#indiewebcamp 2012-11-02

2012-11-02 UTC
tantek and zztr joined the channel
# 02:52 
tantek.com created /creator (+22) "r" (view diff)
# 02:53 
tantek.com edited /User:Tantek.com (+576) "skills" (view diff)
wajiii-afk, borior, barnabywalters, adactio, hober and melvster joined the channel
# 12:20 
melvster hi all .. i met tantec at TPAC this week and he suggested visiting this channel ... im interested in participating in indie web if possible! :)
# 12:20 
barnabywalters hey melvster, welcome to #indiewebcamp!
# 12:21 
melvster thanks!
# 12:21 
barnabywalters the best place to look is the getting started page on the wiki: http://indiewebcamp.com/Getting_Started
# 12:21 
barnabywalters do you have your own domain already?
# 12:21 
melvster reading now
# 12:23 
melvster barnabywalters: ok so i have a personal domain at http://melvincarvalho.com/ it contains information about me, my social graph, some of my interests, and a distributed 'like' button that i was prototyping ...
# 12:23 
melvster let me look at POSSE
# 12:24 
barnabywalters melvster: are you in the UK too?
# 12:24 
melvster barnabywalters: i have some family there but i move around a bit
# 12:26 
melvster so i have a couple of blogs one wordpress, one smob but i dont think smob is developed anymore but it used to be a distributed microblogging service
# 12:26 
melvster but i suppose i can write a simple blogging engine if necessary
# 12:26 
barnabywalters hm, I have not come across smob before
# 12:27 
barnabywalters I think there are a few wordpress plugins which allow you to do POSSE-like publishing from WP
# 12:27 
melvster it's quite old and im not sure if its still maintained
# 12:28 
barnabywalters I’m seeing PHP errors on the front page
# 12:28 
melvster hmm maybe i should just remove it
# 12:29 
barnabywalters right now, quite a few of us are writing our own indieweb blogging/microblogging software
# 12:29 
melvster thanks for the heads up ... yes that does look a bit of a mess!
# 12:29 
melvster oh cool
# 12:29 
barnabywalters and we tend to be open sourcing useful components we’ve built instead of the entire things
# 12:29 
melvster i see
# 12:29 
barnabywalters e.g. I made a microformats 2 parser
# 12:30 
barnabywalters I think the general approach is “I’m going to make something which works for me right now, and the release it to the public when it’s stable”
# 12:30 
melvster one thing i discussed with tantek was that maybe it would be cool if we could get a prototype of person to person messaging working
# 12:30 
melvster facebook have this feature and it's quite popular
# 12:30 
melvster but they are a single site
# 12:31 
barnabywalters melvster: private messaging (as in secure, encrypted)?
# 12:31 
barnabywalters there was some work done at IWC portland this(?) year to develop person-to-person messaging: http://indiewebcamp.com/projects#IndieWeb_Messaging
# 12:32 
melvster barnabywalters: i like to build things with an incremental approach where possible, so to begin with you might not need encryption and/or security for the initial prototype, but that can be layered on top after you reach step 1 ... does that make any sense?
# 12:32 
barnabywalters melvster: sure!
# 12:33 
barnabywalters so it looks like http://aaronparecki.com/2011/213/article/1/indieweb-messaging is a working if insecure protoype
# 12:33 
barnabywalters which has been implemented on a couple of sites
# 12:33 
barnabywalters so that looks like a good starting point to build from
# 12:33 
melvster so the 3 classic models i take for messaging are 1) postal mail 2) email 3) the teleophone ... it strikes me that in those 3 scalable systems the key thing is to know the address/identity of the other party in a non colliding way
# 12:35 
melvster the web version of this it would be logical to use an HTTP URI
# 12:35 
barnabywalters absolutely
# 12:35 
melvster and for messaging it could be as simple as HTTP POST
# 12:36 
barnabywalters I think that’s what indieweb-messaging proposed
# 12:36 
melvster great!
# 12:36 
barnabywalters all you need to do to send a message is send a POST request to the recipients url
# 12:36 
melvster facebook also have a pretty nice API to do this RESTfully
# 12:37 
barnabywalters melvster: I have not played with the fb messaging API, but I do know they expose XMPP
# 12:37 
melvster https://developers.facebook.com/docs/reference/dialogs/send/
# 12:38 
melvster you basically have the recipient, a title, the descriptoin
# 12:38 
barnabywalters my ideal for 1-1 messaging on the web would be something like indieweb-messaging, but with public key verification and encryption
# 12:38 
melvster but in their case they add a link and a picture too (optionally)
# 12:38 
melvster have you seen crypto cat?
# 12:39 
barnabywalters it’s something I did have a go at implementing using Salmon, but turns out Salmon’s hideously complicated and depends on Webfinger which is yuk.
# 12:39 
barnabywalters melvster: nope (looks up)
# 12:39 
melvster well webfinger we just dont know what it will be right now ... it's in its 4th year and changes often, but great idea in principle
# 12:39 
melvster ive heard that everyone implements salmon differently yes
# 12:40 
melvster an interesting point on webfinger
# 12:40 
barnabywalters melvster: I used to think webfinger was the solution to all our identity problems. Then I tried to actually use it, and now I hate it ;)
# 12:40 
barnabywalters DRY violating, dependant on non-web IDs which can be hugely confusing… I’m not keen on webfinger
# 12:40 
melvster i was explaining it to timbl (tim berners lee) at tpac this week and he said the most logical place to get information on an email address is SMTP!  he also said they actually implemented it but turned if off as it was deemed a security risk :)
# 12:41 
barnabywalters hah, that makes sense!
# 12:41 
barnabywalters just like the only way to “verify” an email address is to send mail to it :)
# 12:42 
barnabywalters I didn’t know the IANA had rolled out the .cat domain yet!
# 12:43 
melvster david dahl of mozilla did a very impressive demo of encyrpt/decrypt in the browser
# 12:43 
melvster so maybe we can do better than crypto cat using shared secrets, security by obscurity, or assymetric pki
# 12:44 
barnabywalters actual cryptography is more singpolyma’s field than mine
# 12:46 
melvster 'bob.com asks alice.com "did you send this message?" and presents a small factoring problem to solve'
# 12:46 
melvster interesting
barnabywalters_ joined the channel
# 12:48 
melvster nice that you can use curl
barnabywalters_ joined the channel
# 12:48 
barnabywalters_ melvster: yep, it’s a nice straightforward protocol
# 12:49 
melvster did you know there's a way to attack a public key onto curl?
# 12:49 
barnabywalters_ melvster: ooh, that sounds interesting
# 12:49 
melvster either a GPG key or a .p12 or SSH key works with it I think
# 12:50 
melvster im not saying that the best way to do it, just that it's a possible option
# 12:50 
melvster --pubkey
# 12:51 
melvster --key
# 12:51 
barnabywalters_ my previous attempt to do verifiable 1:1 messaging on the web was pretty much indieweb-messaging but wrapped in a magic envelope
# 12:51 
melvster is for the private key
# 12:51 
barnabywalters_ is off to have lunch. Back in a bit
# 12:52 
melvster that works too ... ok nice to chat to you!
# 12:52 
barnabywalters_ you too :)
barnabywalters, morrocco_mole, dascher, zztr, sandeepshetty, borior, tilgovi, aaronpk_ and josephboyle1 joined the channel