social.coop is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Fediverse instance for people interested in cooperative and collective projects. If you are interested in joining our community, please apply at https://join.social.coop/registration-form.html.

Administered by:

Server stats:

502
active users

My friend @n8fr8 of the Guardian Project likes to point at Signal's budget and say "yeah that looks big, but you know how much the government spends on each fighter jet?" and it's some unimaginably large number, like *hundreds* of millions of dollars per jet

Signal is the cost of a jet wing

Anyway we should give Signal the jet wing money

Can someone get @spritely some of the jet wing money?

Anyway you'd think if you were upset about the government "taking your tax money" you'd at least want to get something out of it and FOSS helps everyone so this is so frustrating

So that's all to say that I think the choice of these orgs is pretty interesting because when you say "oh a bunch of FOSS nonprofits host community infrastructure" we're not talking social.coop costs with a bunch of these we're talking jet wing money

It's really hard to get that jet wing money

Anyway I'll stop talking about the jet wing money I promise

jet wing money jet wing money jet wing money

Please give FOSS nonprofits jet wing money

But anyway THE POINT IS what kinda scale are we thinking about? What's your frame of reference? Fediverse co-op? Or Signal?

But speaking of running FOSS nonprofits I now have an EXCITING MEETING about administrative duties of running my FOSS nonprofit

So, it is time for a... MEETING BREAK (like, an hour)

Followed by a tea break. (like, 10 minutes)

==== MEETING AND TEA BREAK HERE ====

Okay, I'm back from my meeting. I also have tea.

We're about to get to the first REALLY substantial part, which is terminology. Is it fair to call Bluesky "decentralized" or "federated"?

Both @bnewbold and I provided definitions and we are going to COMPARE and ANALYZE

Before we go any further I am just gonna say, I miss hiding the easter eggs, but I don't think I can do that again

If you know anything about my projects you know that I love goblins. Have for a long time. When we launched MediaGoblin I would get people saying "nobody will ever like goblins"

WELL

Now we live in an era of "Goblincore" and people self-describing as Goblins

I am pleased. And I am pleased to be into Goblins before they were cool.

The Goblin theme continues at Spritely as you may know

But if you've read this far, let me know that you found Secret Goblin #1 😈

So, is Bluesky decentralized? Is it federated?

In my previous blogpost, I concluded that Bluesky was not either.

@bnewbold conceded that maybe Bluesky does not meet *my* definitions, but provides some alternative definitions, which maybe it does meet

Were my definitions too strong or unfair?

Bryan cites Mark's definition of *centralization* (which I hadn't defined!):

> [...] "centralization" is the state of affairs where a single entity or a small group of them can observe, capture, control, or extract rent from the operation or use of an Internet function exclusively.

Good so far!

However it's time to compare definitions of *decentralization*. First mine:

> Decentralization is the result of a system that diffuses power throughout its structure, so that no node holds particular power at the center.

I stand by this!

Now here is Bryan's definition (more accurately Mark Nottingham's definition (more accurately, Paul Baran's definition)) of decentralization:

> [Decentralization is when] "complete reliance upon a single point is not always required" (citing Baran, 1964)

Uh, hm... this seems... pretty weak?!

This definition of decentralization is so weak it may as well say "Users occasionally not rely on a central gatekeeper, as a treat"

It's pretty weak, and yeah Bluesky qualifies, but that's... I'm gonna be honest that's an *incredibly* weak definition by comparison

Let's look at the delta between my definition of decentralization and the one chosen by Bryan:
- The discussion of power dynamics, and diffusion thereof, is removed
- The "phrase complete" reliance is introduced, so incomplete reliance is now ok
- And not only that, now it's "not always required!"

In my previous blogpost I had expressed worry about moving the goalposts of "decentralization". That is *exactly* what's happening here, and what's being said is "if we weaken the definition dramatically, then Bluesky qualifies"

This is, IMO, not a very compelling look I've gotta say

Now you might notice this citation [Baran, 1964] and hey if you work on network things you might be thinking "Hey Christine, wait isn't this one of the seminal papers on networking which led to the internet?"

GOOD QUESTION LET'S COME BACK TO THAT

The context is CRITICAL.

Back to that in a moment.

