Introducing the Weave Server 0.3 API

I’m excited to announce the first release of the Weave Server 0.3 API in support of the Firefox Weave client. We’re taking a more general look at the underpinnings of the entire project, both as a flexible enough system to allow us to do a ton with it in the future, but also with an eye to the massive scalability that we expect will eventually be required of the system.

To do this, we’ve defined what we’re calling the Weave Basic Object. This is a wrapper around all Weave items, providing information about storage and decryption of the payload contained within it. The payloads themselves can be any level of granularity, and we’ve done it this way to reflect the differing security requirements of the various data types that Weave stores. For example, from a security standpoint, storing encrypted bookmarks individually is probably fine, but storing passwords individually is less optimal. We’ll be working hard to get this model right.

As with past versions of Weave, we’ll be launching a prototype server in the next few days (once we’ve had time to incorporate feedback from the community). You’ll be able to install this on your own computers (get your PHP ready!) to mess around with the new system.

Security in Weave

The basic security and privacy principles remain the same. Payloads are generally encrypted client side, and while the Weave Basic Object Server itself will not handle authentication, there’ll be an authentication stage before you can even get to the data. Think of it like a more secure version of your email – it runs over https and there’s the standard password access required to get to your account, but with Weave the “messages” themselves are encrypted, and only you have the ability to read it. For extra security, you’ll even be able to use different keys to read different messages!


Sharing – the ability to share portions of your Weave data with selected others – is still an important part of the roadmap. However, it is not a part of this version, even though we were careful to write the API so that we’d be able to add it down the line.

Come share your feedback and thoughts on this new API to the Weave Forum.

About these ads

3 Responses to “Introducing the Weave Server 0.3 API”

  1. Weave 0.3 Prototype Server « Tapestry Says:

    […] Tapestry Building Weave « Introducing the Weave Server 0.3 API […]

  2. Mozilla Labs » Blog Archive » about:labs, issue 1 Says:

    […] Weave team is currently working on Ubiquity 0.3 and has recently released a proposed Server 0.3 API, along with a new server […]

  3. about:labs, issue 1 | about ICT Says:

    […] Weave team is currently working on Ubiquity 0.3 and has recently released a proposed Server 0.3 API, along with a new server […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

%d bloggers like this: