#indiewebcamp 2013-11-11

2013-11-11 UTC
ryana joined the channel
#
stefek99 Dear #indiewebcamp --> just before going to sleep --> if anyone is interested --> https://twitter.com/stefek99/status/399599548558876672 (feel free to visit me in the UK) EOM
#
@stefek99 mid-January-2-weeks tech retreat near Cambridge UK (1hr from London) Takers? CC #indiewebcamp @MailpileTeam https://twitter.com/stefek99/status/399599548558876672/photo/1
jgraham909, lukebrooker, ryana, snarfed, tilgovi, b0bg0d, caseorganic, tantek, skinny and skinny_ joined the channel
#
@offrayLC Support the future of the self-hosted Web: https://fund.arkos.io/ #Crowdfunding + #IndieWeb (twitter.com/_/status/399734309839310848)
igalic, bnvk, ryana, thatryana and josephboyle joined the channel
#
@cznweb RT @offrayLC: Support the future of the self-hosted Web: https://fund.arkos.io/ #Crowdfunding + #IndieWeb (twitter.com/_/status/399738242767273984)
caseorganic, ryana, thatryana and bnvk joined the channel
#
Loqi [mention] http://andysylvester.com/2013/11/11/adding-hcard-information-to-my-about-page/ linked to http://indiewebcamp.com/Getting_Started (pingback)
ryana joined the channel
#
Loqi [mention] http://andysylvester.com/2013/11/11/adding-hcard-information-to-my-about-page/ linked to http://indiewebcamp.com/Getting_Started (pingback)
#
Loqi [mention] http://andysylvester.com/2013/11/11/adding-hcard-information-to-my-about-page/ linked to http://indiewebcamp.com/Getting_Started (pingback)
bnvk, KevinMarks, b0bg0d, caseorganic, skinny, ryana and cweiske joined the channel
#
roblord.org edited /IRC_People (+56) (view diff)
bnvk, skinny, ryana, dsbrooks, cweiske, caseorganic, cweiske_, josephboyle, abrereton, realz, tantek and snarfed joined the channel
#
@ijpulidos RT @offrayLC: Support the future of the self-hosted Web: https://fund.arkos.io/ #Crowdfunding + #IndieWeb (twitter.com/_/status/399801473267408896)
LauraJ, andreypopp, ryana, abrereton, b0bg0d, bnvk, skinny, friedcell, neirpyc, netweb, pfefferle, adactio and aaronpk joined the channel
#
@BillKenneth RT @offrayLC: Support the future of the self-hosted Web: https://fund.arkos.io/ #Crowdfunding + #IndieWeb (twitter.com/_/status/399853991158624256)
pfefferle, BjornW, barnabywalters, skinny, ryana, bnvk, caseorganic, friedcell and brennannovak joined the channel
#
caseorganic brennannovak: hi from london!
caseorga_, ryana, brianloveswords, caseorganic, _6a68, ozten, tantek, snarfed, bnvk, brennannovak and friedcell joined the channel
#
ozten I can't make the unhosted gathering this week, but will be looking for interesting links to get a snapshot of where the project is at
bnvk, igalic, josephboyle, benprew, caseorganic, b0bg0d, snarfed and ryana joined the channel
#
bret the unhosted pdx looks rad... I think ill try to make it
#
bret thanks for the heads up ozten?
#
bret !*
#
ozten bret: you bet
#
aaronpk this? http://lanyrd.com/2013/unhostedpdx/
#
bret yeah
#
aaronpk neat
#
bret not on calegator. I'll try to add it
#
aaronpk cool
#
aaronpk i won't be able to make it unfortunately
#
bret :(
caseorganic and andreypopp joined the channel
#
snarfed unhosted++, those guys are rad
#
Loqi unhosted has 1 karma
#
bret http://calagator.org/events/1250465199
#
Loqi UnhostedPDX Hackathon on Saturday, Nov 16, 10:00am at Mozilla
caseorganic, tilgovi and bnvk joined the channel
#
snarfed hi all! checking on the current state of the art for indieweb likes/favorites…
#
snarfed based on http://indiewebcamp.com/like and http://indiewebcamp.com/responses, it looks like it's just u-like and a webmention, similar to a reply
#
snarfed and may not even need a u-in-reply-to
#
snarfed does that sound right?
#
snarfed it sounds reasonable. i'm not implementing it right now, but i'll run with that when i do.
#
snarfed.org created /star (+22) "alias star to favorite" (view diff)
paulcp and b0bg0d joined the channel
#
b0bg0d is there an unhosted.org style Indie-Web-as-a-Service implementation of the Indie Web RT environment (IWRiTE) :)
#
b0bg0d and, moreover, once IWRiTE is running in a browser tab, how do I push that *tab* to the cloud as my server?
tobiastom joined the channel
#
bret b0bg0d what is the Indie Web RT environment?
