#indiewebcamp 2014-04-01

2014-04-01 UTC
pauloppenheim joined the channel
#
snarfed
how's the weather in reykjavik?
#
@cryptocoinage
RT @lightcoin: Lots of cool stuff added since the last time I checked out the @redecentralize website http:///about/ #p2p #indieweb
(twitter.com/_/status/450789178109095936)
kbs and tantek joined the channel
#
kbs
KevinMarks: [just re-reading logs] thanks for the info on the social graph api
#
kbs
makes sense. Seems like identengine was just leveraging the work already done by it. At any rate, have also re(implent|discover)ed the trick for my little experiment as well.
#
@Hermetec
RT @lightcoin: Lots of cool stuff added since the last time I checked out the @redecentralize website http:///about/ #p2p #indieweb
(twitter.com/_/status/450799139375165440)
paulcp, scor, kbs, lukebrooker_, lukebrooker, snarfed, caseorganic and jedahan joined the channel
#
kylewm.com
edited /Getting_Started (+3) "/* Personal Domain */ linkify 'domain name registrar'"
(view diff)
#
kylewm.com
edited /domain_name_registrar (+435) "/* Criteria */ copy some info about domain name privacy from 'Getting Started'"
(view diff)
#
kylewm.com
edited /domain_name_registrar (+390) "/* Criteria */ add detail to the criteria section"
(view diff)
tilgovi joined the channel
#
kylewm.com
edited /domain_name_registrar (+355) "/* Registrars */ info on godaddy (i.e., why you should choose anyone else)"
(view diff)
tantek joined the channel
#
kylewm.com
edited /Getting_Started (+385) "/* Post Once Syndicate Everywhere */ changed acronym definition to match up with POSSE page, added encouragement for non-programmers/silo-API-divers"
(view diff)
#
kylewm.com
edited /Getting_Started (+388) "/* Add h-entry to your posts */ emphasize that, once you have microformats, you can create indie comments without writing code or even resorting to cURL"
(view diff)
scor, jsilvestre, netweb and rtaibah joined the channel
#
@redecentralize
RT @lightcoin: Lots of cool stuff added since the last time I checked out the @redecentralize website http:///about/ #p2p #indieweb
(twitter.com/_/status/450890716731166720)
Jihaisse joined the channel
#
@Zeipt
RT @lightcoin: Lots of cool stuff added since the last time I checked out the @redecentralize website http:///about/ #p2p #indieweb
(twitter.com/_/status/450891655043088385)
voxpelli, caseorganic, melvster, LauraJ, krendil, friedcell, bnvk, jonnybarnes, Sebastien-L and tobiastom joined the channel
rtaibah joined the channel
#
rtaibah
Quick question, what is the community’s opinion on Mozilla Personas?
#
voxpelli
rtaibah: I think the community prefers an approach like IndieAuth, see eg. http://indiewebcamp.com/Web_sign-in
#
rtaibah
voxpelli: yeah I implemnted that already, was just wondering. Did not find any reference to it on the website
ttepasse, barnabywalters and voxpelli joined the channel
#
KevinMarks
I think indieauth supports persona
#
voxpelli
KevinMarks: oh, you’re right: https://indieauth.com/
#
voxpelli
but it doesn’t really fit with the general idea of RelMeAuth / Web sign-in, does it?
#
pdurbin
voxpelli: why not?
#
KevinMarks
well, persona is email based
#
voxpelli
pdurbin: RelMeAuth is based on rel-me links back and forth between web sites to confirm a unified identity
#
voxpelli
and e-mails can’t do links and thus can’t link back to confirm that it is part of a unified identity
#
KevinMarks
right, but persona can verify the email
#
KevinMarks
same as the SMS support can verify that
#
voxpelli
(unless you want to go down the WebFinger route, but that’s not so in line with the IndieWeb spirit)
#
bnvk
According to the webmention protocol MUST a publishing source have their mention formatted like: "@username of the target at start of message" as well as sending the mention to the appropriate domain?
#
pdurbin
hmm. yeah. lots of criticism at http://indiewebcamp.com/WebFinger
#
bnvk
or is simply sending "the target a message like this" acceptable?
#
KevinMarks
could also use WebFist
#
voxpelli
bnvk: as long as there is a link to the target WebMention itself doesn’t really care, it’s more of a matter of what’s best practice from an IndieWeb / h-entry perspective
rtaibah joined the channel
#
bnvk
hrm, interesting... i'm considering publishing UI implications
#
voxpelli
KevinMarks: that’s cool – I think there’s a usecase that it solves when it comes to discovery for such identities
CheckDavid, ttepasse, eschnou, pasevin, rtaibah, cweiske and bnvk joined the channel
#
bnvk
so is the preferred nomenclature for a thread (on my site) which is a response to someone elses post:
#
bnvk
1 - Reply Context
#
bnvk
2 - New Status
#
bnvk
3 - Comment
#
bnvk
4 - Comment
#
bnvk
or is it better to just treat each post (reply / comment) like it's own new status
scor, pfenwick and eschnou joined the channel
#
barnabywalters
bnvk: you’re talking about threaded conversation threads? replies to replies in a thread?
#
barnabywalters
that’s an issue which has yet to be solved well
#
bnvk
gotcha
#
bnvk
glad to see I'm bringing up all sorts of things that haven't been brought up before :)
#
barnabywalters
there has been a bunch of brainstorming about it but not much implementation
#
bnvk
is there a page on the wiki?
#
barnabywalters
at the moment everyone’s using the twitter model of every response being a standalone thing
#
barnabywalters
which is fine, but actually *displaying* them is another thing
#
barnabywalters
hrm, I know there was a page, can’t find it…
#
barnabywalters
ah, here it is
#
bnvk
cool
#
bnvk
takk
#
voxpelli
something to keep in mind is approaches like mine in https://webmention.herokuapp.com/ – embedding comments through javascript
#
voxpelli
usually js-created HTML isn’t very indiewebby, but for comments aggregated from elsewhere I think it is
#
voxpelli
but affects the possible approaches barnabywalters linked to
gRegor`, j12t and scor joined the channel
#
KevinMarks
you know what's annoying? when makefiles only work if you don't have any spaces in your directory names
#
KevinMarks
voxpelli: that looks interesting, as I have static pages
#
voxpelli
KevinMarks: feel free to sign up and send me feedback :)
eschnou joined the channel
#
bnvk
!tell chloeweil I met your friend Cirilia here in Iceland yesterday :)
#
Loqi
Ok, I'll tell them that when I see them next
rtaibah and snarfed joined the channel
#
KevinMarks
OK, I put it on kevinmarks.com at root
#
KevinMarks
(not on each page as they don't use templates yet)
#
ben_thatmustbeme
well i found all the stupid pokemon... thank you google maps for making me waste my time
#
ben_thatmustbeme
it was fun though
#
barnabywalters
ben_thatmustbeme: pokemon on real maps? link?
#
ben_thatmustbeme
open google maps app on android (i'm not sure if its on IOS or not)
Sebastien-L joined the channel
#
ben_thatmustbeme
and just go to the googleplex for example
#
barnabywalters
ah, no mobile device :(
#
barnabywalters
how does it work? you fight them or just find them?
#
KevinMarks
ok, someone webmention me...
#
barnabywalters
KevinMarks: on it!
#
barnabywalters
KevinMarks: taproot thinks you’re scott jenson: http://waterpigs.co.uk/notes/4VMERE/
#
KevinMarks
oh, I only put it on the top level at kevinmarks.com
#
KevinMarks
'cos my staic site is very static indeed
#
ben_thatmustbeme
barnabywalters, just find them
KevinMarks2 joined the channel
#
barnabywalters
KevinMarks: okay, sent. I got a response saying {"pending":true,"message":"WebMention accepted"}
#
ben_thatmustbeme
i really need to get my site working, unfortunately real work is getting in the way this week
#
barnabywalters
ben_thatmustbeme: real work and pokemon ;)
#
KevinMarks2
So how do I know when to reload?
#
voxpelli
KevinMarks2: Should be fetched pretty much right away
#
barnabywalters
hrm, it does not seem to be in there
#
KevinMarks2
Hmm. Wonder if I typoed the JS
#
barnabywalters
no, it’s because I left the www out I think
#
@kevinmarks
@gigastacey nice indieweb thinking. My boys used blogger when younger
(twitter.com/_/status/451004672031985665)
#
barnabywalters
KevinMarks: okay but your account is registered without the www
#
barnabywalters
I see my mention in there!
#
barnabywalters
note that, like webmention.io, this will not show you mentions sent to kevinmarks.com without the www, or without a trailing slash
#
ben_thatmustbeme
baranbywalters: nah, finished the pokemon
#
voxpelli
hmm, yeah, a problem that www.example.com and example.com is two different URL:s
#
barnabywalters
taproot keys webmentions off resolved paths, independant of trailing slashes or domains or query strings and similar
#
barnabywalters
e.g. if you send a webmention to www.waterpigs.co.uk/notes/1000, the target key for that mention will be “/notes/1000/“
#
barnabywalters
i.e. taproot fetches the target URL of the webmention, follows all redirects and takes the path of the original
#
voxpelli
for me that would make it impossible to use with eg. github pages where each subdomain is different
#
voxpelli
but would probably be good to resolve the target URL
#
barnabywalters
voxpelli: resolving should fix both cases, as ideally a website should redirect to/from it’s www. variant
#
barnabywalters
the only reason I didn’t include the host in the key is to make local testing easier, and to save a batch conversion if I ever move domains
#
ben_thatmustbeme
hmm, so what ways are there to verify microformats on my site. bridgy just says it cannot parse my site and no explanation why
#
barnabywalters
ben_thatmustbeme: http://indiewebify.me has some tools
#
snarfed
ben_thatmustbeme: you can also click on the log links on your bridgy user page to see the gory details of what it parsed
#
barnabywalters
and http://pin13.net/mf2/ and http://waterpigs.co.uk/php-mf2 allow you to parse arbitrary HTML by URL or raw entry and see the JSON produced
#
snarfed
the "X ago" links under "Recently published"
#
barnabywalters
snarfed: any chance you could link to http://microformats.org/wiki/validators from that error message?
