April 20th, 2004

classic beard


I've finally spent a couple of evenings and finished implementing
Trackforward. Vaguely related to "trackback", it is a list of all of my "outbound comments" - comments I've made in other weblogs and journals and discussion sites (the vagueness is meant to be inclusive - reviews I post on amazon are included, at least as an experiment.)

It doesn't include my own livejournal posts (not much point :-) but it does include comments I make on non-locked postings (it turns out that detecting the link to the locked/private posting icon seems to be good enough to tell the difference - I do save those posts, they're just not going in this public archive.)

What's the point? Well, I got to experiment with some more python language features... got more practice at drilling a vague idea down to an actual experiment... oh, and aside from serving as an "outbox" folder, and a way for people to see where I'm spending my time online, it provides a (currently somewhat vague) form of authentication - very weak, you currently have to trust (1) me not to edit the file (2) that you're actually reaching thok.org and getting the file directly (3) thok.org not being compromised. While one might choose to trust these at some human level, there's no rigor behind it - but there are technologies that can improve that. For example, simply feeding the page to a timestamping/signing service is enough to get non-repudiation, ie validation that I posted these at some point. Getting an SSL key signed by a well known authority would validate the channel to some extent. Trusting the machine itself... well, that's a professional skill thing, and I'll certainly admit there's a lot more to be done; perhaps this will be another kick towards trying harder and investigating the options for really secure web content more carefully.
  • Current Mood