Okay so "decentralization", maybe Bluesky qualifies if we use an unimaginably weaksauce definition that's so loose you don't even have to comply with it hardly at all?

So okay now let's compare definitions of "federation".

My definition:

> [Federation] is a technical approach to communication architecture which achieves decentralization by many independent nodes cooperating and communicating to be a unified whole, with no node holding more power than the responsibility or communication of its parts.

Bryan's definition (more accurately Mark Nottingham's definition):

> [...] federation, i.e., designing a function in a way that uses independent instances that maintain connectivity and interoperability to provide a single cohesive service.

Hm okay, well these don't look quite as far apart, right?

So what's the delta?

- The discussion of power dynamics, once again, is not present.
- "Cooperation" is not present.
- And very specifically, "decentralization" and "no node holding more power than the responsibility or communication of its parts" is not present.

Turns out this has a big effect.

Re-read and compare. Under that last definition, even corporate but proprietary internal microservice architectures or devops platforms would qualify as federated!

Maybe? But it's not federation in a *decentralization* context.

(That last observation is thanks to @vv btw, good observation from a good gf)

Bryan then acknowledges it's a comparatively low bar:

> What about federation? I do think that atproto involves independent services collectively communicating to provide a cohesive and unified whole, which both definitions touch on, and meets Mark's low-bar definition.

However, Bryan does concede the following:

> Overall, I think federation isn't the best term for Bluesky to emphasize going forward, though I also don't think it was misleading or factually incorrect to use it to date.

Well okay, actually that's quite the thing to concede, so massive props on that

Bryan also in that same paragraph goes on to mention some very interesting history about Bluesky's earlier prototypes and how the design changed. Worth reading btw. But that's an aside, kinda.

It seems that there might be more of a concession here that Bluesky isn't federated, so the bigger question really is whether or not it's decentralized.

I mentioned that the definition is interesting in context and BOY is it interesting in context, oh gosh oh boy

Hey remember earlier when I said this thing:

> now here is Bryan's definition (more accurately Mark Nottingham's definition (more accurately, Paul Baran's definition)) of decentralization

Did you notice all the parentheses? That's not JUST because I love lisp

I mean I do love lisp

But not only

We need to understand Mark Nottingham's RFC and we need to understand Paul Baran's seminal 1964 paper both, within the contexts they were written, before we can pull this quote-of-a-quote out.

So let's start with the RFC.

If you hear "Respected standards technologist Mark Nottingham's independent IETF RFC 9518: Centralization, Decentralization, and Internet Standards", what do you think you'll find inside?

I'll tell you what I'd expect

Rah rah decentralization!! The internet was meant to be free!!!

Well...

The surrounding context of the RFC is a debate within the IETF and elsewhere: gosh! this internet! it sure seems to have centralized a *lot*, is this really what we wanted to happen to it? This wasn't the original vision!

Shouldn't standards orgs do something to fix it?!

Well should they?

Mark Nottingham's own words answer better than I do, and you should read the RFC. It's not quite one way or the other. It's kind of a "well decentralization is great and yeah centralization is bad but how realistic is decentralizing things anyway and when?"

But Mark's own words handle it better

From the RFC:

> This document argues that, while decentralized technical standards may be necessary to avoid centralization of Internet functions, they are not sufficient to achieve that goal because centralization is often caused by non-technical factors outside the control of standards bodies. As a result, standards bodies should not fixate on preventing all forms of centralization; instead, they should take steps to ensure that the specifications they produce enable decentralized operation.

Let me emphasize a sentence there for you:

> standards bodies should not fixate on preventing all forms of centralization

That is the crux of this RFC

It's an interesting read, it's very thoughtful, it analyzes from many angles. It's worth reading! But that is the broad sweep of RFC 9518.

Mark examines centralization's effects from multiple angles. He has a *great* section called "Centralization Can Be Harmful". Covers the general ground.

But it's immediately followed by "Centralization Can Be Helpful"!

This is not a radical pro-decentralization RFC, is what I'm saying.

Mark does address the radicals:

> Many engineers who participate in Internet standards efforts have an inclination to prevent and counteract centralization because they see the Internet's history and architecture as incompatible with it.