#
b0bg0d ideally, it's a Web Component. :)
#
b0bg0d it's the canonical-ish implementation of the methods, protocols and formats in JS. just add identity (domain) and data (tbd) and you're riding the indie web.
#
bret hrmm... I dont think that exists right now
#
b0bg0d that's correct. i don't live in the present. i live six months from now.
#
b0bg0d ;)
#
snarfed mind if i ask you about a couple horse races?
#
snarfed :P
#
b0bg0d i didn't say i full spectrum visibility to the future, just that I live there.
#
b0bg0d you may call me, The Product Manager
#
bret i've beein using prose.io for a while, which lets me edit my jekyll blog all client side in browser, but that depends on the Github api to write to a remote git repo
#
b0bg0d exactly.
#
b0bg0d so is http://litewrite.net/
#
b0bg0d that relies on http://remotestorage.io/ for storage
#
snarfed remoteStorage++
#
Loqi remoteStorage has 1 karma
#
b0bg0d but, presumably, the competition btwn Goo Drive, DropBox, et al. data storage APIs are imminently avail/apropos
#
b0bg0d bbiab
#
snarfed to your higher level point, from the little i know so far, it seems like indieweb people are definitely aware of the unhosted ideas, and like them, but haven't done a lot of concrete integration work yet
#
snarfed so we'd welcome leadership and rough shipped code in that area
#
b0bg0d i'm ramping up to contribute in that way :)
#
snarfed awesome!
cweiske joined the channel
#
b0bg0d fyi, this is me: http://www.linkedin.com/in/roblord
#
snarfed btw you and tantek and others at moz, i'm guessing we'll eventually see some org leaning in that direction too
#
snarfed thanks! but yeah i/we already know
#
snarfed glad you're here!
#
b0bg0d koo. thanks.
#
b0bg0d yes. user utility/agency/sovereignty is def on story/brand/mission @ moz :)
#
snarfed definitely. that message has been coming through well over the last year or two
#
b0bg0d go-to-market establishing critical mass is nearly as tricky as implementation.
#
b0bg0d actively noodling...
#
b0bg0d runs off for quick lunch before mtg
b0bg0d and jacook joined the channel
#
bret b0bg0d way cool I love it!
#
bret client side editing and storage, backed by remote storage! All you need now is a webapp that pulls in the data like the client does, and make a website out of it
bnvk joined the channel
#
aaronpk byob
#
aaronpk bring your own backend
#
bret b0bg0d what do you think you are going to work on first? I'm excited :)
#
bret Ohh remote storage has a node backend]
b0bg0d, shaners and SRCR joined the channel
#
hadleybeeman B0bg0d: I'm loving your vision
paulcp_ joined the channel
#
b0bg0d @hadleybeeman merci
#
b0bg0d back
paulcp joined the channel
#
@mastorna @strikeux the #indieweb movement is underway! cc @t (twitter.com/_/status/400011355824336897)
#
jacook yay
#
Loqi woot
tantek, b0bg0d, snarfed and andreypopp joined the channel
#
tantek.com created /responses, (+23) "redirect for bad Colloquy autolinking a link in the channel" (view diff)
paulcp, bret and abrereton joined the channel
#
tantek.com edited /responses (+14) "link repost" (view diff)
bnvk joined the channel
#
tantek hey snarfed, I think there's at least a rough passive consensus that u-like is the way to link to thinks that are liked, and that a post (h-entry) containing a u-like *is* just a "like" post. (rather than having an explicit "like" type post)
#
tantek see also repost: http://indiewebcamp.com/repost
#
snarfed great! thanks for the confirmation
#
snarfed and the u-like link is standalone, ie the h-entry doesn't also need a u-in-reply-to?
tantek and _6a68 joined the channel
#
brianloveswords My friend just asked me “Do you have any good books / posts you would recommend on the subject of federated networks?” – anyone have any recommendations?
#
hadleybeeman brianloveswords: It's a bit outdated now, but I use this for newbies https://www.eff.org/deeplinks/2011/03/introduction-distributed-social-network
#
tommorris I think the general opinion here is distrust of anything involving the word "federated".
#
aaronpk lol
fmarier joined the channel
#
@kevinmarks @obra unified ux can be tricky if the person at the other end is seeing a different one. Nuances of POSSE #indieweb (twitter.com/_/status/400035305434009601)
#
bret tommorris: why is that?
#
tommorris bret: because we've seen lots of federated snake oil that doesn't really go anywhere
#
pdurbin tommorris: what about SAML?
#
tommorris don't know much about SAML other than that it is a very complex thing that's attached to OpenID ;)
tobiastom joined the channel
#
pdurbin well, it's way older than OpenID
#
pdurbin looks at http://en.wikipedia.org/wiki/Federated_identity
#
ozten brianloveswords: Not a book, but this brownbag video is quite good for finding references https://air.mozilla.org/centralized-personal-data/
#
tommorris oh sure. I know that the OpenID people thought it very important to include compatibility with SAML and LID and XRI and a bunch of other things nobody cares about much anymore. ;)
#
bret when did 'federated' start popping up?
