#indiewebcamp 2014-01-30

2014-01-30 UTC
npdoty and pfenwick joined the channel
#
@t
much #IndieWeb Bridgy & #IndieAuth progress! Come to 6:30pm Homebrew Website Club in SF & Portland TONIGHT: http://tantek.com/2014/029/t1/indieweb-progress-bridgy-indieauth-homebrew-tonight
(twitter.com/_/status/428686180717445120)
#
@aral
RT @t: much #IndieWeb Bridgy & #IndieAuth progress! Come to 6:30pm Homebrew Website Club in SF & Portland TONIGHT: http://tantek.com/2014/029/t1/indieweb-progress-bridgy-indieauth-homebrew-tonight
(twitter.com/_/status/428686351459176448)
#
@snarfed_org
RT @t: much #IndieWeb Bridgy & #IndieAuth progress! Come to 6:30pm Homebrew Website Club in SF & Portland TONIGHT: http://tantek.com/2014/029/t1/indieweb-progress-bridgy-indieauth-homebrew-tonight
(twitter.com/_/status/428686889642496000)
scor, snarfed, poppy and npdoty joined the channel
#
aaronpk
dietrich: you at mozsf already? I'm next door at whole foods
lukebrooker joined the channel
#
@benwerd
Want to own your own site & data? There's still time to go to Homebrew Website Club in SF or PDX: http://indiewebcamp.com/events/2014-01-29-homebrew-website-club
(twitter.com/_/status/428707237754699776)
#
@evanpro
RT @benwerd: Want to own your own site & data? There's still time to go to Homebrew Website Club in SF or PDX: http://indiewebcamp.com/events/2014-01-29-homebrew-website-club
(twitter.com/_/status/428707386258632705)
KartikPrabhu1, snarfed1 and pfenwick joined the channel
#
snarfed1
aaronpk, dietrich: joining the vidyo soon
#
snarfed1
er, right after i fix my nick
snarfed and melvster joined the channel
#
bret
See everyone at mozpdx in a few :)
#
dietrich
snarfed: we're live
#
snarfed
great! us too. switching irc to phone
snarfed joined the channel
#
aaronpk
snarfed: can you hear us?
#
aaronpk
we see your giant face
#
snarfed
not yet
#
snarfed
ok. working on it
#
aaronpk
do you have a bad wifi connection or something? the video keeps stopping
#
snarfed
hrm sorry
#
snarfed
video is ok for us, but no audio yet
#
aaronpk
our audio?
#
snarfed
yeah. and you can't hear us?
#
aaronpk
I can hear you just fine
#
dietrich
snarfed: can you hear us in pdx?
#
dietrich
snarfed: we hear you a-ok
#
snarfed
any vidyo experts have any suggestions?
#
aaronpk
i don't know what the problem is?
KevinMarks joined the channel
#
dietrich
we're testing our audio - let us know when you can hear us
#
aaronpk
Kevinmarks: can you hear us?
#
KevinMarks
no, we can't hear you
#
dietrich
we can hear SF just fine
snarfed1, chloeweil and fmarier joined the channel
#
dietrich
snarfed: we confirmed our audio working, might be audio out on your end
#
snarfed
ok, end to end seems happy
KevinMarks joined the channel
#
KevinMarks
working now
#
bret
snarfed: can you hear us?
#
bret
snarfed1: can you hear us?
#
snarfed
yup.you can't hear us?
j12t joined the channel
#
bret
snarfed is doing introductions
#
@kevinmarks
#indieweb @snarfed_org: the way we interact with people falls into silos, walled gardens and we want to bring interactivity back to the web
(twitter.com/_/status/428718637802078208)
#
dietrich
maybe next time we do audio conference call, and just use vidyo with no audio.
#
bret
we should try something, yeah, audio is painful here
#
@kevinmarks
#indieweb @snarfed_org: the first part of Homebrew Website Club is Random Access - everyone talks to the group, then peer to peer
(twitter.com/_/status/428718792118902784)
#
aaronpk
snarfed: don't forget to mention IRC!
KartikPrabhu and benwerd joined the channel
#
benwerd
Audio is coming in and out from PDX
#
bret
we are getting an echo
#
dietrich
snarfed: turn on echo cancellation in your vidyo client
#
j12t
get close to the mic
#
sparverius
we turned off our mic
#
KevinMarks
we also muted this end
#
sparverius
and that seemed to fix
#
bret
aaronpk is working on indiauth and micropub
#
bret
so that he can use apps that others have written to post onto his site
#
j12t
hey aaronpk thanks for fixing the #IndieAuth SSL issue
#
bret
extending oath in order to enable micropub
#
aaronpk
dietrich: metafluff.com
#
aaronpk
has been playing with the nike+ API to pull data out
#
aaronpk
has been playing with cloud9 for running nodejs apps
marjolein joined the channel
#
aaronpk
benjaminchait.net:
#
aaronpk
recently moved to portland, saw the futuretalk by caseorganic a couple weeks ago and wanted to check out the group
#
aaronpk
andysylvester.com
benjaminchait joined the channel
#
aaronpk
barely getting started, coming at it from the user perspective, learning how to set up the indieweb components on wordpress. made a video on setting up webmention
#
aaronpk
bret.io
#
sparverius
we cant see you bret
#
aaronpk
student at PSU, running a jekyll website. working on re-implementing a lot of it in node
#
dietrich
sparverius: he's showing up fine in the selfview here, hmmm
#
aaronpk
Poet - takes a jekyll website, loads into memory and serves it, so may switch to running that
#
aaronpk
perrywagle (IRC: wagle) interested in long-term storage of old photos
#
sparverius
dietrich: we're only seeing half of the speakers lol. i guess we're cropping
#
aaronpk
has a bunch of photos and wants to scan them in and have them last a hundred years. copying to new media, etc
#
KevinMarks
how do I spell weigel
#
bret
sparverius: should I pan up?
#
benwerd
Ben O'Steen at the University of Oxford was doing some great work on digital resource preservation
#
bret
thats everyone!