#
barnabywalters
should I add an issue
#
snarfed
good point, will do. no worries, not big enough for an issue, but thanks though
cweiske joined the channel
#
voxpelli
barnabywalters: just noticed btw that your post http://waterpigs.co.uk/articles/problems-with-hash-fragment-subscriptions/ didn’t ping the Superfeedr blog correctly
#
KevinMarks
do I need it to be https?
#
barnabywalters
voxpelli: oh dear, how so?
#
voxpelli
barnabywalters: don’t now what the cause is, but perhaps you sent a relative URL as the source? Can’t really tell from the logs right now
#
barnabywalters
ah yes it’s likely that that’s an issue
#
barnabywalters
because whenever I POSSE an article the tweet has a relative URL in and I haven’t fixed it yet :)
#
barnabywalters
I’ll do that now
#
KevinMarks
so kevinmarks.com redirects to www.kevinmarks.com
#
voxpelli
KevinMarks: Apparently I treat the https and http URL:s as being different as well, that’s a bit excessive of me
#
barnabywalters
voxpelli: fixed and resent. Thanks!
tahnok joined the channel
#
ben_thatmustbeme
oy, looks like i'm going to have to walk through the creation of my webmentions stuff carefully
#
barnabywalters
!tell tantek I see you’ve set a rel-hub URL on your homepage — do you publish updates for it (i.e. the HTML) or rely on the hub polling for changes?
#
Loqi
Ok, I'll tell him that when I see him next
tantek joined the channel
#
Loqi
tantek: barnabywalters left you a message 23 minutes ago: I see you’ve set a rel-hub URL on your homepage — do you publish updates for it (i.e. the HTML) or rely on the hub polling for changes?
snarfed joined the channel
#
tantek
barnabywalters: I do publish updates to the hub but unfortunately only PuSH 1.0 - which uses my atom feed /updates.atom
#
tantek
everytime I heard the HTML PuSH 2.0 explanation it sounded way too complicated.
#
tantek
PuSH is ripe for simplification the same way Pingback was.
#
barnabywalters
ah okay — I subscribed to your homepage but should have detected that you didn’t have a rel=self link, so weren’t using PuSH 0.4
#
barnabywalters
that’s another thing to add to the pre-subscription checks
benprew joined the channel
#
KevinMarks
!tell voxpelli only one url per github account?
#
Loqi
Ok, I'll tell them that when I see them next
#
@IndieCreddit
Pleased to announce a crypto currency for the #indieweb - http://indiecreddit.com
(twitter.com/_/status/451033491174481920)
#
aaronpk
oh man
#
aaronpk
KevinMarks++
#
Loqi
KevinMarks has 15 karma
#
barnabywalters
KevinMarks++
#
Loqi
KevinMarks has 16 karma
snarfed joined the channel
#
aaronpk
wait does this actually work
#
KevinMarks
I did actually build a currency, though I don't know if I've mined enough blocks for any to exist yet
#
KevinMarks
also I only built a mac client
#
barnabywalters
aw, the client doesn’t open
#
aaronpk
aw it crashed for me
#
aaronpk
lol "identifier: com.yourcompany.indiecreddit-qt"
#
Loqi
lolz
#
barnabywalters
yourcompany.com is producing so many apps these days
#
aaronpk
barnabywalters++
#
Loqi
barnabywalters has 34 karma
#
KevinMarks
I think you may need to "sudo port install miniupnpc" as I had trouble stripping it
#
aaronpk
is it on homebrew? I don't have port
#
barnabywalters
wait lightcoin seriously uses IRC?
#
aaronpk
KevinMarks: hm installed through homebrew but that didn't fix it
#
KevinMarks
yes, it uses irc to find other clients
#
KevinMarks
are you getting a link error?
jedahan and tantek joined the channel
paulcp and tantek joined the channel
#
KevinMarks
can't work out how to strip the uPNP dependency
#
KevinMarks
the make file looks liek it can, but then it doesn
tantek-ipod, jonnybarnes, paulcp_ and kbs joined the channel
#
barnabywalters
to the ephemeral controllers of #eviltantek: I submit http://xen.adactio.com/ as an amusing link for him to POOS
#
kbs
aaronpk: is https://aaronparecki.com/notes/2013/10/12/2/indieweb ok to use for random testing webmentions? I don't want to accidentally spam/cause issues - mostly curious about what it does. (or, suggestions for other testing places much appreciated :)
pasevin joined the channel
#
KevinMarks
aaronpk: can you try again now, I manually commented out links to that library
#
kbs
heh. indiecreddit kevinmarks :)
#
KevinMarks
can someone with a mac try the client?
#
KevinMarks
I think I fixed the library linking, but hard to test here
#
barnabywalters
kbs: feel free to test webmentions against http://waterpigs.co.uk/notes/4QbH5C/
#
kbs
barnabywalters: ah, thank you much.
#
barnabywalters
kbs: there’s also http://indiewebify.me/validate-h-entry/ which can be used to check how your markup is being parsed
#
aaronpk
kbs: sure that's fine
#
aaronpk
KevinMarks: now I get Library not loaded: /opt/local/lib/db48/libdb_cxx-4.8.dylib
#
KevinMarks
there's some linking crap going on here too
#
kbs
KevinMarks: ah, segv on my end - http://paste.debian.net/plainh/41430d51
#
kbs
aaronpk: great - thanks as well
#
aaronpk
it's good to throw a bunch of crap at that so I can fix parsing and displaying weird mentions too :)
#
KevinMarks
I wonder if the srgv is 32bit vs 64bit
#
ben_thatmustbeme
so if I understand this correctly, a webmention just includes a URL for source and target, correct?
#
aaronpk
ben_thatmustbeme: correct
#
ben_thatmustbeme
and bridgy just does the same.
#
aaronpk
bridgy sends webmentions, yes. but bridgy also creates its own URLs for silo posts for the "source"
benprew and pauloppenheim joined the channel
#
@voxpelli
@creationix The @indiewebcamp movements participants are all building their own blogs into Twitter alternatives – dogfooding it – take part?
(twitter.com/_/status/451055316550287362)
paulcp joined the channel
#
@kevinmarks
RT @IndieCreddit: Pleased to announce a crypto currency for the #indieweb - http://indiecreddit.com
(twitter.com/_/status/451056479089352704)
#
pauloppenheim
oh that is funny
#
pauloppenheim
KevinMarks++
#
Loqi
KevinMarks has 17 karma
#
KevinMarks
I'm dogefooding it
#
pauloppenheim
oh man, new king of memes
eschnou and KevinMarks2 joined the channel
#
ben_thatmustbeme
so, I see that webmention states you SHOULD respond with a link to a queue entry, but there is nothing on format of that queue request that I can see
#
aaronpk
ben_thatmustbeme: that was added after most of us implemented endpoints... so it's not very well specified yet
#
aaronpk
I just did this for something, what was it
#
kbs
:-)
#
aaronpk
I was thinking it makes more sense to return a Link header...
#
aaronpk
rathre than anything in the body
#
kbs
was playing with how identity confirmation works
#
aaronpk
rel="webmention_status"
#
aaronpk
somethign like that
#
ben_thatmustbeme
that would probably make parsing much easier
j12t joined the channel
#
aaronpk
indeed :)
#
aaronpk
that's what link headers are for
#
ben_thatmustbeme
yeah, I'll do that actually, in case anyone uses it, I think that makes a lot of sense
#
ben_thatmustbeme
but then queue requests...
#
kbs
I sent you a couple of entertaining webmentions aaronpk since you kindly volunteered - have at it :) https://aaronparecki.com/notes/2013/10/12/2/indieweb
#
aaronpk
ben_thatmustbeme: cool. i'll probably get around to webmention status results soon
#
aaronpk
kbs: did you send a webmention from my page to my page?
#
ben_thatmustbeme
I'm thinking i'll just keep returning '202 Accepted' until it actually succeeds type of idea
#
aaronpk
ben_thatmustbeme: on the status URL?
#
ben_thatmustbeme
and 200 OK after it succeeds
#
aaronpk
hm does HTTP have anything to say about this? cause "202 accepted" is specifically for this purpose
#
aaronpk
kbs: change it to "class=h-card p-author"
#
ben_thatmustbeme
nothing I see, it looks like they were thinking it should return a URL to a web interface status, outside the HTTP scope
#
kbs
oh - didn't realize it needed to be in the same block, ok
#
aaronpk
otherwise the p-author property applies to the h-card which is not what you mean
#
aaronpk
you want the h-card to be the author property of the h-entry
#
kbs
aah
#
aaronpk
ben_thatmustbeme: "The entity returned with this response SHOULD include an indication of the request's current status and either a pointer to a status monitor or some estimate of when the user can expect the request to be fulfilled."
#
kbs
had that backwards, thanks for the clarification
#
aaronpk
ben_thatmustbeme: so yeah, the spec doesn't seem to say anything. I'm curious if there are any known implementations of that tho
#
aaronpk
(requires yahoo login, boo)
#
ben_thatmustbeme
yeah, i was just there, thats what i mean. There is no other mention of a status monitor anywhere in the spec, so it was really like that status monitor was not specific
melvster joined the channel
#
aaronpk
one guy recommends returning "204 No Content" until it is finished
#
aaronpk
maybe it should just be rel="status" since it's kind of a generic HTTP thing, not specific to webmention
#
ben_thatmustbeme
yeah, i guess the 204 idea makes sense somewhat
#
ben_thatmustbeme
but then what do you return when it is successful
#
aaronpk
actually no 204 is probably not good, cause the status check might want to return some html content
#
ben_thatmustbeme
i mean, could return Link: to the page with the item
#
aaronpk
oh like a 301 redirect?
#
ben_thatmustbeme
i wouldn't do a 301 redirect, that would confuse a client
#
aaronpk
isn't that what you'd want it to do tho?
#
aaronpk
imagine you're using the webmention form on my site
#
aaronpk
you put in your URL, then you get a page that says "processing", and you keep hitting refresh
#
ben_thatmustbeme
i think of 301 as redirecting for use flow
#
ben_thatmustbeme
this is just to check status, there is no need to view it
#
aaronpk
eventually it would redirect you back to the target page with a fragment ID so you could see your comment
#
ben_thatmustbeme
and add in a Link: header so they get back the page,
#
KevinMarks
there are sites that chain 302s for that, whihc is annoying
#
ben_thatmustbeme
actually, there should be no need to return the link to the page, you posted it in the initial negotiation
#
ben_thatmustbeme
s/negotiation/submit of the webmention/
#
Loqi
ben_thatmustbeme meant to say: actually, there should be no need to return the link to the page, you posted it in the initial submit of the webmention
#
aaronpk
i'm thinking about it from the end-user point of view
#
aaronpk
you know the webmention form I'm talking about, right?
