

Namespacing the web for your photos - jmathai
http://blog.theopenphotoproject.org/post/10537443380/namespacing-the-web-for-your-photos

======
exhuma
Seems to me like they are reinventing UUIDs.

While UUIDs are not as "nice" to look at, they contain the same information
(origin, unique ID) as mentioned by the OpenPhoto guys.

Except v5 UUIDs which solely rely on random numbers.

~~~
jmathai
Granted it's not groundbreaking but it's attempting to make UUIDs "better".
For computers it doesn't really matter what an identifier looks like (minus
memory to store long strings, maybe). For users, it does matter.

Long UUIDs are just an artifact we've grown accustomed too. By no means are
they the ideal solution.

The type of namespacing OpenPhoto does doesn't apply to everyone either.
Sometimes you do need a UUID that isn't namespaced. Sometimes you don't.

------
rwolf
What are the access controls? Trivially guessable urls make the usual
"security through... hey look a pony!" more unsuitable than usual.

~~~
jmathai
The access controls are stored in the database as well. If the viewer is not
logged in then they see public photos. If they're logged in then they see
public photos plus photos they've been given access to.

~~~
rwolf
Whose database? Are you a service for syncing photos between third-party
photos services (in which case it's thier acls that matter), or another
attempt to become a centralized photo service (in which case why talk about
openness?).

Nice API != decentralized.

~~~
jmathai
Some more context. It's completely decentralized. Here's how.

The source for OpenPhoto is on Github (mobile and web clients) _. Anyone can
install the software on any server they want. The user then connects their
instance of OpenPhoto to their personal cloud account (think AWS or other).

There's no central repository or database. If you spin up an OpenPhoto
instance then I'll never know about it personally unless you send me a link to
it.

So the API is self contained as well. Your OpenPhoto instance has it's own API
and is an OAuth provider. You can use the mobile app to point it to your host
and it will take you through the OAuth flow requiring you to log in to your
site. We determine the "owner" by email address as part of the setup flow.

_ <https://github.com/openphoto/frontend>