#
sparverius
you should join #archiveteam if you're into long term storage
#
KevinMarks
[realising noterlive needs hCard import from website as well as twitter]
#
sparverius
#archiveteam-bs
#
sparverius
the main channel is for AT discussion only
#
Loqi
definitely
#
aaronpk
can someone in SF take notes in IRC?
#
aaronpk
i'll try too, but usually works better from the main location
#
benwerd
snarfed loves doing stuff on his own website
#
benwerd
most of his friends are non-technical, so he meets them where they are
#
@kevinmarks
#indieweb @aaronpk: if you're not in the IRC channel for indiewebcamp, http://irc.freenode.net #indiewebcamp
(twitter.com/_/status/428719342864576513)
#
@kevinmarks
#indieweb @aaronpk: I've been working on micropub and indieauth to post on my site using other people's UI
(twitter.com/_/status/428719453153816576)
#
@kevinmarks
#indieweb @dietrich: I've at http://metafluff.com Cloud9 makes editing and running node easy without your own server
(twitter.com/_/status/428719744532111361)
#
@kevinmarks
#indieweb @benjaminchait: I just moved to portland, I'm at http://benjaminchait.net and fascinated by the indieweb idea
(twitter.com/_/status/428719968814120960)
#
@kevinmarks
#indieweb @bretolius: I'm getting distracted by a project called Poet that takes a Jekyll website, loads it into RAM and serves it
(twitter.com/_/status/428720383819513856)
#
@kevinmarks
#indieweb @snarfed_org: I love doing stuff on my own website, but I need ot meet friends where they are
(twitter.com/_/status/428720921801916416)
#
sparverius
snarfed did bridgy
#
benwerd
snarfed has been working on brid.gy which sends webmention replies to your site from third-party silos like facebook
#
aaronpk
recently got event RSVPs working in bridgy
#
@kevinmarks
#indieweb @snarfed_org: I work on brid.gy, which sends likes, favorites and retweets back to your indieweb site from fb/twitter
(twitter.com/_/status/428721079440658432)
#
aaronpk
thinking about how to do semi-public posts, and connect with silos
#
benwerd
he's been thinking about how to do private or semi-public posts with respect to POSSEs and webmentions
#
aaronpk
how we make that works seamlessly
#
benwerd
(ceding to aaronpk because he's much faster)
#
@kevinmarks
#indieweb @snarfed_org: also thinking about private or semi-public posts, to do messaging. That's still hard
(twitter.com/_/status/428721190396788736)
#
aaronpk
leahculver:
#
aaronpk
benwerd: she's harder to hear, you might need to type
#
@kevinmarks
#indieweb @leahculver: I'm interested in mobile stuff, so maybe I came to the wrong meetup
(twitter.com/_/status/428721282646282241)
#
@kevinmarks
#indieweb @leahculver: everything is walled gardens, and the overhead to make an app is too high
(twitter.com/_/status/428721335502921728)
#
KevinMarks
(if anyone can get me urls/twitter handles
#
@kevinmarks
#indieweb @IdentityWoman: I'm excited that more people are interested in how people manage their identity online
(twitter.com/_/status/428721560464400384)
#
snarfed
I'll talk people to speak up
wagle-prime joined the channel
#
aaronpk
thanks!
#
@kevinmarks
#indieweb @IdentityWoman: openid connect is launching in a couple of weeks and we now aren't sure thta si what we were building
(twitter.com/_/status/428721633990565889)
#
bret
maybe stand where snarfed was :) heard him great!
#
@markmadsen
RT @kevinmarks: #indieweb @leahculver: everything is walled gardens, and the overhead to make an app is too high <apps are throwback to aol
(twitter.com/_/status/428721673588994048)
#
aaronpk
benwerd: werd.io
#
wagle-prime
i'm here now
#
aaronpk
been building open source community platforms for a while now
#
snarfed
I'm right next to the mic :P
#
@Halley
RT @kevinmarks: #indieweb @snarfed_org: I love doing stuff on my own website, but I need ot meet friends where they are
(twitter.com/_/status/428721781537771521)
#
@kevinmarks
#indieweb @benwerd: I've been interested in open source community platforms for along time. I'm building a new one at idno.co
(twitter.com/_/status/428721788739387392)
#
aaronpk
snarfed: if you think you might host more, I might ship you a mic for the conference table that plugs in to USB
#
benwerd
kevinmarks: I've been interested in social stuff for ages
#
aaronpk
snarfed: can't hear a thing from the far end of the room
#
sparverius
can i connect the video chat?
#
benwerd
kevinmarks: my own website is a bit of an apology at the moment
#
benwerd
kevinmarks: building noterlive, which he's using to livetweet, which dumps html that he can manually upload
#
snarfed
:( sorry guys. working on the Mic
#
benwerd
kevinmarks: also building an android twitter client that "behaves how twitter used to behave"
#
aaronpk
if someone connects from the other end of the room with a mic it might work
#
sparverius
aaronpk: uri?
#
aaronpk
dietrich: is looking for the link again
#
benwerd
kevinmarks: wants to add more non-twitter functionality
#
benwerd
let's you interact with the messages in an open way like you used to be able to when it came in as SMS messages
#
KevinMarks
noterlive.com
#
aaronpk
whoa that worked!
#
KevinMarks
and I need to post my android app to play
#
bret
oh noes
#
bret
it worked then stopped
#
snarfed
damn ok.trying again
#
sparverius
oh i have a chromebook, im not getting into vidyo
#
snarfed
audio better again?
#
dietrich
snarfed: yesss
#
snarfed
damn, sorry sparverius
#
snarfed
good, sorry for the delay guys
#
wagle-prime
I will enter myself on the wiki/website when I have my album website going (just bought the disks before coming here)
#
benwerd
jernst: "what's the indieweb software that's ready to go, and what should be on it?" something like owncloud
#
benwerd
something like idno
#
benwerd
something like mediagoblin
#
benwerd
re: indiebox
#
aaronpk
andykmccoy
#
aaronpk
working on building home system for listening to arduinos
tantek joined the channel
#
benwerd
evening tantek
#
bret
sounds way cool! is there a site associated with the adruino/raspi project?