#
ben_thatmustbeme
If I were to look at it from and end-user side, like the end-user is actually clicking the link i'm sending back, then I would return a 200 with html saying its status, and a 301 once it is accepted
#
aaronpk
ok! interesting
tilgovi joined the channel
#
ben_thatmustbeme
webmention form?
#
aaronpk
that also implies that the status URL becomes a sort of local URL for the source URL
#
aaronpk
as in, on my site aaronparecki.com, I would end up generating essentially permalinks for each webmention sent to me
#
ben_thatmustbeme
yes, i was thinking of it that way, but as soon as you have a queue, you probably need to do that, even if they are redirects.
#
ben_thatmustbeme
i like the 200/301 idea
#
aaronpk
oh and what if the webmention was not successfully processed? like if you want to return an error message about what went wrong
#
aaronpk
keep returning 200?
#
aaronpk
no that won't work, needs to be a different indicator
#
ben_thatmustbeme
this way the "queue" entry is basically what you are pulling up
#
ben_thatmustbeme
either it is gone and redirected (301) or it is just gone (410)
#
kbs
does Loqi respond to direct messages (and/or have a !help comand?)
#
aaronpk
not really
#
aaronpk
but it's a feature, not a bug. trust me :)
#
kbs
okay :)
#
ben_thatmustbeme
haha, yeah, that could be bad. It was bad enough me playing with regex in it
#
Loqi
rofl
#
ben_thatmustbeme
do you even have a floor Loqi? or a body that can roll?
#
Loqi
who, me?
#
ben_thatmustbeme
aaronpk: 410 seems to be the best option. I don't see anything else that would really make sense there
#
kbs
!tell barnabywalters - FYI in case you look into it - currently last comment on http://waterpigs.co.uk/notes/4QbH5C/ was just me testing
#
kbs
not aaronpk
#
Loqi
Ok, I'll tell him that when I see him next
yaf, tantek and paulcp joined the channel
#
aaronpk
ben_thatmustbeme: ok here is a diagram of the discussion so far https://farm8.staticflickr.com/7203/13566052183_555ff70af6_b.jpg
#
kbs
tantek: out of curiosity, figure you'd know - has anything less complicated than xml signatures emerged out of the attempts to sign web pages?
#
aaronpk
i'm not entirely sold on the 410 yet, but it's a start
#
ben_thatmustbeme
the only issue i could see is a naive implementation where it just keeps pulling down the queue link and checking the response. If they automatcially redirect from the 301, they cannot tell between processing and success
#
aaronpk
not sure that counts as "less complicated", but I'm not sure anything signature related will ever be "less complicated"
#
aaronpk
ben_thatmustbeme: oh you mean like the client doesn't realize that the 301 indicates success, so then it keeps polling but now it's polling the original post URL?
#
kbs
aaronpk: is that spec more about http than html? [I was thinking more of ways to mark a section within html and be able to sign it]
#
aaronpk
kbs: oh! interesting...
#
ben_thatmustbeme
I'd think 301 would be saved for if we move the queue to another location (though rare)
#
ben_thatmustbeme
or if you change domains, or if you want to return a shortened URL link to the queue entry
#
aaronpk
another totally different approach would be this: https://farm3.staticflickr.com/2875/13566123915_db5963ea20_b.jpg
#
aaronpk
still human-readable, and perhaps more explicitly machine-readable
#
aaronpk
at the expense of making up an HTTP header
#
ben_thatmustbeme
that could work
#
ben_thatmustbeme
could do a 201 Created on success
bnvk joined the channel
#
ben_thatmustbeme
so 201 instead of 301
#
aaronpk
but checking the status didn't really create the thing
#
aaronpk
so it would be weird to return "201 created" from the status check
#
ben_thatmustbeme
303 is possible, as well
#
ben_thatmustbeme
since a 301 would be like saying the entry has actually moved, in reality we are returning a reference to a comment, not a queue item
#
aaronpk
my only concern with that would be what do browsers do with 303?
#
ben_thatmustbeme
i think adding that header might be best, since it is easiest for human consumption and machine consumption
#
aaronpk
yeah I'm kind of leaning towards that now too
#
ben_thatmustbeme
besides, we aren't really saying if this is for just parsing the target site or actually approving it. I might implement a system where I approve any comments before they actually appear
#
KartikPrabhu
just marked-up a presentation as "h-entry h-as-presentation" :)
#
aaronpk
so, "Webmention-Status: success" means everything is accepted, the sender can stop sending/retrying, but the comment may or may not actually be published
#
aaronpk
and I see little reason to distinguish those two cases at the protocol level, so we can leave it at that
#
ben_thatmustbeme
we know that the server received our message and knows the link, what it does after that is its own business
#
aaronpk
i'm curious what others think about this as a formalization of the async processing of webmentions
#
aaronpk
actually I should add that third case we talked about
#
ben_thatmustbeme
yeah, I could see a number of webmention-Status entries
#
aaronpk
they were all documented from pingback
#
ben_thatmustbeme
success, approved, denied, no_link_found, parse_error, source_invalid, target_invalid
#
KartikPrabhu
aaronpk: the un marked lines are the rsponse body i take it?
#
aaronpk
KartikPrabhu: yes, just like HTTP :)
#
aaronpk
i just didn't return a content type
#
aaronpk
but it would have been text/plain
#
KartikPrabhu
so the idea is if the webmention was accepted and the body has a link then the mention was actually published at that link?
#
KartikPrabhu
i.e. webmention-status: success + url in the body = published else accepted but not published
#
aaronpk
KartikPrabhu: yes, except I can't think of a reason the webmention client would actually need to know whether it's published
#
KartikPrabhu
If i send a mention to you and I want to see how it is being published or whether it was rejected. My server could notify me of that
#
aaronpk
ha... wait. i was just thikning about "read receipts" the other day
#
aaronpk
iMessage does a good job of this
#
aaronpk
I send a message, and after a second it'll say "delivered". at that point I know the message made it to the other person's phone.
#
aaronpk
after they open the message, my phone changes to show me "read"
#
KartikPrabhu
yup. Whatsapp does this with the 2 ticks on read
#
bnvk
aaronpk: have you seen the new Prismatic interface?
#
arcatan
oh, they've revised the new interface?
#
bnvk
not sure when "new" is actually... I just got an email today about it
#
aaronpk
so i'm thinking about webmention in the context of private messages, since i've been experimenting with that
#
KartikPrabhu
hmmm... the icon fonts didn't show up on my end
#
KartikPrabhu
aaronpk: yup. that is also a good use case for notifying of published i.e. read
#
bnvk
What about using PGP encrypted messages for private messages?
#
aaronpk
bnvk: one thing at a time :)
#
aaronpk
also did you see my PGP private message with sandeep?
#
bnvk
yes, that's what I'm referring to :)
#
aaronpk
that's not really relevant to the webmention layer :)
#
aaronpk
cause it's just a layer on top of html+webmentions
#
bnvk
right
#
aaronpk
so anything we solve at the webmention layer will work regardless of whether the payload is plaintext or encrypted
#
bnvk
right, but I'm challenging the fundamental different of "private" message vs. public message
#
bnvk
well, what's the largest difference as you see it?
#
aaronpk
public message: anybody who visits my site can see it. private message: requires auth when making the request to the URL
#
bnvk
so if I send you a private message, only you can see it, right?
#
aaronpk
only I can read it, and only I know that you sent it.
#
bnvk
right, so, re: using the PGP wrapper, what IF you wrapped all the meta data "name, date, etc..." inside the encrypted blob
#
aaronpk
everyone would still know that I sent *some* message
#
bnvk
and then it would be on the platform (pk3) to not even show that the comment exists to casual passerbys
#
aaronpk
i don't really see why this is relevant right now
#
bnvk
if your platform only showed the crypto message to people who have a key for the message, no one else will know the message exists
#
aaronpk
you're thinking too deep in application land. look at it from the outside at just the HTTP+HTML layers
#
bnvk
no, i'm thinking end user experience
#
ben_thatmustbeme
aaronpk, we would need a status for rejected too
kbs joined the channel
#
ben_thatmustbeme
or just leave it as Webmention-Status as always success one it gets past that initial send
#
aaronpk
bnvk: i'm gonna go back to this discussion... pgp/encrypted/private stuff is a separate thing
#
ben_thatmustbeme
then its just the body that tells us what happens after that
#
bnvk
ok, I wish what I was saying made sense
#
bnvk
maybe someday I can make a prototype of it
paulcp joined the channel
#
kbs
bnvk: would love to chat with you on this at some later point :)
#
bnvk
deal
#
aaronpk
bnvk: happy to chat about it later, but it's a separate discussion
#
bnvk
noted ;)
#
aaronpk
ben_thatmustbeme: the important thing about the webmention status is for the webmention client to know if the server accepted it
#
aaronpk
as in, imagine you have good error handling in the client, and it'll retry on transport failures
#
aaronpk
if you get an HTTP 500 back, the client will try again later. and it'll keep trying until _______ is received
#
aaronpk
(where _____ == "Webmention-Status: success" in our latest sketch)
#
KartikPrabhu
aaronpk: will there a list of messages like "no_link_found" for other thigns that could go wrong?
#
aaronpk
ben_thatmustbeme: what is the situation you are talking about for "rejected"?
