Tuesday, January 03, 2012

The unhosted project

A 5 minute speed talk on the unhosted project. I am not a big fan of the unhosted project in its current form however I can see some good coming from the project so I would keep an eye on it.

The below speech is given by the guys form the unhosted project and is offering an insight in the project within the 5 minute time boundary set for the speed talks at the CCC 28C3 conference. One interesting thing you might want to dive into is that they state that you can use browser ID instead of Open-ID which I think might want to take a look at when you are developing web applications and security around web applications.

Web applications usually come with storage attached to it, users can not choose where their data is stored. Put plainly: You get their app, they get your data. We want to improve the web infrastructure by separating web application logic from per-user data storage: Users should be able to use web services they love but keep their life stored in one place they control -- a »home folder« for the web. At the same time, application developers shouldn't need to bother about providing data storage. We also believe that freedom on the web is not achieved by freely licensed web applications running on servers you can't control. That's why applications should be pure Javascript which runs client-side, all in the browser. It doesn't matter if free or proprietary -- everything can be inspected and verified. Technically speaking, we define a protocol stack called remoteStorage. A combination of WebFinger for discovery, either BrowserID or OAuth for authorization, CORS (Cross-Origin Resource Sharing) for cross-domain AJAX calls and GET, PUT, DELETE for synchronization. We also work on its adoption through patching apps and storage providers.

No comments: