#indiewebcamp 2013-11-10

2013-11-10 UTC
ryana, snarfed and acegiak joined the channel
#
@kevinmarks I just realised that for @Ev, medium posts count as POSSE. #indieweb I suppose tweets and blogger posts did too. (twitter.com/_/status/399327033622147072)
caseorganic and benprew joined the channel
#
@t @KevinMarks if Medium is POSSE, where's the original? #indieweb means you're posting on a personal domain. ... http://tantek.com/2013/313/t3/indieweb-means-posting-on-personal-domain (twitter.com/_/status/399328232560132096)
snarfed, ryana, tantek, benprew, scor and skinny joined the channel
#
@cznweb @steveklabnik @ashedryden @t arkOS would love to work with indieweb in the future! Big fan of the initiative (twitter.com/_/status/399375091706109952)
#
@fdevillamil RT @kevinmarks: I just realised that for @Ev, medium posts count as POSSE. #indieweb I suppose tweets and blogger posts did too. (twitter.com/_/status/399377640815341568)
ryana, tantek, benprew and bnvk joined the channel
#
KevinMarks I meant from Ev's point of view, they were reach his own site, until they weren't
#
KevinMarks *each
ryana joined the channel
#
@obra That is, in fact, a pretty damn good karaoke song. (Demoing #indieweb stuff at a $place with some @people) (twitter.com/_/status/399397892232060928)
tantek joined the channel
#
@t @aaronpk I think the fox song would hurt your voice! (also demoing #indieweb comments) (ttk.me t4Sy4) (twitter.com/_/status/399399161642377216)
ryana, benprew, brianloveswords, b0bg0d and tantek joined the channel
#
aaronpk holy crap I had no idea this was a thing http://www.youtube.com/watch?v=GGw99sTZd5g&feature=youtu.be (Hashtags: #MakeBuscemiSay)
ryana, skinny, benprew, andreypopp, bnvk and barnabywalters joined the channel
#
barnabywalters Ping aaronpk IWC.com down: http://isup.me/indiewebcamp.com/
ryana, bnvk and benprew joined the channel
#
pdurbin KevinMarks: I hadn't heard of this. Thanks. http://en.wikipedia.org/wiki/Open_University
#
pdurbin via https://twitter.com/kevinmarks/status/399392726916927488
#
@kevinmarks @debcha @anildash Americans call everything school, don't they? In the UK we call it the Open University
ryana, barnabywalters, bnvk_, ozten, benprew, LauraJ, snarfed, caseorganic, brianloveswords and jacook joined the channel
#
aaronpk barnabywalters: server crashed! rebooting now
caseorganic joined the channel
#
barnabywalters aaronpk: oh no!
#
aaronpk looks like it was out of memory, one of the sites got a huge spike of traffic really quick somehow
#
aaronpk going to see if I can figure out which one when it reboots
#
barnabywalters which other sites are hosted on there?
#
aaronpk good question
#
aaronpk looks like my aaron.pk/bookmarks site is, and the cyborgcamp sites
#
aaronpk ok it's back!
#
barnabywalters yay!
#
Loqi does a happy dance!
#
barnabywalters adds http://waterpigs.co.uk/notes/4SzE1F/ to /comics
netweb joined the channel
#
aaronpk lol!
#
waterpigs.co.uk edited /comics (+143) "/* IndieWeb Examples */ added example" (view diff)
#
barnabywalters is quite proud of the CC-BY-SA incorporation into the first frame
#
KevinMarks New silos forming http://www.theguardian.com/technology/2013/nov/10/teenagers-messenger-apps-facebook-exodus
#
barnabywalters KevinMarks: the cause/effect listed in that article (older family members joining and interacting) is a fascinating social dynamic
#
barnabywalters also demonstrates that facebook’s privacy and selective sharing UIs are inadequate
ryana, caseorganic, bnvk, benprew, shaners and snarfed joined the channel
#
@stefek99 mid-January-2-weeks tech retreat near Cambridge UK (1hr from London) Takers? CC #indiewebcamp @MailpileTeam https://twitter.com/stefek99/status/399599548558876672/photo/1 (twitter.com/_/status/399599548558876672)
tantek joined the channel
#
tantek aaronpk what happened to the reply-contexts here? http://aaronparecki.com/replies/2013/11/09/3/karaoke
bnvk joined the channel
#
aaronpk I think my reply context code isn't following the redeirects
#
aaronpk or it isn't matching the redirect with the data store
#
aaronpk hm what is the appropriate behavior there actually
#
tantek per HTTP follow redirects and then retrieve reply-context information from the h-entry etc.
