h5]Policies[/h5] - -**Public Information** - -Any information or anything posted by you within $Projectname MAY be public or visible to anybody on the internet. To the extent possible, $Projectname allows you to protect content and restrict who can view it. - -Your profile photo, your channel name, and the location (URL or network address) of your channel are visible to anybody on the internet and privacy controls will not affect the display of these items. - -You MAY additionally provide other profile information. Any information which you provide in your "default" or **public profile** MAY be transmitted to other hubs in $Projectname and additionally MAY be displayed in the channel directory. You can restrict the viewing of this profile information. It may be restricted only to members of your hub, or only connections (friends), or other limited sets of viewers as you desire. If you wish for your profile to be restricted, you must set the appropriate privacy setting, or simply DO NOT provide additional information. - -**Content** - -Content you provide (status posts, photos, files, etc.) belongs to you. $Projectname default is to publish content openly and visible to anybody on the internet (PUBLIC). You MAY control this in your channel settings and restrict the default permissions or you MAY restrict the visibility of any single published item separately (PRIVATE). $Projectname developers will ensure that restricted content is ONLY visible to those in the restriction list - to the best of their ability. - -Content (especially status posts) that you share with other networks or that you have made visible to anybody on the internet (PUBLIC) cannot easily be taken back once it has been published. It MAY be shared with other networks and made available through RSS/Atom feeds. It may also be syndicated on other $Projectname sites. It MAY appear on other networks and websites and be visible in internet searches. If you do not wish this default behaviour please adjust your channel settings and restrict who can see your content. - -**Comments and Forum posts** - -Comments to posts that were created by others and posts which are designated as forum posts belong to you as the creator/author, but the distribution of these posts is not under your direct control, and you relinquish SOME rights to these items. These posts/comments MAY be re-distributed to others, and MAY be visible to anybody on the internet. In the case of comments, the creator of the "first message" in the thread (conversation) to which you are replying controls the distribution of all comments and replies to that message. They "own" and therefore have certain rights with regard to the entire conversation (including all comments contained within it). You can still edit or delete the comment, but the conversation owner also has rights to edit, delete, re-distribute, and backup/restore any or all the content from the conversation. - -**Private Information** - -$Projectname developers will ensure that any content you provide which is designated as PRIVATE will be protected against eavesdropping - to the best of their ability. Private channel content CAN be seen in the database of every involved hub administrator, but private messages are obscured in the database. The latter means that it is very difficult, but NOT impossible for this content to be seen by a hub administrator. Private channel content and private messages are also stripped from email notifications. End to end encryption is provided as an optional feature and this CANNOT be seen, even by a determined administrator. - -[h5]Identity Privacy[/h5] - -Privacy for your identity is another aspect. Because you have a decentralized identity in $Projectname, your privacy extends beyond your home hub. If you want to have complete control of your privacy and security you should run your own hub on a dedicated server. For many people, this is complicated and may stretch their technical abilities. So let's list a few precautions you can make to assure your privacy as much as possible. - -A decentralized identity has a lot of advantages and gives you al lot of interesting features, but you should be aware of the fact that your identity is known by other hubs in $Projectname network. One of those advantages is that other channels can serve you customized content and allow you to see private things (such as private photos which others wish to share with you). Because of this those channels need to know who you are. But we understand that sometimes those other channels know more from you than you might desire. For instance the plug-in Visage that can tell a channel owner the last time you visit their profile. You can easily OPT-OUT of this low level and we think, harmless tracking. - -* You can enable [Do Not Track (DNT)](http://donottrack.us/) in your web browser. We respect this new privacy policy proposal. All modern browsers support DNT. You will find it in the privacy settings of your browsers or else you can consult the web browser's manual. This will not affect the functionality of $Projectname. This setting is probably enough for most people. - -*You can [disable publication](settings) of your channel in our channel directory. If you want people to find