#
aaronpk
(also what is his domain?)
#
KevinMarks
I think I may be in twitter jai;
#
tantek
reads the logs
#
tantek
is stuck in SEA for 2+ more hours (than planned) :(
#
KevinMarks
andykmccoy.com
#
KevinMarks
sparverius: what was yout URL?
#
sparverius
KevinMarks: 4c4d.com
#
sparverius
it's hard to say out loud, lol
#
sparverius
people always get it wrong :/
#
@IdentityWoman
RT @kevinmarks: #indieweb @IdentityWoman: openid connect is launching in a couple of weeks and we now aren't sure thta si what we were buil…
(twitter.com/_/status/428723322306564096)
#
@IdentityWoman
RT @kevinmarks: #indieweb @IdentityWoman: I'm excited that more people are interested in how people manage their identity online
(twitter.com/_/status/428723337271836672)
#
aaronpk
wow great turnout tongiht!
#
aaronpk
snarfed: is that everyone from SF?
#
benwerd
that is all of us. now discussing @N
#
aaronpk
it might be a good idae to break up into SF/PDX because of the low link quality
#
benwerd
+1, will bring up in a moment
#
snarfed
all of us, yup. Will say so
#
aaronpk
snarfed: can you mute your mic? we'll leave the video on
#
bret
iwantmyname has 2 factor authentication for increased security against domain fraud
#
wagle-prime
cool
#
aaronpk
snarfed: can you mute?
#
snarfed
I muted, right? Will check again
#
benjaminchait
snarfed yup, thanks!
#
@hol_wily
RT @kevinmarks: #indieweb @IdentityWoman: I'm excited that more people are interested in how people manage their identity online
(twitter.com/_/status/428725630713466880)
#
KevinMarks
that thing where your website crashes while you're using it to livetweet
#
tantek
KevinMarks - awesome. Selfdogfooding FTW!
benwerd_ joined the channel
#
tantek
openid connect? people were/are still working on that?
indiewebcamp-vis joined the channel
#
dietrich
portland is doing an IRC client and perma-client overview
#
tantek
good to get more people on IRC!
#
tantek
(and off of email)
#
tantek
LOL at "Random Access - everyone talks to the group" - actually it's "Broadcast - people take turns speaking with the mic to the group" ;)
#
wagle-prime
yeah, except my irc-scrollback server aint letting me connect
#
KevinMarks
heh, I thought that sounded wrong
#
@HilllGrace
RT @kevinmarks: #indieweb @snarfed_org: I work on brid.gy, which sends likes, favorites and retweets back to your indieweb site from fb/tw…
(twitter.com/_/status/428728294121672704)
#
bret
aaronpk: talking about micropub
#
tantek
my indieweb achievement for the week was load testing Bridgy event invitations/RSVPs + Loqi webmention notifications :D
#
Loqi
woot!
#
tantek
KevinMarks - how many folks made it to the SF meeting?
#
tantek
can you take a photo and upload it to https://indiewebcamp.com/Special:Upload ?
#
tantek
snarfed, dietrich ^^^
#
tantek
Historical note: "Random Access" is what HCC called the 2nd half of their meetings where people would go break off into small groups
#
tantek
"[Memory] Mapping" is what they called their first part where people stood up and said what they'd gotten working recently, or were interested in, or had a question about (mapping out the participants as it were by subject area)
#
KevinMarks
lets see how that works from my phone
#
tantek
KevinMarks - web uploads work from my iPod no problem
#
kevinmarks.com
uploaded /File:Hwcsf20140129.jpg "Homebrew Website Club SF 2014-01-29"
#
KevinMarks
so how do i embed that?
#
kevinmarks.com
edited /events/2014-01-29-homebrew-website-club (+48) "/* Photos */ add group photo"
(view diff)
#
KevinMarks
the photo posting UI for the wiki needs help
#
aaronpk
you can always hot-link photos from flickr or your own site
#
KevinMarks
defaulting to full size is rather funny, given how big photos are now
#
tantek
awesome!
#
tantek
need more SF RSVPs!
#
snarfed
!tell tantek thanks for the terms clarification. should have done my homework! fortunately it's still going ok
#
Loqi
Ok, I'll tell him that when I see him next
tantek joined the channel
#
Loqi
tantek: snarfed left you a message 4 minutes ago: thanks for the terms clarification. should have done my homework! fortunately it's still going ok
#
tantek
snarfed: Hence the smiley :) looks like it's going great!
#
tantek
In other news, boarded! Will "only" be 1hr later than expected.
#
benwerd_
safe flight!
#
tantek
Thanks!
#
tantek
Great photo KevinMarks !
#
tantek
Oh the other indieweb thing I did in the past week - major update to the home page
#
tantek
indiewebcamp.com
#
tantek
If anyone is still at either meeting - would appreciate all feedback!
#
aaronpk
ah forgot about that, andysylvester just left but would have loved to get his feedback!
tilgovi and tantek-ipod joined the channel
#
tantek-ipod
Well if people felt it was seamless then I guess that's good :)
#
snarfed
we will tantek! Still actively talking here in sf
benwerd_ and tilgovi joined the channel
#
tantek
Great! Saw some new faces - would appreciate fresh look feedback.
squeakytoy2 and snarfed1 joined the channel
#
@hol_wily
RT @kevinmarks: #indieweb @leahculver: I'm interested in mobile stuff, so maybe I came to the wrong meetup
(twitter.com/_/status/428741078934892544)
#
tantek
Huh? I hope benwerd showed leahculver all the awesome stuff he has working on mobile web idno
#
bret
were going over dropbox hax :D
#
bret
set your mac screenshots folder to dropbox
#
KevinMarks
they were chatting
#
bret
put your applications folder in bittorrent sync/dropbox
#
@Wesley_Jensen_
RT @kevinmarks: #indieweb @bretolius: I'm getting distracted by a project called Poet that takes a Jekyll website, loads it into RAM and se…
(twitter.com/_/status/428741595887063040)
#
KevinMarks
I put my code in a google drive folder so its backed up before I git push it
#
tantek
Liftoff
fmarier_ and npdoty joined the channel
#
wagle-prime
people really taking off now
snarfed joined the channel
#
@aaronpk
@kevinmarks @leahculver definitely not the wrong meetup! Check out this demo app I made that... #indieauth #micropub http://aaronparecki.com/replies/2014/01/29/2/micropub-indieauth
(twitter.com/_/status/428746043782483968)
npdoty and snarfed1 joined the channel
#
snarfed1
KevinMarks, benwerd, nick doty: https://github.com/snarfed/open-in-app
pfenwick1 joined the channel
#
@Foxx_Shannon
RT @kevinmarks: #indieweb @leahculver: everything is walled gardens, and the overhead to make an app is too high
(twitter.com/_/status/428749637408018432)
KartikPrabhu, snarfed and kesterb joined the channel
#
@_DerekSnyder
RT @kevinmarks: #indieweb @leahculver: everything is walled gardens, and the overhead to make an app is too high
(twitter.com/_/status/428753366089744384)
snarfed joined the channel
#
@_KarlFisher
RT @kevinmarks: #indieweb @leahculver: everything is walled gardens, and the overhead to make an app is too high
(twitter.com/_/status/428756143343927296)
netweb, snarfed and fmarier joined the channel
#
@HilllGrace
RT @kevinmarks: #indieweb @IdentityWoman: openid connect is launching in a couple of weeks and we now aren't sure thta si what we were buil…
(twitter.com/_/status/428757840220938240)
bnvk joined the channel
#
@RaymondLee85
RT @kevinmarks: #indieweb @IdentityWoman: openid connect is launching in a couple of weeks and we now aren't sure thta si what we were buil…
(twitter.com/_/status/428767086056574976)
#
@dietrich
@EnglishMossop no, but i like the idea of a homebrew brewing club... (it's actually http://indiewebcamp.com/ )
(twitter.com/_/status/428765814729105408)
#
@Mattt_Richards
RT @kevinmarks: #indieweb @snarfed_org: the first part of Homebrew Website Club is Random Access - everyone talks to the group, then peer t…
(twitter.com/_/status/428768339021037568)
squeakytoy and tantek joined the channel
#
tantek
Docked.
cweiske joined the channel
#
@_KarlFisher
RT @kevinmarks: #indieweb @snarfed_org: the first part of Homebrew Website Club is Random Access - everyone talks to the group, then peer t…
(twitter.com/_/status/428774880709206016)
benwerd joined the channel
#
@JuliaSHanson
RT @kevinmarks: #indieweb @IdentityWoman: I'm excited that more people are interested in how people manage their identity online
(twitter.com/_/status/428777344317546496)
#
@Foxx_Shannon
RT @kevinmarks: #indieweb @IdentityWoman: I'm excited that more people are interested in how people manage their identity online
(twitter.com/_/status/428777361799401472)
snarfed joined the channel
#
snarfed
!tell tantek welcome back!
#
Loqi
Ok, I'll tell him that when I see him next
#
snarfed
and great meeting tonight, all. thanks to everyone who came out!
#
snarfed
i'm throwing some quick notes onto http://indiewebcamp.com/events/2014-01-29-homebrew-website-club#Notes . feel free to add your own!
#
@Marion_Jensen
RT @kevinmarks: #indieweb @leahculver: everything is walled gardens, and the overhead to make an app is too high
(twitter.com/_/status/428780069751123968)
caseorganic joined the channel
#
@RubyCampbelll
RT @kevinmarks: #indieweb @snarfed_org: I work on brid.gy, which sends likes, favorites and retweets back to your indieweb site from fb/tw…
(twitter.com/_/status/428784460075896833)
#
snarfed
lots of really inspiring ideas. can't wait to start hacking on some of these! http://indiewebcamp.com/events/2014-01-29-homebrew-website-club#SF_P2P_Section
snarfed joined the channel
tantek joined the channel
#
Loqi
tantek: snarfed left you a message 36 minutes ago: welcome back!
#
tantek
thanks snarfed!
bnvk joined the channel
#
@benwerd
Another great evening at Homebrew Website Club. I'm once again feeling privileged to get to hang out with the #indieweb community.
(twitter.com/_/status/428789950553657344)
dvirsky, Jihaisse, pfenwick and pfefferle joined the channel
LauraJ joined the channel
#
@benwerd
Friends asking me about a London chapter of Homebrew Website Club. Is there something close? #indieweb
(twitter.com/_/status/428812705344925696)
eschnou and Sebastien-L joined the channel
#
@Almudenai7pf7
RT @t: much #IndieWeb Bridgy & #IndieAuth progress! Come to 6:30pm Homebrew Website Club in SF & Portland TONIGHT: http://tantek.com/2014/029/t1/indieweb-progress-bridgy-indieauth-homebrew-tonight
(twitter.com/_/status/428816088886157312)
bnvk, pfenwick1, barnabywalters and glennjones joined the channel
#
@Albina3xk7l
RT @t: much #IndieWeb Bridgy & #IndieAuth progress! Come to 6:30pm Homebrew Website Club in SF & Portland TONIGHT: http://tantek.com/2014/029/t1/indieweb-progress-bridgy-indieauth-homebrew-tonight
(twitter.com/_/status/428832875073769472)
pfefferle and glennjones joined the channel
#
jonnybarnes
!tell KevinMarks thanks for the homebrew website club notes
#
Loqi
Ok, I'll tell them that when I see them next
pasevin, pfefferle, bnvk, indiewebcamp-vis, scor and CheckDavid joined the channel
#
jonnybarnes
brain-storming, if I generate an OAuth token for my site to give to waterpigs.co.uk for example. What are some ways of storing the token on my end?
#
cweiske
database, be it mysql, postgres or sqlite
#
cweiske
session-like files
#
cweiske
with the token as filename
#
barnabywalters
jonnybarnes: what both aaronpk and myself are doing is to not actually store the token
#
cweiske
one file with all in them, but that gives locking problems - so better a db
#
barnabywalters
but to make the token an encrypted JSON structure which gets passed around
scor joined the channel
#
barnabywalters
when a request comes in with the token, you try to decrypt it
#
barnabywalters
if it decrypts, it’s valid, otherwise it isn’t
#
cweiske
doesn't that make the tokens really long?
glennjones joined the channel
#
barnabywalters
cweiske: depends on how much data you encode. the ones we’re using are typically quite small
#
barnabywalters
certainly small enough to be passed around in POST request bodies with little latency
#
barnabywalters
it does make it more difficult to revoke tokens
#
cweiske
indeed
#
barnabywalters
e.g. you can’t easily run a “delete all tokens for this user before this date” query
#
jonnybarnes
yeah, when I asked aaronpk to test my login script that means somewhere on my VPS is a valid token that *I* could then theoretically use to post stuff to his site
#
jonnybarnes
if I could be arsed finding where laravel stores its session info
#
jonnybarnes
maybe its already encrypted though
#
barnabywalters
jonnybarnes: I think laravel encrypts it’s cookies, but you have the key, so you can decrypt it
#
barnabywalters
that is one downside to this whole micropub thing — if one site is compromised, it potentially gives the attacker access to many sites
#
jonnybarnes
I might take this as an excuse to try out redis
#
barnabywalters
jonnybarnes: redis is very cool. never used it as a cache or with PHP, but it’s pubsub stuff is really useful
#
cweiske
it's a key-value store
#
cweiske
but for your simple use case, a plain sqlite db should be enough, and needs much less setup
#
barnabywalters
in my experience redis requires almost no setup at all
#
cweiske
if you have redis running
#
cweiske
the typical lamp stack doesn't have that
#
barnabywalters
sure, but if you can install packages, the single command it takes to install and run redis is far less overhead than setting up tables in sqlite
#
cweiske
i.e. a single create statement?
#
barnabywalters
I still haven’t managed to memorise the syntax for create statements
#
barnabywalters
especially as it differs for each database
#
barnabywalters
whereas starting a redis process happens automatically when you install it
chloeweil, pasevin, glennjones, scor and wagle-prime joined the channel
KevinMarks joined the channel
#
Loqi
KevinMarks: jonnybarnes left you a message 2 hours, 56 minutes ago: thanks for the homebrew website club notes
Sebastien-L, chloeweil, adactio and bnvk joined the channel
#
aaronpk
It's worth pointing out that the issue barnabywalters points out is not new, it already exists with any oauth service like Facebook, twitter, etc
#
barnabywalters
aaronpk: oh absolutely
#
aaronpk
That's why a lot of these services make it really easy to see what apps you've authorized and revoke if needed
#
barnabywalters
but spreading keys around more just means that secure connections, trust and ability to revoke keys are more important
#
aaronpk
I think this really just makes existing issues more obvious
#
aaronpk
And it should encourage app developers to be stricter about handling security because of that
#
aaronpk
For example maybe a note posting interface doesn't actually need the token stored server side! Maybe it can store it in a client side cookie
#
aaronpk
Then there's no token to protect on the server, and you don't need to worry about even storing it anywhere
#
aaronpk
In fact we should probably encourage that as a pattern
igalic joined the channel
#
barnabywalters
yep, that sounds like a good behaviour to encourage
#
aaronpk
Things that do need to store the tokens are apps that should be able to post when the user is not at their computer
#
aaronpk
For example an app that PESOS photos from Instagram or music from last.fm
muesli joined the channel
#
aaronpk
When my server grants access tokens I might even choose to generate an access token that lasts only an hour when logging in to jonnybarnes app
#
barnabywalters
aaronpk: so you’d make offline-access a permission which would only need to be granted to certain apps?
#
aaronpk
Which brings up some interesting possibilities with the auth server
#
barnabywalters
that’d be a simpler UI than making the user specify timescales
#
aaronpk
Because some auth servers may not have the concept of offline access
#
barnabywalters
either the token gets stored in a cookie on the user’s machine, or you explicitly specify that an app needs offline access
#
aaronpk
You know how benwerd made that twitter oauth mockup a long time ago?
#
aaronpk
"Checkboxes bitches"
#
barnabywalters
I think I saw that, yes
#
barnabywalters
offline access could be an optional thing
#
aaronpk
Where the user could check or uncheck scopes they are granting to apps when logging in
#
barnabywalters
of course, you still have to trust the app that they really are storing the token in an encrypted cookie
#
aaronpk
That way all apps don't have to be immediately aware of all scopes from all auth servers
#
aaronpk
And eventually some scopes might grow more popular and so more auth servers would support them
#
cweiske
but imagine that you're using 5 services via tokens, but have 3 devices (home, work, mobile) to access the app that uses these services
#
aaronpk
Yep, you have to trust the app, which is reasonable because why else would you be using it. As long as you have a way to easily revoke apps then it's pretty safe
#
cweiske
you need to have login on every service on every device
#
cweiske
s/to have/to/
#
Loqi
cweiske meant to say: you need to login on every service on every device
#
aaronpk
cweiske there's no imagining necessary. You already do this with Facebook and twitter etc
#
cweiske
but cookie-stored tokens are a nuisance then
tantek joined the channel
#
aaronpk
How is it different from storing a cookie with your login session to the device?
#
cweiske
I thought we talk about me->my app->[many services]
#
aaronpk
You have to store *something* on each device for each service
#
cweiske
only a cookie for my app, but not for each service that my app uses
#
tantek
wow good morning #indiewebcamp!
#
aaronpk
This is not a new thing, this is really just OAuth. The new thing is applying OAuth to personal websites
#
barnabywalters
good morning tantek
#
aaronpk
So all the patterns you would have used for OAuth apply here
#
aaronpk
Good morning Tantek!