#
aaronpk but, which do I store
#
aaronpk do I store the parsed h-entry with a key of the short URL or expanded URL?
#
tantek as a rule, start with, always store what the user explicitly entered into the UI
#
aaronpk ok then in that case I just need to add the flag to curl to tell it to follow redirets
#
tantek I think it makes sense to store both what user entered, and redirect destination URL
#
aaronpk I don't have anywhere to store the destination URL really
#
tantek doesn't the h-entry have its own permalink of the destination URL?
#
aaronpk hm yes... let me see if i'm using my reply-to url for that or what it parses from your html
#
aaronpk haha, there is a comment in my code:
#
aaronpk "When would I want to use the value in the h-entry for the URL instead of the URL I actually entered?"
#
Loqi awesome
#
aaronpk looks like I found a case for that
#
tantek aaronpk - though on the webmention receiving side, they're supposed to follow redirects as well too
#
tantek especially of their own short URLs
#
tantek which is the other side of the issue we've previously discussed
#
tantek (e.g. I have a note or two in reply to one of your short URLs)
#
aaronpk right. but it makes sense for me to link to the canonical URL I think
#
tantek that sounds right
#
tantek you may still want to preserve the original in the visible text
#
tantek because that's what the user entered
#
aaronpk well in this case, it's going to link to whatever the remote site reports as the canonical URL
#
aaronpk hm I don't actually have the URL visible anywhere
#
tantek you did on the reply-context
#
tantek or is that a fallback when you don't have the h-entry info?
#
aaronpk yeah it's fallback
#
tantek ah ok, then yeah, I agree
#
aaronpk oh funny, you don't actually have the post permalink in the HTML on your entries
#
tantek oh?
barnabywalters joined the channel
#
aaronpk at least not that the parser found
#
aaronpk http://pin13.net/mf2/?url=http%3A%2F%2Ftantek.com%2F2013%2F313%2Ft4%2Ffox-song-would-hurt-voice-indieweb-comments it actually thinks the h-entry URL is "http://tantek.com/"
#
aaronpk OHHH that's why my throat hurts this morning
#
tantek heh
#
tantek aaronpk - that URL appears to be implied incorrectly
#
tantek there's no explicit u-url for the h-entry
#
tantek looks like the parser is misimplying it from the nested p-author h-card
#
aaronpk aha
#
tantek hey barnabywalters ^^^
#
tantek (this is worth fixing)
#
barnabywalters tantek: Looking into it now
#
barnabywalters Switching devices
barnabywalters joined the channel
#
barnabywalters tantek: taking the current spec literally, I’m pretty sure that parsing is compliant http://microformats.org/wiki/microformats2-parsing#parsing_for_implied_properties
#
barnabywalters else if .h-x>a[href]:only-of-type then use that a[href] for url
#
barnabywalters obviously it *shouldn’t* be
#
barnabywalters so, that should read .h-x > a[href]:not([class]):only-of-type
#
barnabywalters or :only-child — IIRC the use-case was h-card around autolinked content e.g. in wikis <span class="h-card">[[User::Tantek.com]]</span>
#
barnabywalters which :only child would handle fine
#
tantek I think there was a reason I made it only of type
#
tantek hmm
#
tantek oh fascinating - this error only occurs on posts of mine with no links in the content
#
barnabywalters interesting. perhaps my css selector -> xpath conversion was inaccurate
#
tantek the :not([class]) may get too many false positives - e.g. folk using class names for styling
#
barnabywalters yeah, that’s true
#
tantek barnabywalters - no I mean, in my other posts, there are multiple links, therefore the :only-of-type selector does not apply
josephboyle and snarfed joined the channel
#
barnabywalters tantek: example? I see this happening to all your notes
#
tantek oh maybe all my notes only one one link at that level
#
tantek and the other links are inside the p.e-content
#
tantek hmm - too bad there is no selector like :not(.h-*)
#
tantek because that's what we really need (rather than :not[class])
snarfed joined the channel
#
tantek barnabywalters - would you be able to implement that?
#
tantek :not(.h-*)
#
barnabywalters yeah, xpath can do that
#
barnabywalters it might make things tricky for other implementations though
#
tantek ok then I'll put it in the spec and explain it (since it's not a real CSS selector)
#
barnabywalters did you remember what the problem with :only-child was?
#
tantek I'm guessing everyone is implementing this in xpath
#
tantek barnabywalters - I think there were cases like <span><img/><a></a></span>
#
barnabywalters ah okay
#
tantek or <span><a></a><img/></span> - like the little images that mediawiki puts after a link
#
barnabywalters surely they’re inside the <a>?
#
tantek I think I've seen it outside
#
barnabywalters weird
#
barnabywalters tantek: btw, latest indieweb comic implementation: http://waterpigs.co.uk/notes/4SzE1F/
#
tantek I saw! :)
#
barnabywalters to do: remove .p-name from content element when there’s a p-name inside it
#
jacook hello iwc :)
#
jacook i read that there is going to be a camp in NYC?
ryana joined the channel
#
jacook really interested in attending and supporting where I can
#
tantek jacook - awesome!
#
bnvk NYC IWC? When?
#
jacook i'm the one with the arkOS project (https://arkos.io)
#
bnvk Where?
#
bnvk jacook: ah cool, ive been hearing about that a lot
#
barnabywalters bnvk: http://indiewebcamp.com/2014/NYC
#
tantek.com edited /2014/NYC (+38) "add a volunteers line" (view diff)
#
tantek jacook let's start with add yourself to http://indiewebcamp.com/2014/NYC
#
tantek we need to add more structure to that page, but at least indicate your interest level there!
#
jacook ok cool!
#
tantek oh and add yourself to http://indiewebcamp.com/irc-people :)
#
bnvk barnabywalters: cool, thanks
#
bnvk i'm going to try to get Eben Moglen involved
#
bnvk jacook: are you NYC based?
#
jacook nah I'm in Montreal but can get down there pretty easily
benprew joined the channel
#
bnvk Cool. I keep hearing about ArkOS as a method for us to consider packaging Mailpile
#
jacook oh you work on mailpile??
#
jacook awesome :) yeah I would love to integrate it into arkOS when possible
#
bnvk jacook: yah, I'm the design, front-end part of the team
#
bnvk i'm gonna read up on your project now- nice site so far :)
#
jacook ty :)
#
bnvk what funding platform are you using?
#
bnvk looks like a self hosted open source thing?
#
jacook i made a custom one out of django, yeah
#
jacook so i could accept bitcoin + customize the look/feel better
#
bnvk nice
#
bnvk it's not an all or nothing campaign right? You'll get whatever you raise, correct?
#
jacook yep, it's analogous to a Flexible Funding type thing you'd see on IndieGogo
#
jacook hey does anyone know what is up with the web sign-in? it doesn't work for me even though I have the rel="me" set up for my links and my twitter profile points to my website...
#
aaronpk what's your site?
#
jacook https://jcook.cc
#
jacook and my twitter is @jcookcc
#
jacook i tried with github too but no go
#
aaronpk this: https://github.com/indieweb/wiki/issues/3
#
aaronpk i'm gona go fix that now
#
jacook ahh ok :D
#
aaronpk you are gonna have to enter explicitly https://jcook.cc on the wiki sign-in form though
#
jacook yup
cweiske joined the channel
#
bnvk aaronpk: w00t, I think jacook: is the second IndieWebber to use HTTPS :P
#
aaronpk well jeena filed the issue, so...