your channel, you should give your channel address directly to them. We think this is a good indication that you prefer extra privacy and automatically enable "Do Not Track" if this is the case. +[h3]Additional Resources and Links[/h3] +[list][*][url=http://hubzilla.org]Hubzilla project website[/url] +[*][url=https://github.com/redmatrix/hubzilla]Hubzilla core code repository[/url] +[*][url=https://github.com/redmatrix/hubzilla-addons]Hubzilla official addons repository[/url][/list] -* You can have a blocked hub. That means that all channels and content on that hub is not public, and not visible to the outside world. This is something only your hub administrator can do. We also respect this and automatically enable "Do Not Track" if it is set. +[h3]Glossary[/h3] +[dl terms="b"] +[*= hub] An instance of the Hubzilla software running on a standard web server -[h5]Censorship[/h5] +[*= grid] The global network of hubs that exchange information with each other using the Zot protocol. -$Projectname is a global network which is inclusive of all religions and cultures. This does not imply that every member of the network feels the same way you do on contentious issues, and some people may be STRONGLY opposed to the content you post. In general, if you wish to post something that you know may nor be universally acceptable, the best approach is to restrict the audience using privacy controls to a small circle of friends. +[*= channel] The fundamental identity on the grid. A channel can represent a person, a blog, or a forum to name a few. Channels can make connections with other channels to share information with highly detailed permissions. -$Projectname as a network provider is unable to censor content. However, hub administrators MAY censor any content which appears on their hub to comply with local laws or even personal judgement. Their decision is final. If you have issues with any hub administrator, you may move your account and postings to another site which is more in line with your expectations. Please check (periodically) the [Terms of Service](help/TermsOfService) of your hub to learn about any rules or guidelines. If your content consists of material which is illegal or may cause issues, you are STRONGLY encouraged to host your own (become a hub administrator). You may still find that your content is blocked on some hubs, but $Projectname as a network cannot block it from being posted. +[*= clone] Channels can have clones associated with separate and otherwise unrelated accounts on independent hubs. Communications shared with a channel are synchronized among the channel clones, allowing a channel to send and receive messages and access shared content from multiple hubs. This provides resilience against network and hardware failures, which can be a significant problem for self-hosted or limited-resource web servers. Cloning allows you to completely move a channel from one hub to another, taking your data and connections with you. See nomadic identity. -$Projectname RECOMMENDS that hub administrators provide a grace period of 1-2 days between warning an account holder of content that needs to be removed and physically removing or disabling the account. This will give the content owner an opportunity to export their channel meta-data and import it to another site. In rare cases the content may be of such a nature to justify the immediate termination of the account. This is a hub decision, not a $Projectname decision. +[*= nomadic identity] The ability to authenticate and easily migrate an identity across independent hubs and web domains. Nomadic identity provides true ownership of an online identity, because the identities of the channels controlled by an account on a hub are not tied to the hub itself. A hub is more like a "host" for channels. With Hubzilla, you don't have an "account" on a server like you do on typical websites; you own an identity that you can take with you across the grid by using clones. -If you typically and regularly post content of an adult or offensive nature, you are STRONGLY encouraged to mark your account "NSFW" (Not Safe For Work). This will prevent the display of your profile photo in the directory except to viewers that have chosen to disable "safe mode". If your profile photo is found by directory administrators to be adult or offensive, the directory administrator MAY flag your profile photo as NSFW. There is currently no official mechanism to contest or reverse this decision, which is why you SHOULD mark your own account NSFW if it is likely to be inappropriate for general audiences. +[*= [url=[baseurl]/help/developer/what_is_zot]Zot[/url]] The novel JSON-based protocol for implementing secure decentralised communications and services. It differs from many other communication protocols by building communications on top of a decentralised identity and authentication framework. The authentication component is similar to OpenID conceptually but is insulated from DNS-based identities. Where possible remote authentication is silent and invisible. This provides a mechanism for internet-scale distributed access control which is unobtrusive. +[/dl] [h3]Features[/h3] - -$Projectname is a general-purpose web publishing and communication network, with several unique features. It is designed to be used by the widest range of people on the web, from non-technical bloggers, to expert PHP programmers and seasoned systems administrators. - -This page lists some of the core features of $Projectname that are bundled with the official release. As with most free and open source software, there may be many other extensions, additions, plugins, themes and configurations that are limited only by the needs and imagination of the members. +This page lists some of the core features of $Projectname that are bundled with the official release. $Projectname is a highly extensible platform, so more features and capabilities can be added via additional themes and plugins. [h4]Affinity Slider[/h4] @@ -291,9 +183,7 @@ Any number of profiles may be created containing different information and these [h4]Account Backup[/h4] -Red offers a simple, one-click account backup, where you can download a complete backup of your profile(s). - -Backups can then be used to clone or restore a profile. +$Projectname offers a simple, one-click account backup, where you can download a complete backup of your profile(s). Backups can then be used to clone or restore a profile. [h4]Account Deletion[/h4] @@ -319,7 +209,6 @@ Post can be previewed prior to sending and edited after sending. [h4]Voting/Consensus[/h4] Posts can be turned into "consensus" items which allows readers to offer feedback, which is collated into "agree", "disagree", and "abstain" counters. This lets you gauge interest for ideas and create informal surveys. - [h4]Extending $Projectname[/h4] $Projectname can be extended in a number of ways, through site customisation, personal customisation, option setting, themes, and addons/plugins. @@ -327,145 +216,3 @@ $Projectname can be extended in a number of ways, through site customisation, pe [h4]API[/h4] An API is available for use by third-party services. This is based originally on the early Twitter API (for which hundreds of third-party tools exist). It is currently being extended to provide access to facilities and abilities which are specific to $Projectname. Access may be provided by login/password or OAuth and client registration of OAuth applications is provided. - - - - -[h3]What is Zot?[/h3] - -Zot is the protocol that powers $Projectname, providing three core capabilities: Communications, Identity, and Access Control. - -The functionality it provides can also be described as follows: - - - a relationship online is just a bunch of permissions - - the internet is just another folder - -[h4]Communications[/h4] - -Zot is a revolutionary protocol which provides [i]decentralised communications[/i] and [i]identity management[/i] across the grid. The resulting platform can provide web services comparable to those offered by large corporate providers, but without the large corporate provider and their associated privacy issues, insatiable profit drive, and walled-garden mentality. - -Communications and social networking are an integral part of the grid. Any channel (and any services provided by that channel) can make full use of feature-rich social communications on a global scale. These communications may be public or private - and private communications comprise not only fully encrypted transport, but also encrypted storage to help protect against accidental snooping and disclosure by rogue system administrators and internet service providers. - -Zot allows a wide array of background services in the grid, from offering friend suggestions, to directory services. You can also perform other things which would typically only be possibly on a centralized provider - such as "Wall to Wall" posts. Private/multiple profiles can be easily created, and web content can be tailored to the viewer via the [i]Affinity Slider[/i]. - -You won't find these features at all on other decentralized communication services. In addition to providing hub (server) decentralization, perhaps the most innovative and interesting Zot feature is its provision of [i]decentralized identity[/i] services. - -[h4]Identity[/h4] - -Zot's identity layer is unique. It provides [i]invisible single sign-on[/i] across all sites in the grid. - -It also provides [i]nomadic identity[/i], so that your communications with friends, family, and or anyone else you're communicating with won't be affected by the loss of your primary communication node - either temporarily or permanently. - -The important bits of your identity and relationships can be backed up to a thumb drive, or your laptop, and may appear at any node in the grid at any time - with all your friends and preferences intact. - -Crucially, these nomadic instances are kept in sync so any instance can take over if another one is compromised or damaged. This protects you against not only major system failure, but also temporary site overloads and governmental manipulation or censorship. - -Nomadic identity, single sign-on, and $Projectname's decentralization of hubs, we believe, introduce a high degree of degree of [i]resiliency[/i] and [i]persistence[/i] in internet communications, that are sorely needed amidst global trends towards corporate centralization, as well as mass and indiscriminate government surveillance and censorship. - -As you browse the grid, viewing channels and their unique content, you are seamlessly authenticated as you go, even across completely different server hubs. No passwords to enter. Nothing to type. You're just greeted by name on every new site you visit. - -How does Zot do that? We call it [i]magic-auth[/i], because $Projectname hides the details of the complexities that go into single sign-on logins, and nomadic identities, from the experience of browsing on the grid. This is one of the design goals of $Projectname: to increase privacy, and freedom on the web, while reducing the complexity and tedium brought by the need to enter new passwords and login names for every different sight that someone might visit online. - -You login only once on your home hub (or any nomadic backup hub you have chosen). This allows you to access any authenticated services provided anywhere in the grid - such as shopping, blogs, forums, and access to private information. This is just like the services offered by large corporate providers with huge user databases; however you can be a member of this community, as well as a server on this network using a $35 Rasberry Pi. Your password isn't stored on a thousand different sites, or even worse, only on a few sites like Google and Facebook, beyond your direct control. - -You cannot be silenced. You cannot be removed from the grid, unless you yourself choose to exit it. - -[h4]Access Control[/h4] - -Zot's identity layer allows you to provide fine-grained permissions to any content you wish to publish - and these permissions extend across $Projectname. This is like having one super huge website made up of an army of small individual websites - and where each channel in the grid can completely control their privacy and sharing preferences for any web resources they create. - -Currently, the grid supports communications, photo albums, events, and files. This will be extended in the future to provide content management services (web pages) and cloud storage facilities, such as WebDAV and multi-media libraries. Every object and how it is shared and with whom is completely under your control. - -This type of control is available on large corporate providers such as Facebook and Google, because they own the user database. Within the grid, there is no need for a huge user database on your machine - because the grid [i]is[/i] your user database. It has what is essentially infinite capacity (limited by the total number of hubs online across the internet), and is spread amongst hundreds, and potentially millions of computers. - -Access can be granted or denied for any resource, to any channel, or any group of channels; anywhere within the grid. Others can access your content if you permit them to do so, and they do not even need to have an account on your hub. Your private photos cannot be viewed, because permission really work; they are not an addon that was added as an afterthought. If you aren't on the list of allowed viewers for a particular photo, you aren't going to look at it. - - -[h3]Credits[/h3] - -Thanks to all who have helped and contributed to the project and its predecessors over the years. -It is possible we missed in your name but this is unintentional. We also thank the community and -its members for providing valuable input and without whom this entire effort would be meaningless. - -It is also worth acknowledging the contributions and solutions to problems which arose from -discussions amongst members and developers of other somewhat related and competing projects; -even if we have had our occasional disagreements. - -[list] -[li]Mike Macgirvin[/li] -[li]Fabio Comuni[/li] -[li]Simon L'nu[/li] -[li]marijus[/li] -[li]Tobias Diekershoff[/li] -[li]fabrixxm[/li] -[li]tommy tomson[/li] -[li]Simon[/li] -[li]zottel[/li] -[li]Christian Vogeley[/li] -[li]Jeroen van Riet Paap (jeroenpraat)[/li] -[li]Michael Vogel[/li] -[li]erik[/li] -[li]Zach Prezkuta[/li] -[li]Paolo T[/li] -[li]Michael Meer[/li] -[li]Michael[/li] -[li]Abinoam P. Marques Jr[/li] -[li]Tobias Hößl[/li] -[li]Alexander Kampmann[/li] -[li]Olaf Conradi[/li] -[li]Paolo Tacconi[/li] -[li]tobiasd[/li] -[li]Devlon Duthie[/li] -[li]Zvi ben Yaakov (a.k.a rdc)[/li] -[li]Alexandre Hannud Abdo[/li] -[li]Olivier Migeot[/li] -[li]Chris Case[/li] -[li]Klaus Weidenbach[/li] -[li]Michael Johnston[/li] -[li]olivierm[/li] -[li]Vasudev Kamath[/li] -[li]pixelroot[/li] -[li]Max Weller[/li] -[li]duthied[/li] -[li]Martin Schmitt[/li] -[li]Sebastian Egbers[/li] -[li]Erkan Yilmaz[/li] -[li]sasiflo[/li] -[li]Stefan Parviainen[/li] -[li]Haakon Meland Eriksen[/li] -[li]Oliver Hartmann (23n)[/li] -[li]Erik Lundin[/li] -[li]habeascodice[/li] -[li]sirius[/li] -[li]Charles[/li] -[li]Tony Baldwin[/li] -[li]Hauke Zuehl[/li] -[li]Keith Fernie[/li] -[li]Anne Walk[/li] -[li]toclimb[/li] -[li]Daniel Frank[/li] -[li]Matthew Exon[/li] -[li]Michal Supler[/li] -[li]Tobias Luther[/li] -[li]U-SOUND\mike[/li] -[li]mrjive[/li] -[li]nostupidzone[/li] -[li]tonnerkiller[/li] -[li]Antoine G[/li] -[li]Christian Drechsler[/li] -[li]Ludovic Grossard[/li] -[li]RedmatrixCanada[/li] -[li]Stanislav Lechev [0xAF][/li] -[li]aweiher[/li] -[li]bufalo1973[/li] -[li]dsp1986[/li] -[li]felixgilles[/li] -[li]ike[/li] -[li]maase2[/li] -[li]mycocham[/li] -[li]ndurchx[/li] -[li]pafcu[/li] -[li]Simó