Short description of Trust-forum project

A new high-level infrastructure of Internet

Same low-level infrastructure (Web servers, routers, user browsers, http, SSL... whose possible upgrades are here out of subject).
But a new way of using it, combining the advantages of centralization and decentralization for the user's experience.

Approximative assumption. For the sake of simplicity of this description we shall here confuse

"Web server"
= "Web hosting company/organization"
= "Web site, identified by a given domain name"

even if that is of course not a rule : we shall focus on describing "at least one possible way for this all to work", without excluding other ways, up to every organization to offer them for the concern of its own users.

This will take the concrete form of a pack of open-source Web application software, that aims to be installed in any number of Web servers, mainly running on the server side, and that will bring the new experience to their users.
On the user side, all activities of users in the Network will be operated by the ordinary use of an ordinary Web browser.
Thus, users will not need to install any additional software on their computer, but optionally, installing a plug-in (extension ?) in the browser, will help some details to work in a more convenient manner.

We shall call here

"the Network"
= "the list of all those Web servers that have this software pack installed and are recognized as such by others".

This software pack aims to be non-exclusive, i.e. each host is free to install a modified version of that software and integrate it with its own additional applications.
Every server in the Network will have a list of all other servers of the Network with their respective (GPG) public keys.

Potentially, the Network aims to become the whole Web (expecting such software to be finally adopted by all Web servers).

User account and user identities

Nowadays, if a user wants to use 10 independent Web sites in ways that require authentication, he will need to create a different account (thus, 10 accounts) with their respective passwords ; these accounts have no link with each other, i.e. there is no certification that they belong to the same user. This can be seen as an advantage (if a user wants to have another activity anonymously) or a disadvantage (if trust and real identity is needed).

In the Network, user authentication will happen in a quite different way: each user only needs one account in one site of the Network, for all his authenticated Web activities at any other site of the Network.

Moreover, he can benefit anonymity by having several identities (pseudos) contained in the same account.

So, the following things must be clearly distinguished:

User account ≠ User identity ≠ User authenticated session
1 account = several identities (pseudos)

However, we shall make the approximative assumption

1 physical person = 1 account at only 1 server, called that user's "home site"

even if no technical rule will oblige this. Only the context of how all things will work, will result in the fact that, except for risks of breakdown or hacking (for which some procedures will be needed to link together the accounts of the same user at different sites), there will usually be no advantage for a physical person to create more than one account in the Network. Ultimately, the Network will be spread as something like, for example (still this is not a rule but a possible example of how things may work)

4 Billion users = (100,000 sites)*(40,000 accounts per site)
1 account = 1 or a few pseudo(s)
1 site = 50,000-100,000 pseudos

The user board (account's interface)

Now, let us describe how will navigate in the Network.

Sites of the Network maybe browsed by anonymous visitors in read-only mode. But when a user of the Network (with an account there) wants to do something in the Network that requires his authentication, the method will be the following:

First of all, the user must type, in the address bar of his browser, the url of his home site in the Network, where his account is hosted.
So he logs in to his home site, and accesses his board there.
His user account (board) at his home site, will be his starting place that will give him authenticated access to all other sites of the Network.

This account will :