#
@glenux
@videoludroit oui dans une ancienne vie. Sinon, les pirates ça utilise plutot du #elgg, du #statusNet ou d'autres outils de l'#indieWeb :)
(twitter.com/_/status/451085729796726785)
#
aaronpk
KartikPrabhu: yes we did have a list in the webmention spec, but removed it when the recommendation was to always return 202 accepted
#
snarfed
is very interested in async webmention stuff
#
snarfed
catches up
#
aaronpk
the list is basically from pingback
#
KartikPrabhu
aaronpk: twtr.io is putting the last parenthesis in the link giving 404
bnvk_ joined the channel
#
aaronpk
KartikPrabhu: that's just bad autolinking in your irc client
#
KartikPrabhu
oh hmm ok :)
#
KartikPrabhu
aaronpk: yeah I am referring to exactly that list of errors. so now we'd be using those for the webmention_status
#
ben_thatmustbeme
aaronpk, that would be not in the Webmention-Status" field, but would be in the body
#
ben_thatmustbeme
rejected would be if the moderator rejects it
#
ben_thatmustbeme
or perhaps if it is noted as spam
#
ben_thatmustbeme
blacklisted sites being another option
#
aaronpk
ok yeah. my inclination is that that kind of stuff is not part of the protocol
#
KartikPrabhu
ben_thatmustbeme: but "no_link_found" is in the status
#
aaronpk
ben_thatmustbeme is talking about moderator rejected things, not that list of existing error codes
#
KartikPrabhu
agrees then
#
ben_thatmustbeme
I'm just thinking if someone wants to keep coming back to find when the comment is approved
#
ben_thatmustbeme
since you already list two cases for if its approved or waiting for approval technically
#
aaronpk
"approved" is an interesting choice of words
#
ben_thatmustbeme
otherwise you just specify success and nothing of the body
#
aaronpk
because approved != displayed
#
aaronpk
i'm trying to imagine this not only for comment threads
scor joined the channel
#
ben_thatmustbeme
Currently my thinking is to keep the spec in the headers only, and leave the body to the implementor, that way another spec could later be added to mark up additional information (such as approved/displayed/rejected etc)
#
ben_thatmustbeme
if automatic approval is on, you could just add a Link: to the header, not the body
#
aaronpk
yeah I think that makes sense
#
ben_thatmustbeme
s/approval/display/
#
Loqi
ben_thatmustbeme meant to say: if automatic display is on, you could just add a Link: to the header, not the body
#
aaronpk
a Link: header that contains a link to the target post with a fragment ID or something?
#
aaronpk
it could, but I don't see an immediate use for that yet
#
ben_thatmustbeme
optional addition i'm thinking
#
aaronpk
so yes, if we stop at returning the current list of errors in the Webmention-Status header (and "success" if it worked or is pending moderation), i think that gives us enough to go on for now
#
@ManUtopiK
RT @IndieCreddit: Pleased to announce a crypto currency for the #indieweb - http://indiecreddit.com
(twitter.com/_/status/451088559693651968)
#
ben_thatmustbeme
this gives me enough to work up a working queue (although it will currently just forever be waiting for approval)
#
aaronpk
I would like to do the same
#
aaronpk
except mine will never be waiting for approval :)
paulcp joined the channel
#
aaronpk
well that was fun. i was supposed to get food a while ago :) now i'm starving
#
pauloppenheim
oh man, i missed all that
#
gregorlove.com
edited /User:Gregorlove.com (+8) "/* Contributions */ TOC"
(view diff)
#
pauloppenheim
my webmention interest is in completely disconnecting response / any logic whatsoever
#
pauloppenheim
effectively "thanks, got it"
#
pauloppenheim
but i'm also interested in the private messaging case
#
gRegor`
Catching up on some of the webmention talk... I think the response body is important if you're responding with JSON, so there can be a standardized key. I detailed what I've done: http://indiewebcamp.com/User:Gregorlove.com#JSON_responses cc: ben_thatmustbeme aaronpk
#
gRegor`
I don't respond with the status URL yet, but intend to.
#
aaronpk
gRegor`: what is your reason for returning json?
#
gRegor`
If they request JSON
#
gRegor`
Default to text/html
#
gRegor`
s/Default/Defaults
#
Loqi
gRegor` meant to say: Defaults to text/html
#
aaronpk
pauloppenheim: you should still be able to do that, just don't return a status header with the "202 accepted" reply
#
gRegor`
Though if the status URL becomes more standard, I think JSON is the way to go.
#
aaronpk
I disagree
#
aaronpk
the HTTP headers should have everything machines need to parse, so there is very little gained by returning JSON
#
gRegor`
If not, I guess the webmention sender should just strip the HTML and treat the text as the status URL - presuming a non-error status code.
#
gRegor`
Ah true. I hadn't thought of that.
#
gRegor`
Haven't looked at webmention.org in a while. Is that in there now for the status URL? Used to say it should be in the body, I thought.
#
aaronpk
yeah webmention.org isnt updated very often
#
aaronpk
and this just came out of a discussion here just now
#
gRegor`
Oh, ok
#
aaronpk
(and some of my noodlings on this over the past week or so)
#
gRegor`
Cool cool
#
pauloppenheim
aaronpk: i suppose the idea is that I as a receiver don't return anything upon receiving a webmention, but if i do a static site rebuild with a reference included, the only option I have right now to notify the sender is another webmention back at them
#
pauloppenheim
which seems silly, but might be perfectly cromulent
#
aaronpk
so you want to proactively notify someone their comment is posted?
#
pauloppenheim
well, it could be days or weeks later
#
aaronpk
(rather than have them check a status url)
#
pauloppenheim
as opposed to instantly
#
ben_thatmustbeme
gRegor` I don't like the idea of just returning JSON though, seems very non-user oriented
#
aaronpk
i think gRegor` said he'd only return json if Accept: application/json
#
gRegor`
ben_thatmustbeme: I only return JSON if the Accept: header specifies it.
#
ben_thatmustbeme
sorry, I missed that
#
gRegor`
I also caught up some more on your convo and saw aaronpk's flowchart. I like it.
#
gRegor`
No worries
#
pauloppenheim
returning a 200 if the webmention failed seems incorrect, feels like it should be a 4XX
#
gRegor`
200 shouldn't be a failure ?
#
gRegor`
Er, strike that question mark.
#
aaronpk
pauloppenheim: it's tricky, because technically the 200 is in reply to the *status check* not the webmention
#
aaronpk
so the status check succeeded with HTTP 200
krendil joined the channel
#
pauloppenheim
the whole status check thing is weird to me
#
pauloppenheim
hmm, gtg, bbiab
#
aaronpk
what part is weird?
#
gRegor`
If it's 4XX, that's saying there was an error with the status URL itself, not the information reflected within the status URL.
#
aaronpk
gRegor`: exactly
#
aaronpk
( for anyone joining the conversation now, the latest flowchart being referenced is this: https://farm8.staticflickr.com/7027/13566602913_cf79cee46d_b.jpg )
#
ben_thatmustbeme
honestly, the more i think about it, anything after the status check to make sure the server received the message and parsed it, really shouldn't be done through this queue, it should be a webmention back, otherwise its the old style of pulling repeatedly
#
aaronpk
ok that actually makes sense
#
aaronpk
think about it this way:
#
aaronpk
you reply to one of my notes, it goes into my moderation queue...
#
aaronpk
then I click "approve" and your comment appears on my web page
#
aaronpk
now there is a *new link* from my web page back to your note
#
aaronpk
which means if I send webmentions for all links from my original note, it'll send one to yours
#
aaronpk
so that actually works out nicely, because that's what webmention is really for... saying "this page linked to this other page"
KartikPrabhu joined the channel
#
ben_thatmustbeme
just so long as you don't end up in a loop :P
#
aaronpk
yep haha
#
gRegor`
hmm
#
gRegor`
Yeah, I don't think I intend to send webmentions when I publish a webmention. :)
#
ben_thatmustbeme
yeah, I'd be too worried of a loop back and forth
#
ben_thatmustbeme
its a nice idea
#
ben_thatmustbeme
to be able to notify when you approve a message though
#
KartikPrabhu
for this to work correctly both parties must be doing things correctly to avoid loops
#
tantek
scrolls back about 300 lines. busy day!
#
aaronpk
tantek: the summary is this: https://farm8.staticflickr.com/7027/13566602913_cf79cee46d_b.jpg plus the last 40 minutes or so
#
ben_thatmustbeme
now i forgot what I was doing....
#
KartikPrabhu
otherwise it'll be a repeat of how I broke kylewm's reshare of my post by sending it a mention because it was linked as a comment etc...
#
KartikPrabhu
should have taken a screenshot
#
KartikPrabhu
kylewm: do you have a screenshot of when I broke your reshare ?
#
KartikPrabhu
or can I break it again to document it? :P
#
tantek
thanks aaronpk - that helps!
#
tantek
kbs - re: something less complicated than XML signatures. too little information. what's your use case?
#
tantek
aaronpk - I like the use of rel="status" in that webmention update flow
#
tantek
one thing I'd add (which I think I mentioned last time this discussion came up) is a webhook call back for status to avoid need for polling
#
tantek
that is
#
aaronpk
*whew*
barnabywalters joined the channel
#
Loqi
barnabywalters: kbs left you a message 2 hours, 2 minutes ago: - FYI in case you look into it - currently last comment on http://waterpigs.co.uk/notes/4QbH5C/ was just me testing
#
barnabywalters
!tell kbs RE identity theft test comment, I guessed as much ;) Going to have to implement author verification now
#
Loqi
Ok, I'll tell them that when I see them next
#
aaronpk
a web hook for that would be interesting!
#
tantek
aaronpk, that way when webmention receiver reaches the states of "Your comment is posted!" or "Webmention failed" or "Awaiting human moderation", the webmention server does a GET http://callback.example.com/?id=someid&status="Comment posted" etc.
#
aaronpk
barnabywalters: plz document how you do that when you figure it out :)
#
aaronpk
barnabywalters: I suspect your author verification step will think all bridgy mentions are fake tho, since that's essentially what bridgy does :)
#
aaronpk
tantek: yeah that makes sense! (probably a POST to the callback URL tho)
#
tantek
that's fine - whatever is the convention for webhooks
#
tantek
webhooks are simple enough to be worth baking in like that to avoid requiring polling to get status
#
barnabywalters
aaronpk: sure, I would have an exception for bridgy :)
#
barnabywalters
aaronpk: my inclination is just to match the domain of the author up with the domain of the post
#
aaronpk
actually wait, in that case, why not just allow registration of a webhook when sending the webmention in the first place?