#
aaronpk i don't think saml is attached to open id...
#
aaronpk it's a very enterprisey thing though, but pretty cool
#
tommorris identi.ca - federated microblogging, dozens of proposals for federated social networks over the years
#
pdurbin tommorris: maybe it's just because I'm in higher ed, but our users definitely want federated login via SAML/Shibboleth
#
bret brb
#
aaronpk it's kind of like oauth, but without needing a communication channel between the two servers
#
aaronpk which makes it really handy because you can auth users against an auth server which is inside a firewall and doesn't actually have an internet connection
#
b0bg0d unearthed this just now: http://randomwalker.info/publications/critical-look-at-decentralization-v1.pdf
tantek, lukebrooker and barnabywalters joined the channel
#
barnabywalters good evening #indiewebcamp
#
brianloveswords Good evening barnabywalters !
#
barnabywalters I’d be interested in feedback about http://waterpigs.co.uk/intertubes/ if anyone wants to have a play
#
barnabywalters spent the evening working on styling and debugging and such things
snarfed joined the channel
#
KevinMarks_ you can have OAuth without communication channels - 2-legged OAuth - it means you need to explictly trust the other party though
#
barnabywalters RE why “federation” is distrusted — IMO it’s because the default path a whole bunch of “federated” projects went down caused their focus and goals to shift further and further away from actual interoperability
#
pdurbin KevinMarks_: interesting. looking at http://blog.nerdbank.net/2011/06/what-is-2-legged-oauth.html . thanks
#
barnabywalters is 2-legged oauth what evanpro was/is using for dialback auth?
#
KevinMarks_ 2-legged mostly means 'some admin at your site gave access to all users for a given app'
#
barnabywalters looks like it’s used a bit: https://github.com/e14n/pump.io/blob/master/API.md#2-legged-oauth
paulcp joined the channel
#
barnabywalters lol “I can barely understand OAuth 1.0 and I can't figure out OAuth 2.0 at all, so I'm sticking with 1.0.”
#
barnabywalters that feels familiar
#
pdurbin oh, he'd love SAML ;)
#
aaronpk KevinMarks_: but oauth requires the consumer be able to communicate with the auth provider
#
aaronpk saml does not
#
pdurbin aaronpk: but in many (most?) cases, the consumer/user *does* communicate with (log in via) the auth provider with SAML, no?
#
aaronpk not in the cases I've seen
#
aaronpk also consumer != user
#
aaronpk pdurbin: imagine you have your own SAML provider sitting on your home network, and you don't expose it to the internet, it only has a local IP address
#
aaronpk you visit my site and I ask you to sign in using your SAML provider. Assuming I've pre-negotiated a few things, I just direct your browser to your local IP address.
#
aaronpk you come back to my site with the SAML assertion, and I can verify it without talking to your SAML server
#
aaronpk because math
#
barnabywalters woah, that *is* pretty cool
#
pdurbin aaronpk: so in this scenario you're running a SAML Service Provider (SP) in the cloud (from my perspective) and I'm running a SAML Identity Provider (IdP) on my local network
#
aaronpk yeah, a pretty common use case in enterprise land
#
pdurbin ok. I've been thinking mostly about implenting the SP side. makes sense
#
aaronpk yeah, it's pretty cool actually.
#
aaronpk minus the whole ugly xml part
#
aaronpk but if you look past that...
#
pdurbin aaronpk: did you use simplesamlphp? or write your own thing?
#
aaronpk I haven't implemented it yet actually :)
#
barnabywalters pretty cool apart from the ugly xml — sounds familiar…
#
aaronpk barnabywalters: haha yeah, seems to be a recurring thing. Also quite likely we'll be saying the same thing about JSON in another 10 years :)
#
Loqi hahahaha
#
barnabywalters probably, but could it be implemented a la webmention, using mainly HTTP?
#
aaronpk not sure, I'd have to take a look at the protocol in more detail
#
barnabywalters or is federated indieauth a better target for federated URL-based identity+auth?
#
aaronpk that would be interesting...
#
aaronpk they're pretty different from each other, mostly due to the crypto in SAML and intentional lack of crypto in indieauth
#
barnabywalters http://indiewebcamp.com/distributed-indieauth requires the consumer to verify the code with the server
#
aaronpk not requiring communication channel between consumer and provider is cool. but the trade-off is there's a setup step before you can use it.
#
barnabywalters ah
#
aaronpk not sure if there's been much work done to try to bootstrap that part automatically. I imagine there's some RFC extension to SAML sitting around somewhere for it.
#
KevinMarks_ my former colleagues at salesforce have done a lot of work on bridging SAML and OAuth
josephboyle joined the channel
#
KevinMarks_ http://www.salesforce.com/platform/identity/
caseorganic joined the channel