#indiewebcamp 2014-03-28

2014-03-28 UTC
#
tantek if you need a block that is completely wiki-ignored, you can use <nowiki> … </nowiki>
#
kartikprabhu.com edited /h-feed (+805) "/* Brainstorming */ added truncated feed u-uid thoughts" (view diff)
indie-visitor joined the channel
#
KartikPrabhu alright feel free to add to the h-feed brainstorm, specially folks building using readers like aaronpk, barnabywalters
#
@anildash @kellan @waxpancake @mrgan understood. My question is whether indieweb is essentially an entirely different ecosystem now. (twitter.com/_/status/449336613064421376)
caseorga_ and KevinMarks joined the channel
#
kbs would it be okay to expand on the /pgp page to add ideas/brainstorming related to authentication, etc?
#
kbs is not quite sure of the protocol here, apologies for any naive questions ;-)
#
KartikPrabhu kbs yes it is a wiki for that reason. Add a new brainstorming section and write away
#
kbs great
#
KartikPrabhu !tell demis: I see weird boxes (unicode undefined chars?) for the profile links on your homepage. Font not loading?
#
Loqi Ok, I'll tell them that when I see them next
#
KartikPrabhu feeds/reader: question - It seems that the way peopel subscribe to sites is by linking the hompage into their reader which then finds the feeds using rel="alternate". So all the relevant feeds can be linked on the homepage for dscovery. How should this be done using h-feed since each feed will have a separate link. How can we link this right on the homepage?
snarfed joined the channel
#
tantek KartikPrabhu - not sure - we'll have to ask people building indie readers
#
tantek interesting thread: https://twitter.com/anildash/status/449336613064421376
#
@anildash @kellan @waxpancake @mrgan understood. My question is whether indieweb is essentially an entirely different ecosystem now. (twitter.com/_/status/449336613064421376)
#
KartikPrabhu isn't barnabywalters building a reader?
#
KartikPrabhu also i don't understand what that thread has to do with indieweb. indieweb = bubble?
#
kylewm yeah Dash's mention of indieweb seems apropos of nothing
ttepasse, sparverius, scor, fmarier, KevinMarks and snarfed joined the channel
#
acegiak KartikPrabhu: Re: your reader question. I'm checking rel="alternate" for rss/atom feeds and if I don't find any I assume that the homepage IS the main h-feed and try and parse it
#
KartikPrabhu acegiak: i figured that is how current ones work with rss/atom. But how would somethign based completely on h-feed work? or should work?
#
acegiak so we're saying what if the h-feed isn't on the main page?
#
acegiak really the rel="alternate" for rss/atom shouldn't point to a feed that isn't a clone of the content on the current page but a lot of people use it to point to an rss/atom feed for updates that aren't presented on the front page
#
KartikPrabhu yes like many people publish multiple ones like notes and articles
#
acegiak so if we accept that as standard usage you could rel="alternate" point to another html page that is h-feed marked up even though the semantics are fucked up OR we could use a different semantic keyword like rel="feed"
#
KartikPrabhu i was going to suggest rel="feed" too
#
KartikPrabhu would be an interesting experiment
#
acegiak KartikPrabhu: my wife's site (which I'm helping her add microformats etc to) is a potential test for this because she's an artist and wants her landing page to be quite specific in appearance
#
KartikPrabhu very cool... I currently show only the first 5 articles on mine too...