Albert i Beltran[/li] -[li]Manuel Reva[/li] -[li]Manuel Jiménez Friaza[/li] -[/list] diff --git a/doc/about/hubzilla_project.bb b/doc/about/hubzilla_project.bb new file mode 100644 index 000000000..7a584687d --- /dev/null +++ b/doc/about/hubzilla_project.bb @@ -0,0 +1,185 @@ +[h3]$Projectname Governance[/h3] +Governance relates to the management of a project and particularly how this relates to conflict resolution. + +[h4]Community Governance[/h4] +The project is maintained and decisions made by the 'community'. The governance structure is still evolving. Until the structure is finalised, decisions are made in the following order: + +[ol] +[*] Lazy Consensus + +If a project proposal is made to one of the community governance forums and there are no serious objections in a "reasonable" amount of time from date of proposal (we usually provide 2-3 days for all interested parties to weigh in), no vote needs to be taken and the proposal will be considered approved. Some concerns may be raised at this time, but if these are addressed during discussion and work-arounds provided, it will still be considered approved. + + +[*] Veto + +Senior developers with a significant history of project commits may veto any decision. The decision may not proceed until the veto is removed or an alternative proposal is presented. + + +[*] Community Vote + +A decision which does not have a clear mandate or clear consensus, but is not vetoed, can be taken to a community vote. At present this is a simple popular vote in one of the applicable community forums. At this time, popular vote decides the outcome. This may change in the future if the community adopts a 'council' governance model. This document will be updated at that time with the updated governance rules. +[/ol] + +Community Voting does not always provide a pleasant outcome and can generate polarised factions in the community (hence the reason why other models are under consideration). If the proposal is 'down voted' there are still several things which can be done and the proposal re-submitted with slightly different parameters (convert to an addon, convert to an optional feature which is disabled by default, etc.). If interest in the feature is high and the vote is "close", it can generate lots of bad feelings amongst the losing voters. On such close votes, it is [b]strongly recommended[/b] that the proposer take steps to address any concerns that were raised and re-submit. + + + +[h4]Privacy Policy[/h4] + +Q: Who can see my content? + +A: By default ANYBODY on the internet, UNLESS you restrict it. $Projectname allows you to choose the privacy level you desire. Restricted content will NOT be visible to "spy networks" and advertisers. It will be protected against eavesdropping by outsiders - to the best of our ability. Hub administrators with sufficient skills and patience MAY be able to eavesdrop on some private communications but they must expend effort to do so. Privacy modes exist within $Projectname which are even resistant to eavesdropping by skilled and determined hub administrators. + +Q: Can my content be censored? + +A: $Projectname (the network) CANNOT censor your content. Server and hub administrators are subject to local laws and MAY remove objectionable content from their site/hub. Anybody MAY become a hub administrator, including you; and therefore publish content which might otherwise be censored. You still MAY be subject to local laws. + + +[h5]Definitions[/h5] + +**$Projectname** + +Otherwise referred to as "the network", $Projectname is a collection of individual computers/servers (aka **hubs**) which connect together to form a larger cooperative network. + +**hub** + +An individual computer or server connected to $Projectname. These are provided by a **hub administrator** and may be public or private, paid or free. + +**hub administrator** + +The system operator of an individual hub. + +[h5]Policies[/h5] + +**Public Information** + +Any information or anything posted by you within $Projectname MAY be public or visible to anybody on the internet. To the extent possible, $Projectname allows you to protect content and restrict who can view it. + +Your profile photo, your channel name, and the location (URL or network address) of your channel are visible to anybody on the internet and privacy controls will not affect the display of these items. + +You MAY additionally provide other profile information. Any information which you provide in your "default" or **public profile** MAY be transmitted to other hubs in $Projectname and additionally MAY be displayed in the channel directory. You can restrict the viewing of this profile information. It may be restricted only to members of your hub, or only connections (friends), or other limited sets of viewers as you desire. If you wish for your profile to be restricted, you must set the appropriate privacy setting, or simply DO NOT provide additional information. + +**Content** + +Content you provide (status posts, photos, files, etc.) belongs to you. $Projectname default is to publish content openly and visible to anybody on the internet (PUBLIC). You MAY control this in your channel settings and restrict the default permissions or you MAY restrict the visibility of any single published item separately (PRIVATE). $Projectname developers will ensure that restricted content is ONLY visible to those in the restriction list - to the best of their ability. + +Content (especially status posts) that you share with other networks or that you have made visible to anybody on the internet (PUBLIC) cannot easily be taken back once it has been published. It MAY be shared with other networks and made available through RSS/Atom feeds. It may also be syndicated on other $Projectname sites. It MAY appear on other networks and websites and be visible in internet searches. If you do not wish this default behaviour please adjust your channel settings and restrict who can see your content. + +**Comments and Forum posts** + +Comments to posts that were created by others and posts which are designated as forum posts belong to you as the creator/author, but the distribution of these posts is not under your direct control, and you relinquish SOME rights to these items. These posts/comments MAY be re-distributed to others, and MAY be visible to anybody on the internet. In the case of comments, the creator of the "first message" in the thread (conversation) to which you are replying controls the distribution of all comments and replies to that message. They "own" and therefore have certain rights with regard to the entire conversation (including all comments contained within it). You can still edit or delete the comment, but the conversation owner also has rights to edit, delete, re-distribute, and backup/restore any or all the content from the conversation. + +**Private Information** + +$Projectname developers will ensure that any content you provide which is designated as PRIVATE will be protected against eavesdropping - to the best of their ability. Private channel content CAN be seen in the database of every involved hub administrator, but private messages are obscured in the database. The latter means that it is very difficult, but NOT impossible for this content to be seen by a hub administrator. Private channel content and private messages are also stripped from email notifications. End to end encryption is provided as an optional feature and this CANNOT be seen, even by a determined administrator. + +[h5]Identity Privacy[/h5] + +Privacy for your identity is another aspect. Because you have a decentralized identity in $Projectname, your privacy extends beyond your home hub. If you want to have complete control of your privacy and security you should run your own hub on a dedicated server. For many people, this is complicated and may stretch their technical abilities. So let's list a few precautions you can make to assure your privacy as much as possible. + +A decentralized identity has a lot of advantages and gives you al lot of interesting features, but you should be aware of the fact that your identity is known by other hubs in $Projectname network. One of those advantages is that other channels can serve you customized content and allow you to see private things (such as private photos which others wish to share with you). Because of this those channels need to know who you are. But we understand that sometimes those other channels know more from you than you might desire. For instance the plug-in Visage that can tell a channel owner the last time you visit their profile. You can easily OPT-OUT of this low level and we think, harmless tracking. + +* You can enable [Do Not Track (DNT)](http://donottrack.us/) in your web browser. We respect this new privacy policy proposal. All modern browsers support DNT. You will find it in the privacy settings of your browsers or else you can consult the web browser's manual. This will not affect the functionality of $Projectname. This setting is probably enough for most people. + +*You can [disable publication](settings) of your channel in our channel directory. If you want people to find your channel, you should give your channel address directly to them. We think this is a good indication that you prefer extra privacy and automatically enable "Do Not Track" if this is the case. + +* You can have a blocked hub. That means that all channels and content on that hub is not public, and not visible to the outside world. This is something only your hub administrator can do. We also respect this and automatically enable "Do Not Track" if it is set. + +[h5]Censorship[/h5] + +$Projectname is a global network which is inclusive of all religions and cultures. This does not imply that every member of the network feels the same way you do on contentious issues, and some people may be STRONGLY opposed to the content you post. In general, if you wish to post something that you know may nor be universally acceptable, the best approach is to restrict the audience using privacy controls to a small circle of friends. + +$Projectname as a network provider is unable to censor content. However, hub administrators MAY censor any content which appears on their hub to comply with local laws or even personal judgement. Their decision is final. If you have issues with any hub administrator, you may move your account and postings to another site which is more in line