#indieweb

2012-03-28

# barnabywalters joined the channel
# paulbooker joined the channel
# elf-pavlik joined the channel
# paulbooker joined the channel
# paulbooker joined the channel
# davida joined the channel
# danbri joined the channel
# davida joined the channel
# davida joined the channel
#
Loqi
[[Special:Log/newusers]] create2 * 64.236.138.3 * created new account User:Mediajunkie.com
#
mediajunkie.com
created /User:Mediajunkie.com (+22) "Created page with 'aka christian crumlish'" (view diff)
#
mediajunkie.com
edited /2012/Guest_List (+364) "/* Creators */" (view diff)
#
mediajunkie.com
edited /2012/Guest_List (-4) "/* Creators */" (view diff)
#
mediajunkie.com
edited /projects (+46) "/* WordPress */" (view diff)
# tantek joined the channel
# danbri joined the channel
# davida joined the channel
# danbri joined the channel
# tilgovi joined the channel
# davida joined the channel
# josephboyle joined the channel
# davida joined the channel
# tantek joined the channel
# davida joined the channel
#
Loqi
[http://twitter.com/BarnabyWalters] Making sense of the tangled mess of update/status/note/tweet content types #indieweb http://t.co/GXa8oycS
# BarnabyWalters joined the channel
# spinnerin_ joined the channel
# paulbooker joined the channel
# davida joined the channel
# davida joined the channel
# hober2 joined the channel
# dietrich_ joined the channel
# tantek joined the channel
# barnabywalters joined the channel
#
tantek
this is an interesting high-level article that touches on some of the same problems that the indieweb is addressing: http://boagworld.com/usability/are-you-forcing-your-users-into-social-silos/ via barnabywalters
#
barnabywalters
he makes some good points. The blog/forum interaction is something I've suggested to a few people but has never been implemented. I'd do it but I've never had a need
#
tantek
barnabywalters, I'm fairly convinced from a few key experiences that I don't want general open comments on my site. I *may* implement a whitelist based commenting system at some point.
#
barnabywalters
it's something I'm deliberating over at the mo
#
tantek
i.e. if you're on my blogroll, or I follow you on Twitter, then you can comment. that kind of thing.
#
barnabywalters
my plan is to pull in responses from the cloned content on related networks - on my scale it will be easy to manage
#
tantek
the average person, even the average friend of a friend, or following of a following, cannot really be trusted to not be trolling. some people I follow on Twitter themselves follow some trolls for example.
#
barnabywalters
And it's too much trouble to moderate everything. Hmm
#
tantek
yeah, pulling in responses from cloned content (what I call reverse-syndication in my diso2 summary) is a good approach.
#
tantek
right moderation is a pain
#
tantek
I don't want to even have to waste time moderating
#
barnabywalters
I call it backfeedback :)
#
tantek
hah - awesome
#
tantek
I kind of want to treat comments on my site like comments in my living room. I have to have already trusted you well enough to let you walk into my house, and hang out and have a conversation.
#
tantek
If I don't know you or feel comfortable with you, then you're likely not getting invited into my living room.
#
tantek
with some notable exceptions, like a sweetheart of a friend etc. (per XFN)
#
tantek
or perhaps even a date of a friend
#
barnabywalters
one thing that did occur to me was the domain messaging system that's mentioned somewhere on indiewebcamp
#
tantek
oh yeah - that's a fun hack that aaronpk and I thought up last year
#
barnabywalters
it sends a ping back to the supposed originating server to check to see if it's a legit message
#
tantek
right
#
barnabywalters
I thought it could be applied to commenting
#
tantek
it could be applied to lots of things
#
barnabywalters
better than trackback as it provides a more consistent interface
#
tantek
we thought about it as a building block
#
tantek
to build on
#
tantek
right
#
tantek
similar to pingback though
#
tantek
btw I like your thorough analysis of what portions of the post-type schema work for you and your site: http://waterpigs.co.uk/musings/post/post-type-schema
#
barnabywalters
yes, but potentially without the spam problems
#
barnabywalters
cheers, I've been using my site as a semi-wiki to document stuff as I go along, in case it can help others
#
tantek
great idea - really enjoying your thinking out loud
#
barnabywalters
helps me get things in order too — I had 'status' marked down as a content type until I actually wrote about it
#
aaronpk
yes great writeup! I really enjoy seeing this stuff written more
#
tantek
status is an odd one for sure
#
tantek
in my experience it requires in-person discussion before it makes sense
#
tantek
I'm still suspicious of its utility
#
barnabywalters
I'm still undecided about status vs note
#
tantek
but I have a few possible uses
#
tantek
statuses aren't notes, statuses tend to have some sort of temporally decaying relevance. that's the key insight.
