#indiewebcamp 2012-09-27
2012-09-27 UTC
# 
tantek FYI, comment thread about tent.io vs. status.net, indieweb in general: https://plus.google.com/u/0/+AdeOshineye/posts/PyeYfk45iNb
spinnerin and zztr joined the channel
dascher, tantek, danbri, tilgovi, friedcell and barnabywalters joined the channel
dascher joined the channel
# 
barnabywalters tantek: fab, thanks for that :) G+ discussion on tent.io is interesting. Considering joining in.
# barnabywalters me and discussions like that do not have a happy history. But it’s got to be worth a try
friedcell, stereoket, josephboyle1, dascher, eschnou and barnabywalters joined the channel
# barnabywalters any thoughts on tent.io’s caret (^) microsyntax for mentions?
# barnabywalters There’s already an established microsyntax which uses carets — for identifying the author of a post by an organisation or non-human account
danbri joined the channel
# 
@BarnabyWalters Build software *for* yourself which works *with* other software #indieweb
spinnerin and xtof_fr joined the channel
# 
@socialigniter Really good discussion about the #indieweb https://t.co/5k21mCcr
dascher, tilgovi, catsup, zztr and barnabywalters joined the channel
# barnabywalters Now I have my improved indieweb site on my identity domain, I want to have a crack at getting salmon working
# barnabywalters First for mentions/replies, then for private messaging
# barnabywalters I *could* test the entire process on my own, but it'll be much more fun to actually exchange messages with another site
# barnabywalters I can test with StatusNet for webfinger-enabled discovery, any volunteers to help test HTML based discovery?
barnabywalters_, barnabywalters and donpdonp joined the channel
# barnabywalters tantek: not yet, because it isn’t.
# barnabywalters this is really a #microformats discussion
# barnabywalters as it mainly involves getting an endpoint and a public key
# barnabywalters the endpoint can be expressed by a <link>
# barnabywalters there’s a vcard property for public keys, it’s not mirrored in hcard though
# barnabywalters I wasn’t sure about the best way of presenting the public key in a visible way
# barnabywalters oh, I missed that
# barnabywalters I have seen people actually present the key in plaintext on the site
# barnabywalters generally only hardcore nerds though
# tantek see http://microformats.org/wiki/examples for best practices of how to create a *-examples page :)
# barnabywalters absolutely
# tantek searching for "my public key" provides 80,000+ results: https://www.google.com/search?q="my+public+key"
# barnabywalters damn. can’t remember my µf password
# barnabywalters anyone know if aaronpk’s on holiday/otherwise away? Haven’t seen him around for a few days
# barnabywalters yay! logged in again.
tilgovi joined the channel
# tantek barnabywalters - great! looking forward to seeing your research & documentation of http://microformats.org/wiki/public-key-examples - feel free to reference http://microformats.org/wiki/hcard-brainstorming#key_property_for_webid as well
# barnabywalters tantek: so much to research :) I wonder if there are grants for this sort of thing
# barnabywalters one disadvantage (?) of the “build for yourself” approach is that you can’t really get funding
# barnabywalters whereas app.net, D* etc got *lots*
# barnabywalters true
# barnabywalters s/over-promise/scam :|
# barnabywalters tantek: do you have/know others who actively use public/private keypairs to do signing and verification and such?
# barnabywalters the more I read about them the more useful they seem
# barnabywalters okay, from brief research, there’s a clear pattern emerging
# barnabywalters keys are exposed as plaintext, either in a <pre> element or in their own file
# barnabywalters the file containing them is always linked from the homepage
# barnabywalters so as keys have well-defined, parseable headers and footers, all that’s needed is a signifier for the <a> tag
# barnabywalters looks for an existing rel value for this
# barnabywalters okay, rel="pgpkey" exists
# barnabywalters so the next thing to figure out is whether or not a PGP key can be used for salmon signing
# 
waterpigs.co.uk edited /discovery (+224) "Removed redundant info, added Public Keys section with links to microformats wiki" (view diff)
# barnabywalters +1
# barnabywalters I <del>had</del> stole a working implementation of message signing/verification, so I’ll generate a PGP keypair and see if it’ll work with existing keys
# barnabywalters the magic sigs spec is quite strict about the type of key it uses, but if we can use a keytype which is widely used, that trumps a barely-implemented spec
danbri joined the channel
# barnabywalters pgp is not boding well :| I’m confused already
dascher and dascher_ joined the channel
# barnabywalters okay, immediate impressions of PGP: It’s much more complicated than ssl (which I believe is used by magic signatures) and it’s not compatible
# barnabywalters the second answer to this stackoverflow question is interesting: http://stackoverflow.com/questions/4952339/ipsec-vs-openssl-vs-pgp
# barnabywalters but I have no authority when it comes to cryptography. Any suggestions anyone?
# barnabywalters on the one hand, PGP is widely implemented to encrypt conversations
# barnabywalters on the other hand, SSL is *really* widely implemented, but less so for message passing, more for network traffic
# barnabywalters tantek: TBH I’m not well up on key types and such. I’ve managed to get it to work using a keypair generated by openSSL utils, but that’s not to say it *uses openssl* assuch
# barnabywalters so openSSL is more straightforward from my dev perspective, and existing salmon implementations seem to use it
# barnabywalters whereas key-presentation research points toward PGP being the more widely used system
# barnabywalters getting late here. Goodnight all!
tilgovi and tantek joined the channel