#
bnvk oh, so third maybe
#
jacook oh i didnt know jeena was here
#
Jeena all the former Tent users have https because we needed it for our entities ;)
#
jacook pokes Jeena
#
jacook haha exactly
#
Jeena hi jacook :D
#
Jeena so you need to change the GET parameter in the url until this is fixed
#
aaronpk is working on it now
#
Jeena if you readd the https:// then it will work
#
XgF is of the opinion that "ID over HTTP" = bad idea
#
aaronpk https is generally better for everything
#
aaronpk though it's currently not very "indie" due to the centralization of the way the root certs are distributed
#
XgF "Centralization"? You have ~100 providers to choose from!
#
XgF And whisking up a cert for a new domain takes me about 5 minutes
#
aaronpk yeah, but if you use firefox, you get your root certs from only them
#
XgF what?
#
aaronpk getting the cert isn't a problem, but adding a new trust is the problem
benprew joined the channel
#
XgF Whisking up a new /universally trusted/ cert (modulo things like Android 1.x, Windows 9x)
#
aaronpk for example I have my own root authority I use for stuff I use on my own. check out https://aaronparecki.com/
#
aaronpk you'll get a cert error cause you don't trust my authority yet
#
aaronpk but if you install http://aaronparecki.com/AaronPareckiCA.crt then you won't get the error anymore
#
XgF Sure, which is useless as a mechanism of proving identity
#
aaronpk right, that's my point
#
aaronpk you're using a centralized distribution network to decide whether to trust an SSL cert
#
XgF And you're using a centralized distribution network to find your domain
#
aaronpk yeah, that's also a problem
#
bnvk verifiability is SO dang hard!
ryana joined the channel
#
XgF Now, if somebody can convince the browsers to go for it, DNSSEC DANE would allow you to stick your certificates in DNS
#
XgF In the meantime, I'll go and grab my free class 1 certs from StartSSL
#
aaronpk now I'm not even sure what you're arguing :)
#
XgF Some form of cryptography should be required in asserting that me.com is me?
#
aaronpk that's not really in scope. all I/we care about is whether me.com is me.com, and whether the user claiming to have control over me.com actually does control it.
#
XgF Sure, and you can't actually verify that without TLS (all sorts of attacks in play)
#
aaronpk in other words, the indie web isn't really about a verifiable "real names" identity the way google+ and facebook want to tie your online presence to your real-world name
#
XgF For now we have to trust the CAs... in a DNSSEC/DANE world, you'll be able to get a trust chain that the webserver at me.com is operated by the domain's owner
#
aaronpk yes, for now we do, so we continue pushing forward with what we can.
#
XgF really needs to implement his unified auth Python package...
#
Jeena btw. now with pump.io you also need https and I think this will be used more and more
#
aaronpk p.s. i'm gonna break the wiki login for a minute while I work on this
#
XgF Pump is certainly pushing towards a TLS only future (but it needs some code changes so that this can be done without breaking the world)
#
pdurbin XgF: are you a fan of these? http://en.wikipedia.org/wiki/Key_signing_party
#
XgF pdurbin: Not really
#
XgF they don't scale
#
aaronpk I should get a startssl cert for the wiki
#
Loqi agreed.
#
aaronpk Jeena: jacook: could you try logging in to the wiki now?
#
Jeena sure
#
aaronpk thx
#
Jeena yeah! works without problems, thanks!
#
aaronpk great! and when you click on your user page link in the footer, it's just jeena.net right?
#
Jeena and I love the fact that it also works with browser id
#
aaronpk yeah! I was glad to add that
#
Jeena I really need to get it working on my own server some day so I won't need to use mozillas servers
#
aaronpk heh yeah, that's a whole nother process :)
#
Jeena I started doing it about two month ago but there is no real code there yet so you need to write quite a lot yourself.