#
barnabywalters
I'm determined that there should be something (preferably note) for meaningful articles without structure
#
tantek
right, that's note
#
tantek
I write long notes sometimes
#
tantek
status is more like IM status
#
tantek
like "away" or "on the phone"
#
barnabywalters
Well, I thought that for a while — but then where does all the nonsensical rubbish people post on twitter go?
#
barnabywalters
It has entertainment value, after all
#
barnabywalters
not meaningful enough for a note, but too wordy for the use of status you're proposing
#
tantek
I think the twitter nonsense you speak of is more note-like than status-like in general
#
tantek
though some folks do use twitter to post statuses
#
tantek
e.g. eating a cheese sandwich
#
tantek
would qualify as a status, its meaning/relevance decays with time.
#
tantek
the "shouts" on foursquare checkins are also statuses
#
tantek
as they're also typically only temporarily relevant
#
barnabywalters
okay, not familiar with those but I see the theme — statuses are extremely short (nanoblogging?) and decay very quickly
#
barnabywalters
but the difference between a status-note and an article-note is too large for me to consider them equal
#
barnabywalters
e.g. I would serve article-notes in a blog-type feed, but not status-notes
#
barnabywalters
well, signing off now. Bye for the mo.
# josephboyle joined the channel
# josephboyle1 joined the channel
# danbri joined the channel
# davida joined the channel
# danbri joined the channel
# danbri joined the channel
# davida joined the channel
# danbri joined the channel
# spinnerin_ joined the channel
# spinnerin joined the channel
# spinnerin joined the channel
# brennannovak joined the channel
# davida_ joined the channel
# davida joined the channel
# davida joined the channel
#
aaronpk
indieauth success!!!
#
aaronpk
"Congrats! You've signed in as aaronparecki.com."
# tantek joined the channel
#
aaronpk
tantek: just got the basis of IndieAuth working!!
#
tantek
WOOT!
#
Loqi
giggles
#
tantek
some sort of relmeauth verification service? or just the rel-me part?
#
aaronpk
so far it does the relmeauth verification, the next step is to store the session somewhere and hand off a token to the site that requested the login
#
aaronpk
the premise is this: you direct your users to http://indieauth.com/auth?me=aaronparecki.com&redirect_uri=http://example.com/indieauth
#
aaronpk
indieauth.com does the relmeauth verification, does the OAuth process, and redirects the user back to:
#
aaronpk
http://example.com/indieauth?token=XXXXXXXXX
#
tantek
does that require that the calling application divulge it's OAuth secret to to indieauth.com though?
#
tantek
its
#
aaronpk
nope, it'll be handled by an IndieAuth app for each service
#
tantek
seems like a bit of a chokepoint vulnerability
#
aaronpk
then you can use the token to ping indieauth.com/verify?token=XXXXXX and if it's known, you'll get back the domain name of the user
#
aaronpk
so basically it's a way for example.com to verify the identity of any user by their domain name without having to write any oauth code. obviously example.com wouldn't have any authorization to do anything with the user's accounts (can't read tweets, whatever), which is probably a good thing anyway
#
aaronpk
it's just the identity/authentication part of the picture, not the authorization. it seems like a reasonable replacement for OpenID
#
aaronpk
the other nice thing is that anyone can run this indieauth service on their own systems and put in their own app credentials if they wanted. I'll just have one version of it running on indieauth.com for people who don't want to go to the trouble of setting it up themselves!
#
aaronpk
alright that's all for tonight, see you tomorrow!
#
tantek
ah ok - for auth-only this is a good bootstrap
#
tantek
I guess the key I found is the ability upgrade permissions to read or readwrite
#
tantek
but that's only for Falcon like syndication access
#
tantek
perhaps for web-sign-in, an auth-only service is sufficient!
(or join via IRC, Matrix, or Slack)