We''re starting to see how open interoperability requirements might be a constructive way forward to reducing the harms potentially caused by oligopolies in the tech sector. This especially in EU, is one response to the DMA, and seems perhaps less painful than enforcing break up of big, successful, and sometimes innovative companies or their services.
However, if proposed platforms for interoperation are centralised, and they are in the least bit successful, e.g. for example in the domain of secure, group messaging, as in this IETF work, then those platforms will need to scale to the same size as a significant subset of users of the systems they interconnect, and that begs the question, "what is to stop them just becoming another one of the big few" or indeed, replacing several of them, leading to an even smaller gene pool. If they can solve the security and UX challenges in bridging all the services (and their meta-protocols/data like key management/onboarding, mutual trust management, spam/abuse management, etc etc), then they are as good or perhaps better than the sum of all their parts.
We can prevent this trend by simply designing the interoperability platform as a pure federation service, which is infrastructureless - it can run in clients only, or it can run as a classic P2P or decentralized service piggybacking on relatively inexpensive servers that many users have already deployed (e.g. use of raspberry pi for mastodon servers is already a thing, but given the separation of concerns, there's no reason not to run decentralised application protocol service on a (choice of ) centralised cloud providers (infrastructure-as-a-service providers, that is, not AAAS).
We have built another example of such a thing for digital identity called trustchain, as a proof-of-concept.
No comments:
Post a Comment