snarfed joined the channel
#
@kevinmarks @anildash @kellan @waxpancake @mrgan the point of #indieweb is to build an antifragile system that can grow in the face of bubbles bursting (twitter.com/_/status/449361916738027520)
#
@kevinmarks @anildash @kellan @waxpancake @mrgan I didn't say it was complete, but it is a design centre. See http://indiewebcamp.com/monoculture for example (twitter.com/_/status/449364774262808576)
#
KevinMarks The rel alternate with type pattern is established
#
KevinMarks One with type html would be legitimate
netweb joined the channel
#
kbsriram.com edited /pgp (+2912) "added brainstorming sections - authentication, integrity" (view diff)
#
KartikPrabhu KevinMarks: but the semantics of alternate suggest that it is a different version of the sam page which is not the case
#
KartikPrabhu there is a rel="feed" in the POSH section (http://microformats.org/wiki/existing-rel-values#POSH_usage) cc: acegiak
#
KevinMarks I'd use rel="feed alternate" and an html type
#
KartikPrabhu WHATWG blog on rel="feed" : http://blog.whatwg.org/feed-autodiscovery
#
KartikPrabhu KevinMarks: even if you are marking up all feeds on the homepage i.e. article-feed, note-feed etc...?
#
KartikPrabhu oh sorry misread that... feed and alternates
#
KevinMarks http://tools.ietf.org/html/draft-ietf-atompub-autodiscovery-01
#
KevinMarks Use title to show what they are
#
KevinMarks Though that isn't for <a> links
#
KartikPrabhu aah nice nice... title="Notes" etc..
#
KartikPrabhu this is a good little brainstorming. What would be a good place to document this?
#
acegiak the title attribute is a nifty idea
#
KevinMarks Do we have /feeds?
#
KartikPrabhu yup
#
KevinMarks I'm on the phone on the train, so a bit laggy
#
KartikPrabhu np. will add to /feeds brainstorming.
#
acegiak ohshit that's right I was gonna add a bit of discussion to the /like page
#
kartikprabhu.com edited /h-feed (+737) "/* Brainstorming */ h-feed auto-discovery" (view diff)
#
kartikprabhu.com edited /h-feed (+432) "/* autodiscovery of h-feeds from homepage */ added acegiak quote" (view diff)
#
KartikPrabhu acegiak ^^ feel free to remove the quote if you do not wish to be quoted. I thought that was a good use case
#
acegiak.net edited /like (+804) "adding self plus discussion re: facebook page likes" (view diff)
#
kartikprabhu.com edited /reader (+204) "/* Brainstorming */ crosslinked to h-feed brainstorming" (view diff)
#
acegiak KartikPrabhu: I'm always happy to be quoted
#
kartikprabhu.com edited /reader (-40) "/* Brainstorming */" (view diff)
#
KartikPrabhu alright folks... good brainstorming. back to science doing
#
KartikPrabhu feedback on brainstorming above is appreciated :)
snarfed and pfenwick1 joined the channel
#
kartikprabhu.com edited /h-feed (+12) "/* autodiscovery of h-feeds from homepage */" (view diff)
melvster joined the channel
#
kartikprabhu.com uploaded /File:autodiscovery-feed-example-adactio.jpg "auto-discovery of multiple RSS feeds from adactio.com"
#
kylewm.com edited /storage (+0) "/* Databases */ fix copy pasta typo" (view diff)
#
kartikprabhu.com edited /h-feed (+209) "/* autodiscovery of h-feeds from homepage */ added example screenshot" (view diff)
#
KartikPrabhu !tell adactio: any reason your feeds show different avatars? ref: http://indiewebcamp.com/File:autodiscovery-feed-example-adactio.jpg
#
Loqi Ok, I'll tell them that when I see them next
gRegor`, kbs and bnvk joined the channel
#
Loqi [mention] http://andysylvester.com/2014/03/28/indiefeed-gateway-thoughts/ linked to http://indiewebcamp.com/irc/2014-03-26 (pingback)
#
snarfed hey KartikPrabhu! saw you retried the post for the bug i fixed. i haven't deployed that fix yet, sorry. i'll do that now.
#
KartikPrabhu aah np snarfed was just playing around
#
snarfed k, deployed
#
KartikPrabhu neat!
#
KartikPrabhu snarfed: very nice!
#
snarfed KartikPrabhu: thanks!
#
KartikPrabhu if i may make a suggestion: Is it possible to return the preview as a textfield, and then have the user edit it and tweet the edit?