with your expectations. Please check (periodically) the [Terms of Service](help/TermsOfService) of your hub to learn about any rules or guidelines. If your content consists of material which is illegal or may cause issues, you are STRONGLY encouraged to host your own (become a hub administrator). You may still find that your content is blocked on some hubs, but $Projectname as a network cannot block it from being posted. + +$Projectname RECOMMENDS that hub administrators provide a grace period of 1-2 days between warning an account holder of content that needs to be removed and physically removing or disabling the account. This will give the content owner an opportunity to export their channel meta-data and import it to another site. In rare cases the content may be of such a nature to justify the immediate termination of the account. This is a hub decision, not a $Projectname decision. + +If you typically and regularly post content of an adult or offensive nature, you are STRONGLY encouraged to mark your account "NSFW" (Not Safe For Work). This will prevent the display of your profile photo in the directory except to viewers that have chosen to disable "safe mode". If your profile photo is found by directory administrators to be adult or offensive, the directory administrator MAY flag your profile photo as NSFW. There is currently no official mechanism to contest or reverse this decision, which is why you SHOULD mark your own account NSFW if it is likely to be inappropriate for general audiences. + +[h3]Credits[/h3] + +Thanks to all who have helped and contributed to the project and its predecessors over the years. +It is possible we missed in your name but this is unintentional. We also thank the community and +its members for providing valuable input and without whom this entire effort would be meaningless. + +It is also worth acknowledging the contributions and solutions to problems which arose from +discussions amongst members and developers of other somewhat related and competing projects; +even if we have had our occasional disagreements. + +[list] +[li]Mike Macgirvin[/li] +[li]Fabio Comuni[/li] +[li]Simon L'nu[/li] +[li]marijus[/li] +[li]Tobias Diekershoff[/li] +[li]fabrixxm[/li] +[li]tommy tomson[/li] +[li]Simon[/li] +[li]zottel[/li] +[li]Christian Vogeley[/li] +[li]Jeroen van Riet Paap (jeroenpraat)[/li] +[li]Michael Vogel[/li] +[li]erik[/li] +[li]Zach Prezkuta[/li] +[li]Paolo T[/li] +[li]Michael Meer[/li] +[li]Michael[/li] +[li]Abinoam P. Marques Jr[/li] +[li]Tobias Hößl[/li] +[li]Alexander Kampmann[/li] +[li]Olaf Conradi[/li] +[li]Paolo Tacconi[/li] +[li]tobiasd[/li] +[li]Devlon Duthie[/li] +[li]Zvi ben Yaakov (a.k.a rdc)[/li] +[li]Alexandre Hannud Abdo[/li] +[li]Olivier Migeot[/li] +[li]Chris Case[/li] +[li]Klaus Weidenbach[/li] +[li]Michael Johnston[/li] +[li]olivierm[/li] +[li]Vasudev Kamath[/li] +[li]pixelroot[/li] +[li]Max Weller[/li] +[li]duthied[/li] +[li]Martin Schmitt[/li] +[li]Sebastian Egbers[/li] +[li]Erkan Yilmaz[/li] +[li]sasiflo[/li] +[li]Stefan Parviainen[/li] +[li]Haakon Meland Eriksen[/li] +[li]Oliver Hartmann (23n)[/li] +[li]Erik Lundin[/li] +[li]habeascodice[/li] +[li]sirius[/li] +[li]Charles[/li] +[li]Tony Baldwin[/li] +[li]Hauke Zuehl[/li] +[li]Keith Fernie[/li] +[li]Anne Walk[/li] +[li]toclimb[/li] +[li]Daniel Frank[/li] +[li]Matthew Exon[/li] +[li]Michal Supler[/li] +[li]Tobias Luther[/li] +[li]U-SOUND\mike[/li] +[li]mrjive[/li] +[li]nostupidzone[/li] +[li]tonnerkiller[/li] +[li]Antoine G[/li] +[li]Christian Drechsler[/li] +[li]Ludovic Grossard[/li] +[li]RedmatrixCanada[/li] +[li]Stanislav Lechev [0xAF][/li] +[li]aweiher[/li] +[li]bufalo1973[/li] +[li]dsp1986[/li] +[li]felixgilles[/li] +[li]ike[/li] +[li]maase2[/li] +[li]mycocham[/li] +[li]ndurchx[/li] +[li]pafcu[/li] +[li]Simó Albert i Beltran[/li] +[li]Manuel Reva[/li] +[li]Manuel Jiménez Friaza[/li] +[/list]
\ No newline at end of file diff --git a/doc/developer/api_zot.md b/doc/developer/api_zot.md index d46cc8860..d75012818 100644 --- a/doc/developer/api_zot.md +++ b/doc/developer/api_zot.md @@ -1,3 +1,43 @@ +### What is Zot? + +Zot is the revolutionary protocol that powers $Projectname, providing **communications**, **identity management**, and **access control** across a fully **decentralised** network of independent websites, often called "the grid". The resulting platform is a robust system that supports privacy and security while enabling the kind of rich web services typically seen only in centralized, proprietary solutions. + +#### Communications + +Communications and social networking are an integral part of the grid. Any channel (and any services provided by that channel) can make full use of feature-rich social communications on a global scale. These communications may be public or private - and private communications comprise not only fully encrypted transport, but also encrypted storage to help protect against accidental snooping and disclosure by rogue system administrators and internet service providers. + +Zot supports a wide array of background services in the grid, from friend suggestions to directory services. New content and data updates are propagated in the background between hubs across the grid according to access control lists and permissions