#
aaronpk
I am going to submit an OSCON proposal on this btw!
#
aaronpk
Still need a good name, I'm thinking "The Future of OAuth"
#
cweiske
I think we're talking past each other
#
cweiske
you said that tokens to services should be stored in the user's cookie
#
cweiske
but when web-based application needs to access 3rdparty services with the token stored in my cookie, I have to re-login to all services on every device
#
cweiske
even if I don't use them directly but through my webbased app
#
aaronpk
Yes. Because you need to log in to the third party service on each device anyway
#
cweiske
but if I do a normal oauth process, and my webapp stores the token, then I don't have to do it
#
tantek
Future of OAuth is good
#
aaronpk
And how would you log in? Hopefully with your IndieAuth server, not a unique user/pass for that service
#
tantek
or perhaps even The Present & Future of OAuth
#
tantek
since you are doing things *that work today*
melvster joined the channel
#
aaronpk
tantek: good point!
#
cweiske
so why would I have to login to e.g. twitter on my phone, when my webapp already has the token that I once registered via my desktop?
#
aaronpk
How are you logging in to the web app on your phone?
#
cweiske
why does this matter?
#
tantek
aaronpk - perhaps a step by step user flow may help explain it better
#
tantek
along with a parallel attacker flow - to show where / why you need the login steps
#
barnabywalters
just fixed a bunch of bugs in my article posting flow, turns out nothing has been syndicating to twitter for a couple of days — hrm
#
tantek
funny that it took you days to notice, must not be caring as much about that silo ;)
#
barnabywalters
tantek: I wonder why no-one was replying, as some of them were actually phrased as explicit questions ;)
#
barnabywalters
s/wonder/did wonder
#
Loqi
barnabywalters meant to say: tantek: I did wonder why no-one was replying, as some of them were actually phrased as explicit questions ;)
brianloveswords joined the channel
#
tantek
good morning brianloveswords!
#
brianloveswords
Good morning tantek !
#
@nxD4n
@amaury merci, mais ton tweet devrait aparaître sur mon site :-( digging deeper http://nxd4n.nixekinder.be/webmention-and-semantic-link-back/
(twitter.com/_/status/428903749113761793)
#
aaronpk
I have to run!
#
aaronpk
Gotta go do things IRL
bnvk, scor, snarfed, LauraJ and adactio joined the channel
#
snarfed
pfefferle: hi! saw your comment on the semantic-linkbacks bug
#
snarfed
oh, i understand now. closed comments, meaning, if the post is closed to comments
#
pfefferle
have to improve my english skills a bit ;)
barnabywalters joined the channel
#
snarfed
no! closed is the right word. i was confused myself.
#
snarfed
your english is much much better than my german :P
#
pfefferle
that's possible :)
bnvk joined the channel
#
Jihaisse
pfefferle: what I can say in german : 2 mal bier bitte
#
Jihaisse
that can save a life
#
pfefferle
Jihaisse indeed :)
#
pfefferle
Jihaisse deux bière s'il vous plaît
#
Jihaisse
oh yes !
#
Jihaisse
good game pfefferle
#
pfefferle
had french in school
#
pfefferle
loooong time ago!
#
Jihaisse
I didn't learn german
#
Jihaisse
but I have a friend who lived near coburg
#
Jihaisse
he live now near stuttgart
#
Jihaisse
(yes, he works at porsche)
#
pfefferle
oh, thats not that far away from where i live
#
Jihaisse
I go there in february
#
Jihaisse
for he's birthday
LauraJ joined the channel
#
pfefferle
party at porsche?
#
Jihaisse
surprise party
#
Jihaisse
he didn't know we are comming
scor, LauraJ, KevinMarks, skinny, benjaminchait and benjaminchait1 joined the channel
#
KevinMarks
that'll be the last godaddy domain I have
#
benjaminchait1
kevinmarks - beyond that, any other consensus or ideas from sf last night on the topic of @n?
#
KevinMarks
someone said "set your DNS TTL high so you have time to argue with your registrar if hijacked"
#
KevinMarks
that's the scary part - that hosted domains can be easier to attack than silos
npdoty, _6a68, iangreenleaf and benjaminchait joined the channel
#
benjaminchait
I understand the premise of a high TTL to 'protect' a registrar hijacking—but isn't social engineering a challenge anywhere (i.e. silo'd email provider)?
benprew joined the channel
#
benjaminchait
I'm all for tips and tricks, but at the end of the day, what methods should my family and friends use to protect themselves online? Or do we rely entirely upon those companies with whom we choose to do business?
#
npdoty
I think it's just worth thinking about because the domain is such a high and multi-valued thing
#
peat
... for what it's worth, Hover and the Tucows family of domain registrars have been very good to me. They've helped me through several incidents where I needed to reclaim "peat.org" ... I can't recommend them highly enough.
caseorganic, tilgovi, caseorga_ and snarfed joined the channel
#
snarfed
aaronpk, dietrich, thanks again for hosting the pdx side last night!
#
snarfed
and apologies again for the rough parts in sf
#
snarfed
seems like it went well despite
paulcp, scor, KartikPrabhu, barnabywalters, npdoty and bnvk joined the channel
#
dietrich
snarfed: yeah we'll get a system down
#
aaronpk
i'm curious to try the camera+mic setup I got next time at esripdx
#
aaronpk
although I suspect a jawbone speaker might work quite well too
#
dietrich
snarfed: next time, someone on your end should audio-conference in with a mic in the middle of the table, and video-only from where you had it last night
#
dietrich
and i have the secret code and instructions to have moz's overhead mics work now
#
dietrich
aaronpk: yeah a jambox in the middle of the table would be fine
#
dietrich
hm, i need to do surgery on my jambox...