So true bestie, that's me you're describing

While Mark analyzes both, his position is ultimately that of someone who does care about standards, but takes a kind of pragmatism that hey, look, decentralization, it's a great goal, but it's pretty hard, and maybe actually centralization is pretty helpful too, let's not go too wild here

The history of the internet and the web *is* of big dream believers making big strides. The internet has been moving away from that, and it's getting harder to participate in standards without being a big corporate player. (Trust me, I know *all too well.*)

So, *should* standards orgs do something?

As a side note on the thread on the other place, Bluesky dropped one of my replies and literally refuses to pull it up for me even though it acknowledges it's there

I have the worst time navigating replies on Bluesky, sometimes I send people threads and they say "I don't see the reply you're talking about there"

Dear god for all the claims of ATProto and Bluesky having a big deal of no missing replies it's really frustrating dealing with replies on Bluesky's UX

Anyway...

Christine Lemmer-Webber

Anyway Mark, tell us, what should standards orgs do?

> Centralization and decentralization are increasingly being raised in technical standards discussions. Any claim needs to be critically evaluated. As discussed in Section 2, not all centralization is automatically harmful. Per Section 3, decentralization techniques do not automatically address all centralization harms and may bring their own risks.

Note this framing: centralization is not necessarily harmful, decentralization may not address problems and may cause new ones.

Rather than a rallying cry for decentralization, it's a call to preserve the increasing status quo: yes, it's worrying large corporations are centralizing the internet, but should *standards* really be worried about that?

More from the RFC:

> [...] approaches like requiring a "Centralization Considerations" section in documents, gatekeeping publication on a centralization review, or committing significant resources to searching for centralization in protocols are unlikely to improve the Internet.

RFC, cotd:

> Similarly, refusing to standardize a protocol because it does not actively prevent all forms of centralization ignores the very limited power that standards efforts have to do so. Almost all existing Internet protocols -- including IP, TCP, HTTP, and DNS -- fail to prevent centralized applications from using them. While the imprimatur of the standards track is not without value, merely withholding it cannot prevent centralization.

RFC, cotd:

> Almost all existing Internet protocols -- including IP, TCP, HTTP, and DNS -- fail to prevent centralized applications from using them. While the imprimatur of the standards track is not without value, merely withholding it cannot prevent centralization.

RFC, cotd:

> Thus, discussions should be very focused and limited, and any proposals for decentralization should be detailed so their full effects can be evaluated.

Mark is not wrong that standards can't prevent centralization on their own! Mark's analysis of how many things end up re-centralizing is, overall, also largely correct!

However, I disagree in the present moment that standards orgs shouldn't be making decentralization concerns a *key priority*.

But Mark, to be fully fair, does examine several strategies, and their strengths and downfalls, of how we may enable decentralization.

However, the path that Mark most heavily leans into is "Enable Switching". Hm. Does that phrase sound familiar?

"Enable switching" from the RFC:

> The ability to switch between different function providers is a core mechanism to control centralization. If users are unable to switch, they cannot exercise choice or fully realize the value of their efforts because, for example, "learning to use a vendor's product takes time, and the skill may not be fully transferable to a competitor's product if there is inadequate standardization".

(cotd ...)

"Enable switching" cotd:

> Therefore, standards should have an explicit goal of facilitating users switching between implementations and deployments of the functions they define or enable.

Does this sound familiar? If so, it's because it's awfully close to "credible exit"!

As said, I think "credible exit" is a worthwhile goal. But it isn't participatory decentralization, on its own. The ability to *move away* is good, but what if your options are to choose between McDonalds and Burger King? Is that *sufficient*?

In particular, Mark is especially fair to highlight that email and XMPP are great examples of decentralized systems that either ended up centralizing in the case of email or failing to stay alive after the exit of a major player in terms of XMPP.

Mark's RFC has a lot of useful analysis. It does!

So I've given a lot of context for Mark's RFC: it's an RFC by a respected standards author who has a long history of participating in standards from major internet-based corporations. It worries a bit about centralization but overall downplays decentralization more than it plays it up IMO.

And this is important of course, because this is the RFC where the definition of "decentralization" being provided comes from!

Or wait, or is it? Oh right, the RFC cites another source for its definition!