specified by both sender *and* receiver channels. Data is also synchronized between an arbitrary number of channel clones, allowing hub members to access data and continue collaborating seamlessly in the event that their primary hub is inaccessible or offline. + +#### Identity + +Zot's identity layer is unique. It provides **invisible single sign-on** across all sites in the grid. + +It also provides **nomadic identity**, so that your communications with friends, family, and or anyone else you're communicating with won't be affected by the loss of your primary communication node - either temporarily or permanently. + +The important bits of your identity and relationships can be backed up to a thumb drive, or your laptop, and may appear at any node in the grid at any time - with all your friends and preferences intact. + +Crucially, these nomadic instances are kept in sync so any instance can take over if another one is compromised or damaged. This protects you against not only major system failure, but also temporary site overloads and governmental manipulation or censorship. + +Nomadic identity, single sign-on, and $Projectname's decentralisation of hubs, we believe, introduce a high degree of degree of **resiliency** and **persistence** in internet communications, that are sorely needed amidst global trends towards corporate centralization, as well as mass and indiscriminate government surveillance and censorship. + +As you browse the grid, viewing channels and their unique content, you are seamlessly authenticated as you go, even across completely different server hubs. No passwords to enter. Nothing to type. You're just greeted by name on every new site you visit. + +How does Zot do that? We call it **magic-auth**, because $Projectname hides the details of the complexities that go into single sign-on logins, and nomadic identities, from the experience of browsing on the grid. This is one of the design goals of $Projectname: to increase privacy, and freedom on the web, while reducing the complexity and tedium brought by the need to enter new passwords and login names for every different sight that someone might visit online. + +You login only once on your home hub (or any nomadic backup hub you have chosen). This allows you to access any authenticated services provided anywhere in the grid - such as shopping, blogs, forums, and access to private information. This is just like the services offered by large corporate providers with huge user databases; however you can be a member of this community, as well as a server on this network using a $35 Rasberry Pi. Your password isn't stored on a thousand different sites, or even worse, only on a few sites like Google and Facebook, beyond your direct control. + +You cannot be silenced. You cannot be removed from the grid, unless you yourself choose to exit it. + +#### Access Control + +Zot's identity layer allows you to provide fine-grained permissions to any content you wish to publish - and these permissions extend across $Projectname. This is like having one super huge website made up of an army of small individual websites - and where each channel in the grid can completely control their privacy and sharing preferences for any web resources they create. + +Currently, $Projectname supports access control for many types of data, including post/comment discussion threads, photo albums, events, cloud files, web pages, wikis, and more. Every object and how it is shared and with whom is completely under your control. + +This type of control is trivial on large corporate providers because they own the user database. Within the grid, there is no need for a huge user database on your machine - because the grid **is** your user database. It has what is essentially infinite capacity (limited by the total number of hubs online across the internet), and is spread amongst hundreds, and potentially millions of computers. + +Access can be granted or denied for any resource, to any channel, or any group of channels; anywhere within the grid. Others can access your content if you permit them to do so, and they do not even need to have an account on your hub. + ### Zot API The API endpoints detailed below are relative to `api/z/1.0`, meaning that if an diff --git a/doc/toc.html b/doc/toc.html index b8816ed91..272f43c7e 100644 --- a/doc/toc.html +++ b/doc/toc.html @@ -7,7 +7,8 @@ </div> <div id="about" class="panel-collapse collapse in"> <ul class="list-group"> - <li class="doco-list-group-item"><a href="/help/about/about_hubzilla">Hubzilla project</a></li> + <li class="doco-list-group-item"><a href="/help/about/about_hubzilla">About Hubzilla</a></li> + <li class="doco-list-group-item"><a href="/help/about/hubzilla_project">Hubzilla project</a></li> <li class="doco-list-group-item"><a href="/help/about/about_hub">About this hub</a></li> </ul> </div> @@ -47,7 +48,7 @@ <div id="developers" class="panel-collapse collapse in"> <ul class="list-group"> <li class="doco-list-group-item"><a href="/help/developer/developer_guide">Guide</a></li> - <li class="doco-list-group-item"><a href="/help/developer/api_zot">Zot API</a></li> + <li class="doco-list-group-item"><a href="/help/developer/api_zot">Zot Protocol and API</a></li> </ul> </div> </div> |