what I think would be cool: an ipfs/dat site with an index.html that looks like this:
<!doctype html>
<script src="ipfs://mypfs.com/explorer.js@3.0.0"></script>
<script>exploreArchive('ipfs://pauls-public-files.com')</script>
or like this:
<!doctype html>
<script src="dat://mydat.com/explorer.js@3.0.0"></script>
<script>exploreArchive('dat://pauls-public-files.com')</script>
an explorer.js
app, at version 3, is loaded from dat/ipfs.
it provides the exploreArchive
method, which (let's say) creates a file-browser gui and loads up the url I passed in.
then, the protocol is accessed by the clientside js to fetch and explore my public file repo.
so this is demonstrating...
- dat/ipfs acting as a secure p2p cdn
- shortname lookup
- versioning (by semver)
- API access to the protocols, from the clientside js
I guess when es6 modules are working, we might also be able to do this?
```html
<!doctype html>
<script>
import exploreArchive from 'dat://mydat.com/explorer.js@3.0.0'
exploreArchive('dat://pauls-public-files.com')
</script>
which is even cleaner!
so what do we need for this to happen...
Dat and IPFS have the basic behaviors we need here, and dat is already integrated as a protocol. IPFS is underway. No problem there.
IPFS has DNS TXT record lookup, which maps to the hash/public-key. Dat can/should? do the same. But, it's important we authenticate the records!
I looked into DNSSEC. The criticisms dont concern me. dnssec is what I'd recommend if nothing else existed (we just need to authenticate the registry's responses).
the alternative is authentication at another layer, like with TLS. It's too early to know if that'll happen for dat/ipfs, but-- the important bit is, either DNSSEC or the other layer will happen, and so we can safely move forward with DNS TXT records if we want to.
I know the dat protocol is designed for versioning, though I don't know the details yet. I think IPFS does as well?
I like semver. I like the idea of being able to put semver tags (or even semver ranges?) in the dat/ipfs URL. can we do that?
obviously, no requests happen if the information is locally cached. but, on first query, or if there's a semver range, or no semver tag at all, then the p2p network will be queried for updates. also, DNS will reveal the lookups.
I dont know the privacy properties of the p2p networks. I'd guess that a query is pretty open, because query-success is the top priority. in which case the reader-privacy profile isn't very good, is it? because your announcing to the whole network what you're looking for.
what's the dat story for reader privacy? what about ipfs?
chat transcript RE dat: