GWGCommon practice is to use content-(format) for the different formats. I think I could switch to just having template parts for the differing headers and footers and a single content file to stitch them together.
brettantek re: the reader subscription list stuff from yesterday. I understand your idea much better now and am totally onboard with the idea of using h-cards instead of the old style import/export patterns
tommorrisI actually had reason to use Twilio recently - I went to France and had no roaming on my iPhone. I wanted to post something to my site, so I could actually post it from my Â£10 Nokia 1000 phone while roaming in France.
gRegor`peat: I was going to suggest setting the <p> margin to be top and bottom instead of just bottom. Spaces it out better from some other text with no margins, like the "See [[Main Article]]" links.
aaronpkso while these are good suggestions, the end result is that will solidify indieauth.com as the best implementation of an indieauth client, causing more people to use it, making it look more and more like a silo
aaronpkthe feedback i'm hearing from GPG people is they all assume i'm doing something with key servers and checking the contents of the key and such... it's really much simpler than that and I hope that's ok
aaronpk"This is why PGP keyservers are networked for synchrony. If one has it, they all have it. Publishing one's fingerprint far and wide (say, in the .signature appended to one's e-mails) makes it more difficult to substitute a public key with a fake."
gRegor`I think so. With the important caveat that if your key is available over http, they don't have to compromise your server to impersonate you, just MITM your site. I'd be concerned about someone new to indieweb / crypto putting a GPG key on their non-secure site.
bearin the realm of GPG web of trust - you *must* not trust a public key (hashed or otherwise) unless you trust the people who have signed the key and you verify that by pulling down from a key server the full key
JonathanNealWould someone help me understand why indiewebcamp might require I re-authenticate after a relatively short period of inactivity? Am I perceiving things incorrectly? Or is there a great rhyme or reason to this?
JonathanNealThat seems promising then. I would much prefer to put my own siteâ€™s login behind lock and key, and let every other site be password free without even selecting an additional authentication method.
tantekKartikPrabhu: anyway - just some thoughts - I find that UIs with faces like that are much friendlier, more humanizing, and the little splash of color at the end of a paragraph would help break up the b&w
willnorris!tell tantek, could you release your NewBase60 implementation in Cassis under a â€œtraditionalâ€ permissive license (Apache, MIT, BSD, etc). Iâ€™m getting a lot of pushback over the BY-SA license from Google lawyers in trying to release my Go port.
Loqitantek: willnorris left you a message 50 minutes ago: you release your NewBase60 implementation in Cassis under a â€œtraditionalâ€ permissive license (Apache, MIT, BSD, etc). Iâ€™m getting a lot of pushback over the BY-SA license from Google lawyers in trying to release my Go port.
gRegor`KartikPrabhu: Possible webmention authorship scenario a la checkmention: Site A is a multi-author site and the article links to the author's personal site B. Not sure how to get around it, since the author is unlikely to link to Site A with a rel-me
JonathanNealIf this is how it works, then it means we trust, in order 1. some site to accurately read ours without compromise, 2. our site to accurately return some third party service without compromise, and 3. some third party service to return our logged in state without compromise.
JonathanNealIf I am right in this understanding, I see no reason not to let my own website authenticate me, say, with a JSONP call to /whoami.js that executes whoami(my_data) or requires whatever further authentication methods I prefer for my own site. I control the blanket or selective whitelisting of other sites, etc.