It's time to examine Paul Baran's 1964 paper. The story is about to become more intense.

Except, like a 1990s sitcom, we're gonna cut to a break!

We'll be back... after

=== TEA BREAK 2: MY NOSE IS COLD ===

Alright I'm back from my tea break. But I have a confession for you.

I made hot chocolate instead.

But we are going to get into the second part of the unnecessarily thorough "decentralization" terminology deep dive I'm doing here in just a moment

Before we get into that it's also getting pretty late here and I have another confession to make to you, I was pretty hungry, so you know what I did? I stood in the kitchen and I ate hummus in the kitchen with a spoon over the sink

You have found Secret Goblin #2, judging me for my hummus shame 👿

When we last left off I was peeling back layers of the terminology onion and we have gotten to the inner layer (maybe it goes deeper, I guess terminology usually does but this is as far as we go)

It is time to examine "decentralization" in Baran 1964

Because I am being UNNECESSARILY thorough

So okay yeah it's very military-oriented but... but! The context for this paper is that Paul Baran is arguing for what eventually *becomes* networking as we know it. Baran says: let's use *cheap* equipment with *way less centralization that we've ever seen* and it'll be *better actually!*

And just imagine the *gall* of it: telling the *military* let alone the world oh you know how you love hierarchy? Well guess what, you know what's WAY better, something that's closer to cooperative anarchy, where there's a lot of cooperation lots of error-prone little guys

AND HE WAS RIGHT

@cwebber
I keep refreshing this thread like a mystery novel and the cliffhanger is making me ghasp

@cwebber

I love, how you're telling your story.

Especially, the little strides to the sides make it very entertaining to read, despite the length and the non-trivial content.

(I might have left enough stars in the process of reading to create you some annoyance - sorry).

It is truly fascinating (and worrying) how much power over real things arises from controlling the semantics of terms.

Needless to say, I align pretty much with your idea of "(de)centralisation".

@cwebber [ANNOUNCER VOICE]
Do you suffer from Nose Is Cold? Millions of people endure this condition every day.

Fortunately, Tea Break Industries has just released its breakthrough remedy: Cup Of Tea.

Cup Of Tea is hot, fresh, & available in caffeinated or non-caffeinated; with optional milk & sugar. It’s guaranteed to hydrate, invigorate, & warm your nose.
Look for Cup Of Tea in finer kitchens & break rooms everywhere.

[We now return you to our regularly scheduled Christine.]

@cwebber

You ate hummus without bread ????
You heathen !

@cwebber Isn't this part of the reason why the Internet became SO successful?

There is a lot of technology that is less centralization

@cwebber Also on how it could have ended up in implementation:
en.wikipedia.org/wiki/X.25

VC may be established using X.121 addresses. The X.121 address consists of a three-digit data country code (DCC) plus a network digit, together forming the four-digit data network identification code (DNIC), followed by the national terminal number (NTN) of at most ten digits.

en.wikipedia.orgX.25 - Wikipedia

@cwebber but seriously that’s such a good paper and it’s always a good day to reread it

@cwebber Mmmmm! The wife got me into making hummus from scratch, and I can't resist a good homemade hummus. 😋

@cwebber Second Secret Goblin doesn't judge, only nudges you to share hummus

@cwebber the Hummus Goblin knows what you did :dragneyes:

Found Secret Goblin #2!

@cwebber given the choice I'd choose hot chocolate too. ☕

@cwebber This thread is so long it's like LOST or The 100 I want to so much know how it continues but its past midnight here in Europe and I gotta sleep I'll binge the rest tomorrow. Thanks Christine for writing this!

@cwebber Side note, for personal fun: I tried to get some changes in.

github.com/mnot/avoiding-inter

Some success, but not quite all I wanted. I guess that came too late.

Also/independently, Mark's on fedi (not tagging him), so you could ask him about this.

Internet-Draft about avoiding internet centralization - Pull requests · mnot/avoiding-internet-centralization
GitHubPull requests · mnot/avoiding-internet-centralizationInternet-Draft about avoiding internet centralization - Pull requests · mnot/avoiding-internet-centralization

@cwebber It is true decentralization causes it's own issues. However, these issue are can be solved.