#
aaronpk
snarfed: this is the usb mic I got. it's cheaper than a jambox http://www.amazon.com/gp/product/B001TGTDFM (unless you already have a jambox)
#
KevinMarks
the stick mic being passed around thing we did at Mozilla seemed to work well
#
snarfed
aaronpk: sounds good, thanks
#
aaronpk
i'll be using that next time at our office
#
snarfed
i have to admit, the dedicated hardware at the moz sites is definitely nice
#
snarfed
(and elsewhere i've done VCs)
#
KevinMarks
microphony is hard
#
aaronpk
it's not that hard if you have $$ and time
#
KevinMarks
and care about it, yep.
hallettj joined the channel
#
Jeena
finally got around it and implemented the media stuff in my notes https://jeena.net/notes/37 https://jeena.net/notes/36
chloeweil joined the channel
#
snarfed
awesome!
#
Jeena
and if you use flickrs oembed url with https you get the urls for the images also as https urls
#
snarfed
polish like that is great
#
snarfed
jealous!
tantek, j12t, caseorganic and j12t_ joined the channel
#
tantek
jeena, that looks quite slick! *also jealous*!
dvirsky joined the channel
#
Jeena
tantek is http://tantek.com/ your notes index page?
#
tantek
it's a composite index page
#
tantek
I just mostly post notes
#
Jeena
I see, do you have a dedicated notes index page?
#
Jeena
I'm asking because I need to think about how to get updates from indieweb notes if I want to build some kind of a reader without rss and atom
#
EHLOVader
so were you all talking about tld because of the icann changes for other tlds?
dvirsky_ joined the channel
#
tantek
I don't have a dedicated notes index page (yet)
LauraJ joined the channel
#
tantek
the closest thing to a dedicated type-specific "page" is my "most recent 3 articles" widget in the right column
#
jonnybarnes
am I missing some trick here? is there an easy way to parse a micropub API post in PHP? I want the content from https://gist.github.com/jonnybarnes/8714599
#
Loqi
gives jonnybarnes the content from https
#
jonnybarnes
what Loqi?
#
snarfed
could be worse, at least it's not a webmention flood :P
LauraJ joined the channel
benjaminchait joined the channel
#
tantek
jonnybarnes - doesn't PHP parse out the POST parameters for you?
#
jonnybarnes
tantek: you'd think so
#
jonnybarnes
im starting to think im using guzzle wrong to make the post request in the first place
lukebrooker joined the channel
#
tantek
snarfed - sounds like the meetings went great yesterday! thanks so much for organizing the SF meeting - everyone looks so happy in the photo! :)
#
snarfed
welcome! it did go well, lots of good discussion and serendipity
#
snarfed
captured some of it in the wiki
#
tantek.com
created /2014-01-29 (+53) "r"
(view diff)
#
snarfed.org
edited /events/2014-01-29-homebrew-website-club (+182) "/* SF P2P Section */ link to existing android app"
(view diff)
paulcp and benjaminchait joined the channel
#
jonnybarnes
I think I've got micropub tentatively working on my site.
bnvk joined the channel
#
jonnybarnes
tantek: I wasnt creating the POST requests properly, so PHP couldnt parse them
caseorganic joined the channel
#
jonnybarnes
aaronpk: I think I have it working now. I can post notes to jonnybarnes.net from jb.dev
#
aaronpk
oh wait you are talking about the other way around
#
aaronpk
ah cool!!
#
jonnybarnes
jb.dev being locally hosted on my macbook
#
aaronpk
this is awesome. now there are two note posting interfaces using micropub before i've even made one
#
jonnybarnes
the next thing to do is think about the storage of the OAuth token
#
aaronpk
yes, did you give any thought to my suggestion of not storing it? :)
#
jonnybarnes
didnt you guys discuss earlier the best thins is probably to keep it client side in a cookie
#
aaronpk
put it in a client-side cookie so my browser has it
#
jonnybarnes
the other thing, what should I do on a successful post? at the moment I redirect to the value of the Location header sent by micropub endpoint
#
aaronpk
that seems reasonable
#
@amezoxaq
RT @t: much #IndieWeb Bridgy & #IndieAuth progress! Come to 6:30pm Homebrew Website Club in SF & Portland TONIGHT: http://tantek.com/2014/029/t1/indieweb-progress-bridgy-indieauth-homebrew-tonight
(twitter.com/_/status/428987051464458240)
#
aaronpk
barnaby's interface actually writes my own micropub endpoint into the <form action=""> attribute so that my browser makes a post directly to the micropub endpoint, and then since the endpoint returns a location header, redirects to the new entry!
#
aaronpk
that's sort of the minimum viable implementation
#
tantek
that's really good guidance - is that on the /micropub page?
#
aaronpk
i think so
#
aaronparecki.com
edited /micropub (+362) "/* Authentication */ add description of how to send access token"
(view diff)
#
jonnybarnes
if waterpigs.co.uk makes you post directly to your own site why does he ever need an access token?
#
aaronpk
he doesn't, that's my point :)
#
aaronpk
but he has to do the authorization to at least the the access token written into the form
#
jonnybarnes
but if your browser is making a request to aaronparecki.com wont it send all the cookies for aa..com as well?
#
aaronpk
but this has nothing to do with cookies
#
jonnybarnes
what I mean is you can already be "logged in" to your site when his form sends you to it
#
aaronpk
but that requires a concept of being "logged in" which is not part of oauth and not really standardized anywhere
#
aaronpk
also it will not always be a user's browser creating posts with the micropub endpoint. sometimes it will be other server-side apps (I previously mentioned an instagram PESOS or last.fm PESOS app as an example)
LauraJ and benjaminchait joined the channel
#
jonnybarnes
yeah, makes sense
#
jonnybarnes
how long can a bearer token be?
#
aaronpk
oauth 2.0 refers to http basic auth for that, which doesn't seem to mention a length limit (http://tools.ietf.org/html/rfc6750#section-2 and http://tools.ietf.org/html/rfc2617#section-2)
fmarier and paulcp joined the channel
#
bret
aaronpk: did you find a decent late night place downtown last night?
paulcp joined the channel
#
aaronpk
nah I ended up going home
#
aaronpk
I realized I have a pretty cool place to live now, and it's nice to spend time there :)
bnvk joined the channel
#
bret
right on :)
pasevin, KartikPrabhu, squeakytoy2 and benjaminchait joined the channel
#
tantek
aaronpk, once you've setup your personal site to hand out IndieAuth/OAuth tokens to client apps, do you have a UI on your personal site that lists all the client apps you've authorized (ideally with a revoke button next to each one)?