#
tantek
aaronpk - even better
#
tantek
I made up "callback" BTW - feel free to look at other webmention API examples and see if there is a standard param name for that
#
tantek
er, webhook
#
aaronpk
translates into english as: "hey this page on alice.com linked to this page on bob.com, and let me know here when you do something with that information"
#
tantek
look at other *webhook* API examples and see if there is a standard param name for that "callback" param
#
KartikPrabhu
would like a documented page of the conclusions of this discussion that he does not really understand... :)
#
aaronpk
yes indeed
#
tantek
hmm, webhooks.org links to wiki.webhooks.org (does not resolve) and blog.webhooks.org (does not resolve)
#
@gRegorLove
@girlvsplanet Yep. It still works for me, but dev has basically halted. I might be moving on in coming years as I do more #indieweb stuff.
(twitter.com/_/status/451104481384484864)
#
aaronpk
seems like they are pretty much universally called "webhooks"
#
aaronpk
and the API parameter is sometimes called "url" or "action", and there is not always an API for configuring them
#
aaronpk
sometimes you can only configure the web hook through an admin dashboard
benprew joined the channel
#
aaronpk
that was from a cursory scan of the following APIs: pusher.com, mailchimp.com, stripe.com, github.com, twilio.com
_6a68 joined the channel
#
snarfed
tantek, aaronpk, just fyi, webmention.io is 404ing bridgy's wms for tantek's latest post
#
snarfed
not urgent, just a heads up
#
aaronpk
404? that is odd
#
tantek
is that a webmention.io problem?
#
aaronpk
sounds like it
#
snarfed
details in the log links
#
bear
with the caveat that i'm reading the log scrollback of 500 lines and may lack context...
#
aaronpk
snarfed: you're sending a POST and getting back 301, then sending a GET and getting 404?
#
snarfed
aaronpk: yeah, i just saw that myself
#
bear
aaronpk - have you seen this: https://gist.github.com/jkarneges/30fc4f07c57fe6b72561 it uses Link header to enable a webhook/callback in a request
#
aaronpk
I moved it to https
#
aaronpk
and 301 redirects on POST requests don't really work
#
snarfed
hah, redirect POST to GET
#
snarfed
i HATE that about 30x redirects
#
aaronpk
i'm gonna go open that back up on http
#
snarfed
grudgingly accept, but still hate
#
snarfed
you might also want to spam all webmention.io users (if possible) and ask them to update their advertised endpoints to https
#
snarfed
so you can try to switch back later
#
aaronpk
i was just reading the list of http codes... seems there is one for this purpose
#
snarfed
whoa really?!
#
aaronpk
oops nope, other way around
#
aaronpk
303 See Other -> for POST requests to respond with a Location header and force the browser to redirect
#
snarfed
i was about to be very surprised, and ecstatic
#
Loqi
!calc 303 See Other -> for POST requests to respond with a Location header and force the browser to redirect
#
snarfed
ah yeah
#
gRegor`
The 30x codes are a real cluster in HTTP2 from what I read recently.
#
bear
wasn't that what 307 was supposed to be fore?
#
bnvk
is anyone posseing to Reddit?
#
bnvk
POSSE
#
gRegor`
I believe so, bear
#
tantek
aaronpk - ok did some research on webhook naming patterns
#
aaronpk
bnvk: I've posse'd to hackernews a couple times, but not reddit
#
tantek
seems like "callback" is a common name for the URL or thing that encapsulates the URL of a webhook
#
ben_thatmustbeme
wait, how are we back to 303 again?
#
ben_thatmustbeme
starts reading back
#
tantek
so "callback=" seems like a fine param name to go with for an optional additional param for webmention
#
aaronpk
ben_thatmustbeme: unrelated!
#
ben_thatmustbeme
cool, already added callback as a post option for initial webmention
#
snarfed
bear, gRegor`: true, except afaik browser support is really weak. many still switch posts to gets on 307 :/
#
ben_thatmustbeme
so in theory my site can receive webmentions now, that never get processed (yet)
#
tantek
then the question is, are there HTTP status codes we can re-use in the "status=" param when calling back the webhook?
#
tantek
for each of the cases of "comment accepted, awaiting human moderation, no source link found"
#
bear
couldn't that be handled with a 202 with Link: callback=…
#
aaronpk
how would you send an http status code? the status codes are for responses
#
tantek
aaronpk, just re-using them in a URL param e.g. "status=200"
#
aaronpk
i think that is unnecessary mixing of layers
#
tantek
it's all the protocol layer
#
tantek
it's how you report lazy status
#
tantek
i.e. imagine your webmention handler was fully synchronous - and could return status codes with full information
#
tantek
then what would it return for "comment accepted, awaiting human moderation, no source link found"
#
tantek
those are the same codes that should be used in the webhook callback for the exact same semantic, just in the callback context
#
tantek
so I say, "comment accept" = 201 Created
#
aaronpk
that's a good way of looking at it
#
tantek
accepted*
#
aaronpk
but that's getting dangerously close to tipping off my rant about REST API design
#
tantek
"awaiting moderation" = 202 Accepted (but processing has not been completed)
#
bear
response = 201 or 202 with a response header containing callback link seems to be the most flexible
#
tantek
bear, why do you need ANOTHER callback link?!?
#
tantek
no need at that point
#
bear
to inform the person making the request how to check for updates
#
aaronpk
bear: also looking at that gist you posted, trips all my anti-rest bells
#
tantek
bear - that's the polling solution that aaronpk already documented in his diagram with rel="status"
#
tantek
this is a different notification based flow
#
tantek
whereby the original webmention has source, target, AND a callback parameter
#
bear
aaronpk - part of why I posted it - I wanted another opinion if some of my smell-check was accurate
#
tantek
and then when the webmention server gets around to calling back the callback, what status codes it can/should use
#
tantek
so to complete the list
#
tantek
and lastly, "no source link found" = 412 Precondition Failed
#
tantek
since a valid source link *is* a precondition of a valid webmention
#
aaronpk
bear: lol!
#
bear
ah - I missed that in the context - webmention getting a callback param for deferred responses
#
tantek
IRC messages must be processed in order ;)
#
bear
yea, that's what I get for jumping into a 500 line backlog without doing due diligence :/
#
bear
work has been crazy busy and i'm missing my indieweb time badly
basal joined the channel
#
aaronpk
tantek: snarfed: ok webmention.io should not be sending 301 redirects anymore, and responds on http
benprew joined the channel
#
tantek
braces himself for the webmention.io MITM attacks (which will likely never happen).
#
aaronpk
heh yeah
#
aaronpk
oh hey
#
aaronpk
thought it was a little bit quiet in here the last couple days
#
KartikPrabhu
Ben Markowitz about homescreen icons: http://www.intridea.com/blog/2014/4/1/touch-icons basically the same as http://indiewebcamp.com/icons
#
tantek
KartikPrabhu: with less content
#
KartikPrabhu
we haz more examples!
#
aaronpk
tantek: also add "301" for "already_registered"?
#
tantek
what does that mean in user terms?
#
aaronpk
oh wait we kind of made that not an error anymore, since updating comments is a thing
#
tantek
as is deleting
#
tantek
comment CRUD FTW!
#
aaronpk
we do need errors for things like the source was unable to be retrieved (encountered a 500 server error, or dns lookup failed)
#
KartikPrabhu
snarfed: bridgy/publish not showing a "post/publish" link anymore!
#
tantek
aaronpk, detailed stuff like that can still go into the body of the response
#
snarfed
KartikPrabhu: sorry?
#
snarfed
confused
#
aaronpk
tantek: there is no body of the response in a callback
#
aaronpk
do you mean the request body?
#
aaronpk
if so, what content type?
#
KartikPrabhu
snarfed: I just previewed a note to publish and it shows a preview but no button to post/publish it on Twitter
kbs joined the channel
#
Loqi
kbs: barnabywalters left you a message 50 minutes ago: RE identity theft test comment, I guessed as much ;) Going to have to implement author verification now
#
snarfed
ah. huh.
#
tantek
KartikPrabhu: perhaps reply to @bpmarkowitz and/or @intridea's tweet about that blog post with a link to indiewebcamp.com/icons as previous work accordingly
#
KartikPrabhu
tantek: doing exactly that :)
#
tantek
cc @brad_frost too
pfenwick joined the channel
#
tantek
KartikPrabhu: here's my post on when I announced the /icon page and told people to go do it: tantek.com/2013/336/t1 (click that and get redirected to the full URL with slug :) )
#
aaronpk
web hooks typically do not send human-readable content, since they are always parsed first by a machine
#
aaronpk
so we will need to define parameters that will be sent in the web hook for that
#
snarfed
KartikPrabhu: heh. dumb bug. thanks for the heads up. deploying the fix now.
#
KartikPrabhu
cool :) was going to send scrnshot but i guess you found it :)
#
aaronpk
and it feels *really weird* to me to be sending integers in post body params
#
snarfed
aaronpk: great! feel free to spam the retry buttons on https://www.brid.gy/twitter/t , etc
ttepasse joined the channel
#
tantek
aaronpk, I believe "body" will suffice ;)
#
kbs
tantek: [aside - don't want to derail current discussion. re: web signatures, use for me is how I can verify someone really wrote something when I get a web-mention to a particular page. Perhaps signing a certain chunk of the page so I can reliably embed that elsewhere, etc. indiewebcamp.com/spam looks good, but wondering about other ideas]
#
tantek
what do you mean by "someone"?
#
kbs
someone == a person in my contact list, say
#
tantek
all you know is that the person represented by that URL wrote it.
#
tantek
what else do you need?
#
KartikPrabhu
snarfed: thanks for the quick fix!
#
gRegor`
Seems unlikely, but were there any indieweb April Fools pranks today?
#
tantek
gRegor`: see @kevinmarks
#
KartikPrabhu
gRegor`: you'll find out tomorrow :)
#
gRegor`
"Wikipedia:Citation needed is nominated for deletion. [citation needed]"
#
kbs
tantek: understand. I guess there's an assumption that content that's sitting on a domain owned by user X has actually been written by user X
#
pauloppenheim
kbs: in this case it probably makes sense to try a few things to see what works for you (and me i suppose!), i don't think anyone else is working on this
#
pauloppenheim
kbs: you are already light years ahead of me on all of this
#
kbs
oh, I know the last is not the case - but I saw this old standard called xml signatures, and thought tantek might offer some wisdom here before [the few crypto nerds] run away and have fun :)
#
tantek
kbs - yes, there's that general assumption, and there's the /authorship algorithm to just determine *who* wrote the content of a given page.
#
aaronpk
tantek: there needs to be another status code for recoverable failures
#
tantek
this is why I asked what the use-case was, because it turned out the use-case has already been solved.
#
kbs
*nod* okay - thanks for the pointer tantek :)
#
pauloppenheim
tantek: kbs already has a non-web private sharing app running, his use case is passing messages through 3rd party servers
#
pauloppenheim
could still be relevant for indieweb for very large transfers (large video files, etc)
#
tantek
therefore the replacement for "xml signatures" is null AKA YAGNI.
#
aaronpk
412 is unrecoverable, because no link was found. but errors like DNS was unresolvable, or encountered a 500 error fetching the page may succeed if they are attempted again
#
tantek
what is the user scenario where a "recoverable failure" occurs?
#
tantek.com
edited /webmention (+149) "/* Implementation Notes */ expand sync vs. async"
(view diff)
#
aaronpk
actually SSL errors will be the most common
#
aaronpk
like improperly configured SSL certs that the target site rejects, but if the author updates teh SSL cert the request would succeed
#
aaronpk
also but less likely is network errors that are no fault of either user
#
kbs
(re yagni - I should probably have clarified that I don't fully share the assumption that content sitting on a domain owned X has always been written by user X, for all domains and users X :)
#
tantek
kbs - that's not assumed, hence /authorship
#
pauloppenheim
signatures prevent forgery, which /authorship does not address
#
aaronpk
signatures are nice and all, but really all you're doing is moving the potential failure points to places that are sometimes harder to see
#
tantek
pauloppenheim: perhaps you can rephrase that as a use-case
#
GWG
Good evening
#
tantek
aaronpk - indeed, and I think that can be demonstrated by continuing to ask for a specific use-case.
#
tantek.com
edited /webmention (+1791) "/* Brainstorming */ Asynchronous status polling, Asynchronous status notification, More status codes"
(view diff)
#
tantek
aaronpk ^^^ I think I captured most of the webmention / status / webhook discussion
#
GWG
Hello again, KartikPrabhu
#
tantek
didn't mean to scare kbs away!
#
aaronpk
e.g. how do you know the author's computer and private key aren't compromised?
#
tantek
aaronpk - yup, security turtles all the way down.
#
pauloppenheim
aaronpk: it is possible to use provably secure methods
#
tantek
(LOL)
#
KartikPrabhu
GWG: how is indiewebfying your sites going?
#
tantek
aaronpk - I think the reality is that a lot of this XML Signature etc. stuff were invented by and for Enterprise™ for the purpose of doing things like EMAILING XML documents around and verifying them or something.
#
tantek
nothing actually weblike
#
tantek
hence when you ask for a use-case, it cuts right to their contextual assumptions (which are usually non-web assumptions that they don't want to admit to)
#
snarfed
aaronpk: just fyi, webmention.io now says Error connecting to Redis on 127.0.0.1:6379 (ECONNREFUSED)
#
aaronpk
that's a good point, signatures make more sense when documents are just flying around with no URLs
#
aaronpk
snarfed: LOL wow my bad
#
pauloppenheim
tantek: the use case is signatures
#
snarfed
devops is so fun huh! i feel your pain
#
aaronpk
pauloppenheim: signatures are not a use case
#
pauloppenheim
the use case of signatures is forgery prevention
#
tantek
pauloppenheim: use a PNG or a JPG
#
aaronpk
snarfed: I may have been a bit overzealous in migrating things to the new server on sunday
#
pauloppenheim
digital signatures
#
pauloppenheim
i mean, it's a thing
#
snarfed
aaronpk: never!
#
pauloppenheim
you can ridicule it
#
pauloppenheim
but it's real
#
tantek
yes, to a user, a digital signature is a photograph of a physical signature
#
tantek
come back to me when you have a *web* use case
#
tantek
plumbing is not a use case
#
pauloppenheim
yeah, if that;s what you're getting at, that's a legitimate complaint
#
pauloppenheim
talking about "security turtles" is just name-calling
#
tantek
it's not - it's an actual reference to the problem of just moving the problem
#
aaronpk
it is interesting that physical signatures and digital signatures (outside of web) serve a similar and important problem
#
tantek
if you can fake /authorship, then you can fake any signature mechanism you might put in the document
#
tantek
hence the "turtles all the way down" reference is a shorthand for the actual problem
#
tantek
which is basically saying, you
#
aaronpk
if I hand you a piece of paper and say this other guy wrote it, you can look at the handwritten signature and verify it (to some extend, but good enough for banks)
#
tantek
you're not solving the problem by adding a layer of obfuscating abstraction
#
aaronpk
if I send you an email, I can include a digital signature to serve the same purpose
#
aaronpk
if I send you a URL, assuming you trust DNS and HTTPS, you can be sure it's the document I intended for you to receive, and if you follow /authorship then you can verify I wrote it
#
tantek
so no, not name-calling. but I can see how you might have interpreted it that way.
#
tantek
aaronpk - exactly.
#
snarfed
aaronpk: wms to webmention.io are flowing happily. thanks!
#
aaronpk
so no, I am not sold on the value of digital signatures in HTTPS documents yet.
#
pauloppenheim
oh, that's an interesting perspective
#
pauloppenheim
you're assuming HTTPS covers more than transit
#
pauloppenheim
if not, then i am misunderstanding
kbs joined the channel
#
aaronpk
elaborate?
#
kbs
[sorry, spotty connection :) catching up on logs.]
#
tantek
aaronpk - I'm with you. since you have to eventually do HTTPS for *other* scenarios, then it eliminates the need for stuff like XML sig
#
aaronpk
well we could do signed requests all day long and do away with https entirely ;)
#
pauloppenheim
a digital signature would be useful in an HTTPS document to show that it came from the author listed, same as it would over an HTTP connection
#
pauloppenheim
(yes, in so far as the computer they used to sign the document was secure)
#
aaronpk
pauloppenheim: is that assuming the author is not the same as the owner of the domain?
#
pauloppenheim
or that they aren't the admin of the machine
#
pauloppenheim
or they are the admin, but the machine is a VM...
#
aaronpk
I'm not sure I follow
#
tantek
aaronpk - meh, I'm tired of playing 20 question to try to guess the user scenario that pauloppenheim appears to be assuming. if you can't describe in a series of human actions that are taken, not interested
#
pauloppenheim
HTTPS server keys have to be made available to the server at this point, and right now it's uncommon for a site admin to have full control over the machine
#
aaronpk
pauloppenheim: now you've really lost me unfortunately
#
tantek
well when we have a real world example of someone who has HTTPS on their indieweb server but does not have control over those keys, perhaps that will be an interesting scenario to discuss. until then...
#
tantek
= hypothetical
#
pauloppenheim
tantek: my apologies if i can't make it clear why a digital signature is desirable to me. Can you at least believe that they are important to me?
#
tantek
all sorts of things are important to people. but here we filter by concrete real world use-cases.
#
aaronpk
pauloppenheim: what if there is some other way to solve what you are getting at that doesn't involve digital signatures? is it really the digital signatures that are important to you? or is it the thing you're trying to solve with signatures?
#
tantek
if you can't describe your use-case as a series of human actions that are taken, e.g. with you on your real world web server, then it's not interesting from an indieweb perspective.
#
pauloppenheim
and i am suggesing you have two people in this channel with real world use cases you might not understand
#
tantek
you have yet to document them
#
tantek
so yes, we don't understand what you haven't documented
#
pauloppenheim
tantek: kbs has a real system
#
tantek
--> as a series of human actions that are taken
#
pauloppenheim
works today
#
pauloppenheim
android app
lukebrooker joined the channel
#
pauloppenheim
stores things on dropbox
#
pauloppenheim
sig cryptographically proves file wasn't modified
#
pauloppenheim
i don't know how else to explain it
#
pauloppenheim
that requires sigs
#
tantek
so the point that aaronpk and I are making is that any way an attacker could modify such a file, they could also modify any signatures in it to match. hence the "security turtles all the way down" criticism
#
pauloppenheim
thats not how sigs work
#
pauloppenheim
you can't modify a sig w/o the private key
#
pauloppenheim
or rather, re-sign the new, modified document
#
pauloppenheim
hence the importance of sigs
#
tantek
so you're moving the vulnerability from the document to the private key
#
pauloppenheim
the private key is not on the server
#
tantek
I'd look at existing solutions first
#
aaronpk
tantek: at this point should we even recommend at all that synchronous webmention processing is possible?
#
pauloppenheim
and probably (hopefully!) not even the internet, depending on the document
#
tantek
e.g. how do github clients work regarding such modifications?
#
aaronpk
it seems like we should just write it assuming all handling of webmentions is asynchronous
#
tantek
aaronpk - since many started with synchronous implementations, I think it's reasonable to allow for that in the protocol
#
tantek
stepping stones approach
#
tantek
it may be easier to first implement a bare minimum synchronous webmention backend while you work on the UX of the front end of comments/likes/reposts etc.
#
tantek
because UX is more important than backend :)
#
aaronpk
a client won't know if a server is synchronous or not, so if my client always sends a callback URL with requests, should a sync client also send a POST to that url?
#
tantek
or rather it shouldn't have to
#
tantek
sync webmention receiver should be able to minimally implement by returning status/results, nothing more
#
aaronpk
ok, in that case, a client can know whether to expect a callback based on whether the initial webmention response was "202 Accepted" or one of the other codes
#
tantek
minimize HTTP
#
pauloppenheim
tantek: right, that's what kbs did - he found an old, weird XML standard that might fit, but wanted to check
#
tantek
pauloppenheim - I'm talking about real world *practices* rather than previous standards
#
tantek
I'm much more interested in modern practices than old standards
#
aaronpk
does the client need to distinguish between a "202 Accepted" queued response and a "202 Accepted" synchronous handling that resulted in the comment being moderated?
#
pauloppenheim
tantek: right, and that's very valid here
#
tantek
I was just going to say that aaronpk
#
pauloppenheim
tantek, kbs: because this XML signature standard is hella enterprise smelling
#
kbs
appreciates tantek being able to hold two conversations in his head :) but should we wait until the other discussion finishes?
#
pauloppenheim
it's irc, man
#
pauloppenheim
also, unfortunately regarding keybase.io, it seems my initial thoughts are not unique: http://blog.lrdesign.com/2014/03/thoughts-on-keybase-io/
#
tantek
aaronpk, how about 102 Processing for the asynch reply?
#
aaronpk
is that a thing?
#
tantek
"server has received and is processing the request, but no response is available yet"
#
tantek
is looking at the WP page for HTTP status codes
#
bear
102 is WebDAV
#
tantek
bear, exclusively?
#
aaronpk
I think the 1xx codes are expected to keep the connection open and return another HTTP code after
#
bear
no - just where the code was used the most
#
bear
and 1xx is not http/1.0
#
bear
so could break older stuff
#
tantek
aaronpk - I think you're right
#
bear
it was used before long polling became common
#
KevinMarks
worth discussing wiht the http 2 mailing list?
#
aaronpk
I see "100 Continue" a lot when uploading files
#
tantek
ok so let's stick with 202 for "webmention being handled asynchronously"
#
aaronpk
so the server can verify auth and stuff before actually accepting the file upload
#
tantek
and then let's bucket "queued for moderation" into just a 200
#
tantek
I don't see anything more specific than that :/
#
aaronpk
i think 412 is more specific too, I think it's just for validating request headers
#
aaronpk
I think 400 is ok for the rest of the errors
#
aaronpk
400 indicates "The client SHOULD NOT repeat the request without modifications."
#
pauloppenheim
kbs: i need to do work-work, but i'd like to talk about the set of things to be signed
#
tantek
412 seems close enough
#
tantek
for preconditions
#
bear
400 implies you can retry with corrections
#
pauloppenheim
kbs: the solution might be in slightly abusing #microformats
paulcp joined the channel
#
kbs
pauloppenheim: sure, love to :) think bnvk had some ideas too
#
aaronpk
we also use 400 currently
#
bear
kbs - could you create/mod a mf2 to be the signature of a block/span
#
tantek.com
edited /webmention (+174) "/* More status codes */ 200 OK for updates, human moderation, 204 for deletes"
(view diff)
#
tantek
aaronpk - hence I've been adding these to brainstorming
#
bear
<span rel="signature" …><p>blah blah</p></span>
#
kbs
bear: yea :) that's just what I was thinking too
#
tantek
bear, I don't think "rel" means what you think it means
#
bear
waves hands and begs for clemency
#
aaronparecki.com
edited /webmention (+91) "/* Brainstorming */ add example payload sent to callback URL"
(view diff)
#
bear
I knew it was wrong as I pressed the enter key
#
KevinMarks
has been brute-forcing hashes all day
#
tantek
bear, you could use rel="signature" to *link* to an external signature
#
aaronpk
KevinMarks: I really want to run that app :)
#
kbs
oddly enough, has done just that too :)
#
KevinMarks
so far just 99 blocks
#
aaronparecki.com
edited /webmention (+104) "/* Discovery in PHP */"
(view diff)
#
kbs
you can sign an entire html page fairly easily like that (cf kbsriram.com pages)
#
KartikPrabhu
has been trying make a presentation and not be tempted by all this interesting discussion!
#
tantek
kbs - except for the part of the page that points to the signature? or do you have foreknowledge of the signature URL?
#
tantek
seems like you'd have to. otherwise you're stuck not knowing the "entire html page" since that includes the signatures or URL itself
#
kbs
yes - foreknowledge of the signature url [it's just the <page_ul>.asc
#
tantek
probably better to start with that
#
kbs
it also works as a practical way to check other stuff too [js, etc]
#
tantek
gives you HTTP LINK: flexbility too
#
kbs
*nod* yep, that's what I did
#
tantek
and that way you can resolve questions of signature type etc. using content-type
#
kbs
ah, interesting - good point.
#
kbs
I started [as you say] by signing all my content at this point
#
tantek
aaronpk - what do you think of 204 for successful deletes?
#
bear
a delete should get a 200
#
bear
as the action was the delete and 200 says "it was done"
#
aaronpk
tantek: would the synchronous processing version send 204?
#
aaronpk
that seems weird
#
aaronpk
if the webmention endpoint returned HTTP 204, that implies the endpoint is deleted
#
tantek
yeah, bear, aaronpk, you're right
#
tantek
that "delete" in the description means HTTP DELETE verb
#
bear
while everything says 204 is for deletes - to me it just adds to the smell of REST
#
tantek
goes back to the wiki
#
aaronpk
bear: ooh is REST smelly to you too? we should compare notes.
#
tantek
also means we can't use 201 for that either
#
tantek
created that is
#
tantek
because that implies the *endpoint* was created
#
aaronpk
ha yeah... pretty much just 200/400 then
#
tantek
and *this* is why I wanted to think this through with the synchronous scenario first
#
bear
oh my word - REST and rants
#
aaronpk
I like to keep in mind that ultimately HTTP is for *transport*
#
tantek
because it's simpler / more well-known / better constrained/understood
#
bear
*yes*
#
aaronpk
so if something is returning an HTTP error, it had better be because the *transport* failed
#
bear
gives a southern style "amen brother"
#
aaronpk
we actually built an API framework based on this idea. if you are a fan of REST you should not click this: https://github.com/esripdx/jsonatra
#
kbs
should the /authorship algorithm always validate the author's domain in some suitable fashion? Eg: would http://paste.debian.net/plainh/bdb2632b be identified as authored by barnaby?
#
bear
aaronpk - dealing with REST and ruby and json in the days of merb is what lead me to that mindset
#
aaronpk
kbs: that is an interesting question that we need to address. if it does, bridgy will not pass the test.
#
bear
HTTP is a transport, all things should be in your responses
#
tantek.com
edited /webmention (-131) "/* More status codes */ looks like we can only use 200 or 400 since any other details imply stuff about the HTTP interaction which we don't want to imply"
(view diff)
#
kbs
aaronpk: ah. okay - perhaps this might be a nice use-case to see how best to solve it without getting into the weeds about crypto :)
#
aaronpk
sure! this is a good example.
#
aaronpk
e.g. you were able to "forge" a document that looks like it's from barnaby, so that is clearly a problem, and how can we best solve it
#
tantek
so this is basically the same problem as anyone can enter any identity they wish into comment forms on the web
#
tantek
even gravatar doesn't help this
#
tantek
(may actually *hurt* in that it makes it look more real)
#
aaronpk
the short answer is if you didn't retrieve the comment from the author's own website, you shouldn't display it as a comment from them
#
tantek
if you know someone's email address they use in submissions to web comment forms, you can simply type a comment, put their full name and email address, and it will appear as if the comment came from them (including their *current* avatar!)
#
tantek
aaronpk - yes that's one approach
#
aaronpk
that would, however, break bridgy
#
snarfed
man, you guys are making me feel all guilty :P
#
snarfed
(kidding!!!)
#
tantek
another way to do it would be to match a prefix URL that the author rel=me back to their own site (bi directionally)
#
barnabywalters
sure it would break bridgy, but fixing that is as simple as whitelisting mentions from brid.gy
#
barnabywalters
and leaving it up to bridgy and the silos to handle identity theft
#
aaronpk
barnabywalters: so basically you are saying that you would allow brid.gy to forge identities :)
#
tantek
barnabywalters - or by bridgy providing a "profile URL" for folks to rel=me to from their own sites
#
gRegor`
More work for snarfed!
#
barnabywalters
aaronpk: I’m saying that, for the moment at least, I trust bridgy
#
tantek
and then hosting all webmentions for a person under that URL
#
aaronpk
tantek: I think that would require that *all* twitter users commenting on your stuff would need to do that...
#
tantek
sure, we can whitelist bridgy as a stopgap
#
barnabywalters
jsut as, at the moment, we all host any webpage which sends us a webmention ;)
#
barnabywalters
s/host/trust
#
tantek
aaronpk - I don't think so
basal joined the channel
#
tantek
oh wait
#
tantek
yeah, either you whitelist bridgy, or you whitelist the domains that bridgy sends you mentions from
#
tantek
e.g. twitter etc.
#
tantek
kbs - how do I view http://paste.debian.net/plainh/bdb2632b as actual HTML rather than source?
#
tantek
ok aaronpk I think I caused an odd mention of sorts at the bottom of http://aaronparecki.com/notes/2013/10/12/2/indieweb
#
tantek
kbs - see if you can actually fake a "real looking" comment from Barnaby
#
aaronpk
tantek: that's what that page was for
kbs` joined the channel
#
tantek
aaronpk - but it didn't work
#
tantek
that's my point
#
aaronpk
no it did
#
tantek
I don't see it
#
aaronpk
and he has one on barnaby's site too
#
barnabywalters
if I was masquerading as myself I wouldn’t say so
#
barnabywalters
so it’s not very realistic ;)
#
kbs
doesn't have an internet, he has a 'nearly' net
#
tantek.com
edited /authorship (+551) "/* Issues */ add Spoofing, move prev theoretical to such a subsection"
(view diff)
#
KevinMarks
barnabywalters: that sounds very The Prisoner
#
barnabywalters
KevinMarks: maybe I have been masquerading as myself all along
#
tantek
kbs ^^^ please feel free to add any details to the Spoofing issue. e.g. original pastebin URL used to generate that spoofed comment.
#
KevinMarks
aaronpk: I haven't got the makefile that makes the makefile happy yet, so you'll have to install more locallibs I think
#
aaronpk
i can manage
#
kbs
tantek: sure. I think the better spoof is actually above the 'also mentions' - it just says "how does parsing work". I'll update links, and more info
#
aaronpk
if I know what to install
#
KevinMarks
the full list is "sudo port install boost db48 qt4-mac openssl miniupnpc git"
#
barnabywalters
KevinMarks: am I right in thinking you’ve worked on web crawling systems before?
#
KevinMarks
though you probably have most of those
#
KevinMarks
yes barnabywalters, that was what i did at technorati from '03 to '07
#
KevinMarks
I think I stripped the miniupnpc dependency by brute force
#
barnabywalters
KevinMarks: oh cool, have you documented stuff you learned from it anywhere?
#
KevinMarks
but I haven't got it to fold the others in because linkers are annoying
#
barnabywalters
I’m about to start writing a crawler but am running into some interesting problems
#
KevinMarks
hm, not in one place specifically
#
KevinMarks
you can argue that a lot of microformats is what we learned from it...
#
barnabywalters
KevinMarks: heh, cool
#
barnabywalters
what was your approach to caching and/or archiving?
#
KevinMarks
what are you crawling for?
#
kbs
barnabywalters: wondering - a large scale crawler, or one for personal use? [just wrote my little rel=me crawler experiment here, and be interested in issues you ran/running into]
#
kbs
too the words :)
#
kbs
s/too/took
#
Loqi
kbs meant to say: took the words :)
#
barnabywalters
KevinMarks kbs: currently building a small personal crawler for anti-spam purposes, also archiving and feedreading in the future
#
tantek
indiearchive!
#
KevinMarks
we got caching wrong, in that we just kept etag and if-modified-since info with the parsed data
#
KevinMarks
instead of caching the fetched data too
#
barnabywalters
KevinMarks: so you were changing your approach to parsing frequently?
#
KevinMarks
I was patching it day to day, but the basic approach was the same
#
barnabywalters
specifically the problem I’m finding immediately is fetching things efficiently
#
barnabywalters
so I’m searching the site for mentions of people
#
barnabywalters
I’m going to end up fetching every feed page, paginated versions of it, and individual post pages in order to get everything
#
barnabywalters
and most sites duplicate links across feeds, e.g. homepage feed = notes + articles
#
KevinMarks
we relied on cumulatively indexing the main page+ feed of the blog
#
KevinMarks
and that blogs added at the top
#
KevinMarks
which was an ok assumption for our puropse, but not general
#
tantek
!tell KevinMarks,benwerd,hober,snarfed any of you going to the W3C Workshop on Annotations tomorrow?
#
Loqi
Ok, I'll tell them that when I see them next
#
tantek
darn forgot URL
#
snarfed
no, sorry
#
KevinMarks
and other common crawl
#
Loqi
snarfed: tantek left you a message 16 seconds ago: any of you going to the W3C Workshop on Annotations tomorrow?
#
Loqi
KevinMarks: tantek left you a message 21 seconds ago: any of you going to the W3C Workshop on Annotations tomorrow?
#
KevinMarks
tantek: should we?
#
KevinMarks
missed it
#
barnabywalters
one thing I was thinking is that a few sites are publishing feeds of mentions and replies
#
tantek
!tell KevinMarks,benwerd,hober any of you going to the W3C Workshop on Annotations tomorrow? http://www.w3.org/2014/04/annotation/ can apparently register late (today) as an "Interested Attendee" without a paper! https://www.eventbrite.com/e/w3c-web-annotations-conference-tickets-10982205071?team_reg_type=individual
#
Loqi
Ok, I'll tell them that when I see them next
#
barnabywalters
which will cover a lot of the mentioning of people
#
aaronpk
barnabywalters: that's a much less daunting task!
#
barnabywalters
aaronpk: exactly
#
tantek
KevinMarks - I think it might be useful to avert some train wreckage of the RDF/XML variety by well-intentioned (albeit perhaps misled) folks
#
barnabywalters
so it would be really useful to have rel values to discover them
#
tantek
I'm thinking of going
#
barnabywalters
at least the mentions feed
#
aaronpk
to discover the mentions feed? interesting!
#
tantek
Doug Schepers reached out to me re: email
#
barnabywalters
aaronpk: yeah, it would be super useful for the crawl stage of shrewdness, my anti-spam tool
#
barnabywalters
aaronpk: also it could be used to discover a place to subscribe to to show push notifications on mentions
#
aaronpk
right!
#
tantek
KevinMarks - could be useful in particular to have at least 2 of us there to simultaneously debunk and post/tweet debunkings
#
aaronpk
yes I was thinking it would be useful for my mentions app!
#
tantek
you know, with URLs that can be cited
#
barnabywalters
e.g. “sign in with your URL”, and now you get push notifications whenever you’re mentioned, zero-config
#
KevinMarks
you mean I can tweet and you can do w3c memes?
#
Loqi
KevinMarks: tantek left you a message 2 minutes ago: any of you going to the W3C Workshop on Annotations tomorrow? http://www.w3.org/2014/04/annotation/ can apparently register late (today) as an "Interested Attendee" without a paper! https://www.eventbrite.com/e/w3c-web-annotations-conference-tickets-10982205071?team_reg_type=individual
#
aaronpk
KevinMarks++
#
tantek
disclaims any authorship of any w3cmemes
#
Loqi
KevinMarks has 18 karma
#
tantek
I leave that to hober ;)
#
aaronpk
tantek: do we need an /un-authorship page?
#
tantek
aaronpk - hope not!
#
KevinMarks
rel="not-me"
#
tantek
asserting everyting you're not (or didn't write) could take a while :P
#
aaronpk
just for the things you are explicitly disavowing, like you did in IRC just now ;)
josephboyle joined the channel
#
KevinMarks
8am in fort mason
#
KevinMarks
that is a bit of a bugger
#
tantek
check the schedule
#
tantek
I think opening keynote is a 8:30
#
tantek
which is still pretty harsh
#
KevinMarks
driving to fort mason to arrive any time before 10:30 is hard
#
tantek
hey tilgovi - are you the first paper / talk at 9:00?!?
#
tilgovi
you'll be there?
#
tantek
KevinMarks - I'd say Caltrain plus bus
#
aaronpk
sorry I can't make it! it's a bit far for me :/
#
tantek
tilgovi - was invited to register as an interested attendee by shcepers
#
tilgovi
hey sometime I need an extended indieweb hack time
#
tantek
so I may show up and call BS on all the RDF/XML and especially the PDF position papers
#
tilgovi
hehehe
#
tantek
tilgovi - IndieWebCampSF was awesome!
#
tantek
you should come by a Homebrew Website Club meeting too
#
tantek
next one is next wednesday 18:30-19:30
#
KevinMarks
it's 30 mins by bike around embarcadero, not too bad
#
Loqi
I agree
#
tantek
KevinMarks - yeah that's a pretty bike ride too
#
tilgovi
I have an idea to make hypothesis support webmention. I had been thinking about it as a webmention client, but I think it's equally or better suited as webmention service. Point your website at it, embed the js, and mentions get pulled in as external resources
#
KevinMarks
I signed up, I'll see when I cna get there. I need to think about the dogs here too
#
tilgovi
hosted webmention comments
#
tantek
tilgovi - I'd be interested in figuring out make hypothesis support webmention WITHOUT any JS
#
KevinMarks
talking of trains, I shoudl head out now
#
tilgovi
well it wouldn't require js for anything
#
tantek
tilgovi - we already have a working model for hosted webmention comments WITHOUT JS - Bridgy
#
tantek
maybe check out how Bridgy works?
#
KevinMarks
is going to 21st amendment for 7pm
#
tilgovi
this is different
#
tantek
tonight?
#
tantek
what's at 21a tonight?
#
tilgovi
i was saying js if you wanted to delegate the UI and inlining of the mentions onto the post
#
tilgovi
the whole point would be that your server doesn't need to hear about mentions. we receive them and then pull them in client-side.
#
tantek
tilgovi - yeah, I think barnabywalters has worked on something like that for embedding webmentions from webmention.io
#
barnabywalters
yep, voxpelli made a similar thing too
#
tantek
tilgovi - yeah, the "your server doesn't need to hear about mentions. we receive them" is currently implemented by webmention.io
#
tantek
you can separate the delegation of webmentions like that
#
tilgovi
and then that has an API for you to retreive them or something?
#
tantek
and then the display / JS embed
#
tantek
tilgovi right, webmention.io has an API
#
tilgovi
so I think we could easily implement this, too
#
tilgovi
it'd be cool
#
KevinMarks
drinks talking about SSL by default with Lucas Gonze, Mike Linksvayer et al
#
KevinMarks
from ~6.30 on
#
tilgovi
i did check out bridgy
#
KevinMarks
join if you cand
#
tantek
KevinMarks: do any of them have SSL by default on their own sites?
#
tilgovi
I want to use it in hypothesis to replies to shares back in
#
tilgovi
but i'm not there yet
#
tantek
just wondering if this is a selfdogfood conversation or a hopeful idealists conversation ;)
#
KevinMarks
I don't have ssl so I'm a hopeful idelaist
#
tilgovi
tantek: definitely it'd be great if you came at threw fire at rdf stuff
#
tantek
tilgovi - ok cool. that's good to hear. I'm happy to offer technical criticisms as long as people don't respond with personal attacks.
#
tantek
which unfortunately schepers has done to me before, so I'm suspicious, but am going to try again anyway.
#
tilgovi
well, I hope not. I can't personally vouch for everyone attending as I don't know many of them.
#
tantek
of course
#
tilgovi
but that's no good
#
tantek
I'm going to try to keep the critiques very idea/technology focused
#
tilgovi
I know he's not a uf fine
#
tantek
tilgovi - well I like to assume he's not against uf in concept at least
#
tantek
I want to give him the benefit of the doubt (still)
#
tantek
in the hopes that something will work out
#
tilgovi
I'm going to try to present a couple _very_ small ideas for dom events and then listen a whole lot and try to poke holes in things
#
tantek
ok I registered for the W3C Web Annotations Conference!
#
tantek
making that that early in the morning is going to be painful :/
#
tantek
tilgovi, I may want to sit next to you to get your feedback on how I can offer critiques in the most productive / receptive way possible.
#
tantek
tilgovi - what's the IRC channel for the conference and/or annotations crowd in general?
#
tantek
is it on Freenode or W3C IRC?
#
tilgovi
not sure for W3C IRC yet
#
tilgovi
there isn't a central, active channel for this all yet
#
tantek
so there's no existing channel you've been using as background chat?
#
tantek
just a mailing list somewhere presumably?
#
tilgovi
#hypothes.is and #annotator, but those are project focused
#
tantek
(old school)
#
tantek
(the list, not the project-focus)
#
tilgovi
one second
#
tilgovi
the annotations community group has been active, i'll get that adress
#
tilgovi
if you want it
#
tantek
might as well paste the archives URL here in IRC for folks to browse
paulcp joined the channel
lukebrooker joined the channel
#
tilgovi
but, fingers crossed this starts to transition to public-annotation@w3.org