[Freedombox-discuss] Relationship driven privacy

[Mike Macgirvin]

Friendika was mentioned in this thread but in a different context, so I 
wanted to point out what we do for profile personas. There may be some 
ideas you can use. It's a distributed system, but has multiple profiles. 
You can tailor any profile for any person or group of people.

There is a default public profile. You can make this as sparse as you 
wish. Maybe just your name and what country you live in.

Then you can add richer information specifically for different friends 
or groups. Some people might be able to see your email address. Others 
might be able to see your hobbies. Bu rather than control visibility of 
individual profile fields, you can instead build complete profiles 
specific to any audience - and have completely different contents in any 
of the fields - if you wish. To the ladies you can be a jet pilot, while 
your co-workers will see the truth. You can also clone any existing 
profile if you only want to change one thing for a particular audience 
but leave the rest the same.

We make these available to individuals due to DFRN's authentication 
scheme. It's a dual-authenticated PKI exchange which establishes the 
identity of both sides of the communication stream - and in the case of 
profiles can then issue a browser cookie giving you a 'visitor id', 
which gives you certain rights on the remote system. You can post to 
your contact's profile wall and leave comments there, you can view 
private photos, and you can be assigned a profile specific to you.

(No other distributed social service has these abilities that I'm aware 
of.)

There are no password challenges between sites. No OAuth crap. All the 
visitor does is click on a profile link, and they are taken to the 
correct profile that they are allowed to see. Any failures in 
authentication take them to the default profile.

It's a pretty slick system.