#
aaronpk wow yeah I haven't tried yet
#
aaronpk wow you can close issues across repos
#
aaronpk with commit messages https://github.com/indieweb/wiki/issues/3
#
aaronpk "aaronpk closed this issue from a commit in aaronpk/IndieAuth-MediaWiki"
#
Jeena I got some code of one of the guys working on this stuff https://gist.github.com/seanmonstar/6529756 (I wonder when he will leave Tent and show himself here ^^)
#
aaronpk across orgs even
#
Jeena coo
#
Jeena l
ryana joined the channel
#
jacook aaronpk: twitter still gave an error for me but github worked this time!
#
aaronpk jacook: oh strange! what error did you get from tiwtter?
#
jacook it was during the scanning process, it still said that there was an error authenticating with twitter, but my site is in my profile and there is a rel="me" link on my homepage
#
aaronpk odd
stefek99 joined the channel
#
jcook.cc created /User:Jcook.cc (+141) "initial" (view diff)
#
aaronpk hmm anybody done the "class 2" validation at startssl?
#
Jeena not me
#
jacook i have
#
XgF aaronpk: I know somebody who's done it. Why?
#
aaronpk wondering if it's worth it since it costs $60
#
jcook.cc edited /2014/NYC (+48) (view diff)
#
jacook it is if you want more than one wildcard cert, given how much they cost elsewhere
#
jacook that's why I did it
#
aaronpk oh cool, so if you do that once you can get wildcard certs for free too?
#
Jeena is there some max length of the HTML on a page before the rel="me" links can come? I just did a rescan (because I wanted to try the twitter one) and now it doesn't find any rel="me" links on my site (it is quite big, 16KB of HTML)
#
Jeena (no sorry 7 KB)
#
aaronpk Jeena: no, looks like it's dying on your ssl cert
#
Jeena ah
#
jacook aaronpk: yes that is correct, as many as you want to verify
#
aaronpk i'm gonna make an issue to catch that error better since it's pretty common
#
jacook the 60$ is just a yearly fee
#
Jeena hm, it did work a couple of days ago
#
aaronpk Jeena: it just says "certificate verify failed"
#
aaronpk did you change the cert recently?
#
Jeena hm perhaps it is already older then one year or something hmm need to check that
#
Jeena no, I didn't
#
aaronpk my browser doesn't seem to complain...
#
XgF Jeena: Whats the URL?
#
Jeena https://jeena.net
#
aaronpk it does expire Dec 1 tho, might want to renew soon or add a calendar reminder
#
Jeena yeah
#
XgF oshepherd@Shinji:~$ openssl s_client -host jeena.net -port 443 -servername jeena.net
#
XgF 0 s:/description=PbtWdm2u7YqC9YH6/C=SE/CN=tent.jeena.net/emailAddress=postmaster@jeena.net
#
XgF Its' handing me the cert for tent.jeena.net
#
Jeena the ssl stuff is kind of complicated
#
aaronpk also I see "verify error:num=19:self signed certificate in certificate chain"
#
Jeena now I can't authenticate with startssl because I think I forgot to backup/copy this file they gave me a year ago
#
aaronpk oh yeah, funny. the browser doesn't mind the tent.jeena.net / jeena.net mismatch, but apparently indieauth does
#
Jeena I see
#
XgF Thats probably because your s_client isn't finding your cert store (the OpenSSL command line utilities are weird) and the StartCom root is included at the end of the chain (wasting ~1kb every connection)
#
Jeena I was so confused about this last year, it kind of forced me to add a subdomain so I added the tent.jeena.net one
#
Jeena https://www.startssl.com/?app=25#10 <- that is my problem
#
Jeena now I need to find out how to fix it
#
aaronpk Jeena: uhoh, yeah, you need that client cert when you first signed up
#
Jeena (I did it on a different computer back then)
#
aaronpk cause ther'es no password for startssl
#
XgF Subject Alt Name: jeena.net
#
aaronpk you might need to do this: https://www.startssl.com/?app=25#14
#
XgF So it's actuall ycorrect (aaronpk, perhaps your HTTP/TLS library is getting it wrong?)