#
tantek
I tried checking both the /IndieAuth and /micropub pages but didn't see anything about that - and not sure where it would be appropriate to add such a question / suggestion
#
aaronpk
I don't have that yet, but at the rate other people are writing apps I'm gonna have to do that pretty quick!
#
aaronpk
ideally it would be possible for that to exist on the authorization server so that each person doesn't have to re-build that interface
#
aaronpk
(authorization server == indieauth.com in this case)
#
aaronpk
which may mean adding a "revoke" command to the token endpoint
#
aaronpk
will have to investigate the current work being done on OAuth revokation, been seeing a lot of emails about that on the lists
#
aaronpk
also holy crap i have a lot of work to do to clean up the wiki pages on indieauth
paulcp and bnvk joined the channel
#
Jeena
aaronpk, I see that you're adding those long flickr urls into your notes, ever thought about their oembed resource so you could put the normal (or short) url to your note and still show the image? Like here: https://www.flickr.com/services/oembed?url=http://www.flickr.com/photos/aaronpk/11991674374/&format=json
#
Jeena
I was testing this resource today and it was really fast
#
aaronpk
Jeena: cool, i'll probably do that
#
aaronpk
I do that with soundcloud URLs right now
#
Jeena
but cool article, will need to read it
benjaminchait joined the channel
#
@OnTheWebz
RT @t: much #IndieWeb Bridgy & #IndieAuth progress! Come to 6:30pm Homebrew Website Club in SF & Portland TONIGHT: http://tantek.com/2014/029/t1/indieweb-progress-bridgy-indieauth-homebrew-tonight
(twitter.com/_/status/429021302356070400)
benjaminchait and KartikPrabhu1 joined the channel
#
tantek
Jeena - is there a way to use embed Flickr with an iframe like that too?
#
Jeena
not that I know of, I only did the oembed thing for flickr because there is no other way to get the image without a extra request
#
aaronpk
oh Jeena, one reason I link directly to the jpg on flickr is some of those photos are private, and I'm really just using it as a jpg hosting site
#
Jeena
ah I see
#
Jeena
but how are they private if you still can use this static url to show it to me?
#
aaronpk
that's how flickr works
benjaminchait1 joined the channel
#
aaronpk
flickr has two tokens for every photo, the photo ID and a "secret" token
#
Jeena
ah yeah true
#
aaronpk
the JPGs have both, but the URLs for the HTML pages only have the ID
#
Jeena
yeah I remember now
chloeweil joined the channel
#
aaronpk
it's pretty clever actually
#
aaronpk
it lets them distribute the jpgs to a CDN that doesn't have to worry about access control
#
Jeena
yeah, I wonder why there is no such thing for the html page
#
aaronpk
there kind of is, with the "guest pass"
benjaminchait joined the channel
#
Jeena
true I remember something colled that but I can't find it now
tilgovi and benjaminchait1 joined the channel
#
tantek
I think the guest pass is done with a cookie though, not a different URL
#
aaronpk
IIRC the URL has a token that it uses to set the cookie
#
tantek
well, a special URL that sets a cookie and then you're "browsing with the guest pass"
#
tantek
which may grant access to various resources - not just one photo
#
aaronpk
usually a set or collection
benjaminchait and fmarier joined the channel
#
@t
@benwerd has offered handmade art with a twist: write an #indieweb reply (like this) & send a webmention. I want one! (ttk.me t4UL1)
(twitter.com/_/status/429033535551193088)
KartikPrabhu joined the channel
#
tantek
!tell benwerd - hmm - tried sending you a webmention for your handmade post and it didn't seem to show up: http://tantek.com/2014/030/t1/handmade-art-indieweb-reply-webmention-want
#
Loqi
Ok, I'll tell them that when I see them next
#
aaronpk
tantek: I see it there
#
aaronpk
it's not at the bottom
#
tantek
weird
#
aaronpk
maybe UTC datestamps messing things up?
#
aaronpk
no, looks like all the "likes" are at the bottom
#
tantek
oh and even better - he's got deduping working!
#
aaronpk
oh nice wow
#
tantek
aaronpk - note that he has two replies from you, your original and your POSSE tweet @-reply via bridgy
#
tantek
similarly from erinjo (original reply + tweet POSSE @-reply)
#
tantek
and barnaby
#
tantek
but presumably he received the reply from bridgy for mine but was able to determine it was a POSSE copy of an existing reply
#
aaronpk
are you sure he just hasn't received the bridgy mention yet?
#
snarfed
aaronpk: that's my guess
#
tantek
I thought @-replies were realtime
#
snarfed
bridgy does twitter favs and RTs in realtime, but can't do replies since it doesn't get enough info to walk the reply chain
#
snarfed
and twitter poll freq is ~15m to stay under their throttling
#
tantek
oh ok cool
KartikPrabhu joined the channel
#
snarfed
btw, i think comparing bridgy's u-url against the source post's rel-syndication is enough for de-duping, at least in this specific case
#
snarfed
you'd have to store u-urls and rel-syndications from previous webmention sources
lukebrooker joined the channel
#
tantek
no need to store anything else if you simply do original-post-discovery on bridgy's u-url, and then see a) there is an original post for it, b) and if so, if you already have that original post in your list of replies
#
snarfed
ah, sure, that works too
#
snarfed
you also want to do the reverse, to handle the case when bridgy's arrives first
#
snarfed
starting to add a de-duping section to the wiki, but not sure where it goes. webmentions? comments? backfeed?
pfenwick and lukebrooker joined the channel
#
snarfed.org
edited /webmention (+594) "/* Issues */ de-duping"
(view diff)
#
snarfed
feel free to move that elsewhere