So, let's say Bob want to be friend of Alice..

He build an ActivityStream using verb 'request-friend', like<entry xmlns="http://www.w3.org/2005/Atom" xmlns:activity="http://activitystrea.ms/spec/1.0/">
<id>bob@example.com:activity/4352</id>
<activity:verb>request-friend</activity:verb>
<activity:object>
<id>bob@example.com</id>
<published>2009-11-02T15:29:00Z</published>
<displayName>Bob</displayName>
<link rel="alternate" type="text/html" href="http://example.com/profile/bob" />
<activity:object-type>person</activity:object-type>
</activity:object>
<activity:target>
<id>alice@example.com</id>
<published>2009-10-02T12:30:00Z</published>
<displayName>Alice</displayName>
<link rel="alternate" type="text/html" href="http://example.com/profile/alice" />
<activity:object-type>person</activity:object-type>
</activity:target>
</entry>
Put this in a salmon magic envelope and put that salmon in a zot message,like
<?xml version='1.0' encoding='UTF-8'?>
<zot:msg xmlns:zot='http://purl.org/zot/1.0'>
<zot:key>aSw45tyTy...</zot:key>
<zot:iv>qbcd56y...</zot:iv>
<zot:env>tyu76trf..</zot:env>
<zot:sig key_id="4k8ik...">EvGSD2v...</zot:sig>
<zot:alg>AES-256-CBC</zot:alg>
<zot:data type='application/magic-envelope+xml'>hY2N0OmpwYW5...[2]</zot:data>
</zot:msg>
Where <zot:env> decoded and decripted is
From: bob@example.com
Sender: bob@example.com
To: alice@example.com
I'm right?

That's it.

Yes.

There are three people involved in online social communications. There is the immediate message author, the top level message author (or "conversation owner"), and the message viewer.

If you reply to my post, you are the author of the reply. The top level post is on my profile wall so I am the owner. I have a right to share your comment/reply with others who are involved in the conversation, even though I did not write it. If I do so I will be the sender. You will always be the author of your post.

This also applies to "share" and "forward".

@Olivier Migeot - this is the important question and is really the reason behind a lot of what is in zot.

As the only (known) person on the planet to date that has achieved some level of federation between OStatus *and* Diaspora I know first hand the flaws and aspirations of both. I also have implemented a competing technology - and know its flaws. I also spent decades working on unified messaging in the email space - which gives me a perspective of many mistakes that were made in that realm.

For OStatus - this is a relatively minor upgrade, even if they only implement the salmon wrapper at first and use "To: *" on all the posts. Once that is done, they have the communications infrastructure for full privacy - whenever the statusnet backend is ready to make use of it.

For Diaspora, it fixes all the things which are broken in their similar implementation of crypto over salmon. Likewise if they only implement the common transport layer, they can continue using their custom crafted XML messages for every activity. They would just provide a different MIME-type on the embedded content on the short term. Again it offers a common path to converge in the future. I really don't see Evan ever implementing their flawed and standards-bashing protocol, though I can't speak for him. I think I could safely say that he would find it distasteful to be forced to implement stuff that's just plain wrong, as I needed to do to get Diaspora federation working.

For Friendika - we've got a way to provide private profiles and photos consistent with what we have today. Our easy wall-to-wall messaging is a unique feature.

For email - well this is where it gets interesting. I'm still working on it, but I hope you can appreciate that a marriage of the social web with email would be big. It would be huge.

It's a different transport model than XMPP, but might be able to inter-operate at the webfinger level. This also needs some thought as to how to make a service integration which is beneficial to all.

I almost forgot - we also would get some safety from incompatible changes in salmon, which have been very messy to fix. At the zot level we have versioning. If we tied zot versions to salmon incompatibilities, we would have a way to manage these better than "send three messages and see which one works".

Nothing to do with technical aspects, but I'm really getting tired of "Alice and Bob" (the "hello world" of messaging tutorials). How about "Amy and Bill," or "Anna and Brad," just for a change?

FYI: List of male names: http://www.census.gov/genealogy/names/dist.male.first

List of female names: http://www.census.gov/genealogy/names/dist.female.first

List of common surnames: http://www.census.gov/genealogy/names/dist.all.last

Just picked the first two from the Namethingy (which was originally seeded with the US census lists)

Bennett and Griselda

Nobody has used those in a tutorial before that I'm aware of...

I'm missing a step:
How Griselda find that a zot message is posted from Bennet?

Griselda is a recipient (in the to, cc, or bcc fields) and Bennett is the Sender (and perhaps the author/From).

The delivery process will take care of notifying Griselda once the message has been posted to her message store - this is outside the scope of zot.

This is an improvement over the current salmon practice, as the recipient is not named anywhere in the delivery process. It relies on a unique salmon endpoint for each person.

But we require the name in the envelope because this allows for "bulk delivery" - which is one of the complaints about switching to private delivery from OStatus, as the ability to use a PuSH hub for mass delivery is no longer present.

But the envelope is cripted with key and iv, wich are cripted with Bennett private key.
So the delivery process need to inform Griselda who is sending this, so Griselda can find Bennett public key.