#
Jeena ok thanks, I need to remember to back that up next time
#
aaronpk XgF: I include a ca-bundle on the server, maybe that root isn't in it? https://github.com/aaronpk/IndieAuth/blob/master/lib/relparser.rb#L21
#
aaronpk it is quite old apparently https://github.com/aaronpk/IndieAuth/blob/master/lib/ca-bundle.crt
#
XgF I spy Startcom Certification Authority in there, but still, I'd say you should probably just use your distro's package
#
aaronpk I added that one at one point cause most people's were failing with the default
#
XgF (Or maybe not... a lot of them have been known to scrape Mozilla's list without properly interpreting the flags, which means they include as roots certificates Mozilla have packaged with killbits)
#
XgF In general I find linux distro certificate bundle curation terrifying...
#
aaronpk well I now have an ssl cert on aaronparecki.com
#
aaronpk (startssl cert)
#
aaronpk and indieauth seems cool with it
#
Jeena I don't quite understand why they make me add at least one subdomain
#
aaronpk me either
#
aaronpk it's annoying
#
Jeena hehe perhaps I should just use pump.jeena.net
caseorganic joined the channel
#
Jeena or no, something I would be able to use for other stuff instead too
#
aaronpk yeah, mail maybe?
tantek joined the channel
#
Jeena yeah not a bad idea
ryana and josephboyle joined the channel
#
aaronparecki.com edited /wiki/ (+22) (view diff)
#
aaronpk Jeena: if you're on a mac, your client cert is stored in your keychain, so you can back up your keychain or export the new cert from there so you don't lose it in the future
#
aaronpk and now the wiki has an SSL cert https://indiewebcamp.com/
#
Jeena Secure Connection Failed
#
Jeena An error occurred during a connection to indiewebcamp.com. The OCSP server has no status for the certificate. (Error code: sec_error_ocsp_unknown_cert)
#
aaronpk what browser?
#
aaronpk looks fine to me in chrome and safari
jacook joined the channel
#
Jeena firefox
#
Jeena works fine in my chrome
jgraham909 joined the channel
#
aaronpk oh yea my firefox complains too
#
aaronpk looks like I didn't get the intermediate cert in there right...
ryana joined the channel
#
aaronpk uhh maybe not https://forum.startcom.org/viewtopic.php?f=15&t=2654
#
aaronpk "UPDATE2: By the next day (not sure how many hours) I was able to access my site without the OCSP error message from Firefox."
#
aaronpk i'm just gonna leave it and see what happens tomorrow
#
Jeena ok
ShaneHudson joined the channel
#
bret XgF: do you know how long it takes for evan to review PRs for pump typically?
#
XgF No, depends on how busy he is
#
Jeena it would be so awedome if Breaking Bads mr. White would play Captain Jean-Luc Picard in a Star Trek TNG reboot https://jeena.net/s/picard.png
#
XgF He should get around to it shortly? Looks like he's been a little busy on pump2tweet
#
bret oh nice
#
bret XgF: do you have recomendations for a single pump account as the main destination of a url?
#
XgF Sorry, I don't quite get what you're saying there
#
bret IE bret.io would be my pump profile rather than bret.io/bret or something
#
XgF Oh... I think Evan has said thats out of scope for "pump.io the software package" (made things a lot more complex in StatusNet)
#
XgF You could always stick a redirect in place though I suppose
#
bret hrmm
#
bret if I ran pump.bret.io/bret but had a cname for bret.io to [#indiewebcamp] if I ran pump.bret.io/bret but had a cname for bret.io to C
#
XgF One of the reasons I haven't setup a Pump myself yet is because I want to build a "More personal" implementation
#
bret to pump.bret.io/bret
#
XgF cnames don't do directories
#
bret oh dang
#
bret thats right
#
XgF Could do mod_rewrite or something
ryana, abrereton and tantek joined the channel
#
tantek aaronpk, nicely done with https on indiewebcamp.com!
ryana, KevinMarks, caseorganic and skinny joined the channel
#
bnvk skinny: is that you, Beasley?
friedcell, ryana, caseorganic, tantek, lukebrooker and skinny joined the channel