#
snarfed sure! feel free to file that as a feature request
#
snarfed right now i'm prioritizing the automated side a bit, as opposed to manual, but that shouldn't be too hard
#
KartikPrabhu yes that would make less sense as an automated response...
#
KartikPrabhu in any case Bridgy is really cool stuff... really a bridge to silos!
#
KartikPrabhu snarfed++
#
Loqi snarfed has 9 karma
#
snarfed also, kylewm, retry response buttons
#
snarfed …are up. enjoy! e.g. https://www.brid.gy/facebook/12802152
#
snarfed aww thanks KartikPrabhu! glad you like it
#
kylewm snarfed++
#
Loqi snarfed has 10 karma
#
kylewm looks great!
#
kylewm I had another use for them today fixing a bug (was counting all 'like's from facebook as the same)
#
snarfed ah good timing then
tantek joined the channel
#
@remka Discovered http://indiewebcamp.com during yesterday’s Ride The Lightning. I like how they formulate it. #indieweb (twitter.com/_/status/449418328977592320)
netweb and demis joined the channel
#
Loqi demis: KartikPrabhu left you a message 5 hours, 6 minutes ago: I see weird boxes (unicode undefined chars?) for the profile links on your homepage. Font not loading?
snarfed, eschnou, bnvk, cweiske and pfenwick joined the channel
#
@Jason_Cobb Another example of creators at mercy of providers http://perfectpath.co.uk/2014/03/27/qik-before-its-too-late-indieweb/ Download All @LloydDavis? https://chrome.google.com/webstore/detail/downloadall/ajffocjdcmpgjmdfdfkdfdbkjafbkcke?hl=en Bloody blip.tv... (twitter.com/_/status/449438867222200320)
heathjs joined the channel
#
@domenicoperri IndieAuth - Sign in with your domain name https://indieauth.com/#supported-providers (twitter.com/_/status/449439291010482176)
#
cweiske did you ever notice the similarity of the CAS and indieauth protocols?
#
cweiske the only difference are names of parameters and the format of the token verification response
#
cweiske and of course that CAS is from 2005
#
cweiske and supports autologin, whereas this is missing in indieauth
pfenwick1, LauraJ, Jihaisse, eschnou, julien51 and bnvk joined the channel
#
@superfeedr @BarnabyWalters We're trying to get #Webmentions to work between http://blog.superfeedr.com/indieweb-microformats-fragments-subscriptions/ and http://waterpigs.co.uk/notes/4T3FSd/ but that does not work :( (twitter.com/_/status/449461662819831808)
basal, jsilvestre, voxpelli and squeakytoy joined the channel
#
@voxpelli @superfeedr Could http://indiewebify.me/validate-h-entry/?url=http%3A%2F%2Fblog.superfeedr.com%2Findieweb-microformats-fragments-subscriptions%2F shed some light on why? Seems like there's no microformat markup on your post? (twitter.com/_/status/449470198652100608)
#
@voxpelli @superfeedr When you've added it, send a pull request with an example of your markup to https://github.com/voxpelli/node-webmention-testpinger to help compatibility :) (twitter.com/_/status/449473650589462528)
friedcell, bnvk, alistair and Sebastien-L joined the channel
#
alistair I'm here because I just watched https://www.youtube.com/watch?v=Au4bHb5twF4 (Amber Case - Rise of the Indieweb) via @adactio
#
alistair waves
tobiastom, michel_v, pfenwick, alistair and barnabywalters joined the channel
#
Loqi barnabywalters: tantek left you a message on 3/27 at 1:23pm: hickup with http://waterpigs.co.uk/services/webmention-io-comments/ ? I'm seeing many fewer (or no) results today on URLs that had lots of results yesterday
#
barnabywalters !tell tantek RE indiewebify comments, I updated some libraries but it shouldn’t have affected anything — do you have an example URL? e.g. http://waterpigs.co.uk/services/webmention-io-comments/?url=http://tantek.com/2014/084/b1/urls-people-focused-mobile-communication seems to be working fine
#
Loqi Ok, I'll tell him that when I see him next
#
barnabywalters creepy, looks like someone attacked waterpigs.co.uk earlier today
#
barnabywalters I have tonnes of requests in the log with URLs like /articles/modules.php/?app=user_reg
#
barnabywalters and /articles/member.php?mod=logging&action=login
#
barnabywalters these must be common URLs in some other piece of software
jonnybarnes, scor and melvster joined the channel
#
barnabywalters documented attack, URLs here for anyone interested: http://waterpigs.co.uk/notes/4VHBCQ/
#
arcatan i get tons of that kind of requests for my site (which has only static html)
#
arcatan i guess it's just bots blindly crawling the web to find exploitable sites
#
barnabywalters arcatan: probably, yeah
#
arcatan similarly i get tons of SSH login attempts for non-existing usernames
adactio joined the channel
#
Loqi adactio: KartikPrabhu left you a message 8 hours, 25 minutes ago: any reason your feeds show different avatars? ref: http://indiewebcamp.com/File:autodiscovery-feed-example-adactio.jpg
pasevin and scor joined the channel
#
tommorris barnabywalters, arcatan: I keep getting emails to clifford at tommorris.org - I even got a very apologetic-seeming email from a marketing person apologising for getting my name wrong… sent to ‘clifford’. ;)
#
barnabywalters tommorris: that’s hilarious
#
cweiske just spam
#
cweiske I disabled the catchall on cweiske.de years ago
#
barnabywalters or a prank — someone signed you up for spam under that email address
#
tommorris I use catchall for a reason: so I can give out facebook at tommorris.org to facebook and so on, then know who flogged my email address off to spammers
#
arcatan a coworker of mine has a common name and apparently his namesake is the ceo of a mid-sized company
#
barnabywalters cweiske: likewise
#
arcatan and the hr dept keeps sending personal information to my coworker's gmail address
#
cweiske tommorris, I use sub-adressing for this
#
cweiske http://cweiske.de/tagebuch/postfix-plus-addressing.htm
#
barnabywalters tommorris: IIRC gmail allows you to “tag” email addresses somehow to do that same thing
#
barnabywalters my mailserver doesn’t though
#
barnabywalters cweiske: ah, that’s it! didn’t know it was called sub-addressing
#
barnabywalters cweiske++
#
Loqi cweiske has 4 karma
#
tommorris is post-Gmail, and now uses fastmail
#
tommorris also, barnabywalters: about the indieweb killing your facebook usage meme? sign me the fuck up. I’ve been doing FB app development too much this week.
#
barnabywalters tommorris: ow, nasty. I still use it as a reader, and chat for people who can’t be easily contacted otherwise
#
barnabywalters is their API still as slow and nasty as I remember?
#
arcatan i should figure out how to do all this indieweb stuff like posseing and webmentioning with my site that is static html generated by hakyll
voxpelli joined the channel
#
tommorris barnabywalters: slow, nasty, inconsistent, poorly-documented and painful to use
#
barnabywalters arcatan: bret and voxpelli have been doing some great work getting static HTML sites to do things like that
#
tommorris Especially because they now encourage you to use their JS API exclusively.
#
cweiske arcatan, I use a standalone tool for my static site
#
barnabywalters tommorris: :(
#
cweiske you can delegate webmention receiving easily
#
cweiske and load the received comments via javascript
#
tommorris I may write some FB bridge code for my site to post into FB, mostly because I now know more about the FB API than I ever wanted to know before.
#
barnabywalters cweiske: I think some other people have also incorporated that step into their build process, so whenver they rebuild their site, new comments are saved into the HTML
bnvk joined the channel
#
cweiske that's possible of course
#
cweiske is there a way to provide webaction buttons that work without a browser extension?
#
barnabywalters if you’re delegating webmention support to webmention.io, I made a little tool you can use to load comments in, either as an iframe or with javascript: http://waterpigs.co.uk/services/webmention-io-comments/?url=YOUR_URL_HERE
#
barnabywalters cweiske: you can put fallback inside the <action> tag
#
voxpelli and I made https://webmention.herokuapp.com/ for a way to receive and javascript-embed webmentions
#
cweiske I don't want a fallback, I want something like subtome for everything
#
tommorris might delegate to webmention.io over the weekend until he has time to fix up his own solution
#
barnabywalters cweiske: how would that work?
#
cweiske that's what I'm asking
#
cweiske and I want it decentralized
#
barnabywalters cweiske: ah, okay, I thought you had an idea for how to do it :)
#
voxpelli cweiske: have you talked with Julien who has made Subtome?
#
cweiske so that the user's preference is used first if he set one
#
barnabywalters well that’s the issue — subtome works great but IIRC relies on JS being hosted somewhere
#
cweiske yes, that's the problem with subtome
#
cweiske custom url schemas could be the solution here
#
arcatan right, maybe javascript-embedding webmentions would be great at least as an initial step.
#
barnabywalters web actions are the opposite, they’re just a markup pattern with fallback which clients can progressively enhange
#
cweiske reply:http://cweiske.de/foo.htm
pfenwick joined the channel
#
barnabywalters cweiske: interesting idea!
#
cweiske or better
#
cweiske web+reply:...
#
cweiske because only a couple of non-web+-prefixed protocols are allowed to be registered by web sites
#
cweiske this would automatically jump to the website that registered as protocol handler for web+reply
#
cweiske the question is how to handle failure
#
cweiske somehow we have to detect if the protocol handler is registered
#
cweiske which does not
#
cweiske work
#
cweiske since the html5 spec does not have such an API method
#
cweiske you can't ask "is there a handler for web+reply:?"
#
cweiske only "is the handler for web+reply: set to http://example.org/"
#
cweiske and even that is not supported in chrome
#
cweiske just in firefox
#
cweiske we need to solve that differently
#
cweiske IIRC you can load an URL via javascript and check if that worked
#
cweiske if it did not, we know no handler is registered
#
cweiske probably
#
cweiske if yes, we can redirect to it again
#
cweiske if there is no handler registered, *then* we can jump to a subtome-lookalike for twitter/facebook/whatever/appstore/
#
cweiske that's my rough idea
#
barnabywalters cweiske: it’s a good idea! it solves the discovery problem
#
barnabywalters it could even be incorporated into the webaction extension
#
voxpelli there should be some discussions regarding that flow to look up on the web, it was the main target before focus shifted to web intents/web actions
#
cweiske voxpelli, do you have links?
#
voxpelli cweiske: https://blog.mozilla.org/webdev/2010/07/26/registerprotocolhandler-enhancing-the-federated-web/
tantek joined the channel
#
Loqi tantek: barnabywalters left you a message 2 hours, 18 minutes ago: RE indiewebify comments, I updated some libraries but it shouldn’t have affected anything — do you have an example URL? e.g. http://waterpigs.co.uk/services/webmention-io-comments/?url=http://tantek.com/2014/084/b1/urls-people-focused-mobile-communication seems to be working fine
kbs joined the channel
#
cweiske voxpelli, that's the original idea
#
cweiske it sounded to me that there was a discussion why webactions are better
#
voxpelli I’m searching to see if I can find it
#
barnabywalters I actually had no idea this existed — I knew apps could register to be custom protocol handlers, but not webpages, and not that discovery and selection UIs had already been built
#
barnabywalters presumably either I researched it badly, or by the time I was looking at this stuff it had already been disregarded as a potential solution
scor joined the channel
#
voxpelli cweiske: I guess http://webintents.org/faq.html#protocolhandler
#
cweiske thanks
#
cweiske I guess that this problems don't apply to us
#
tantek webactions focus on the user experience, whereas Google's Webintents was all about inventing new plumbing
#
cweiske we want to bookmark a URL, like a URL and reply to a URL
#
cweiske we always have a URL
#
tantek and Google eventually removed their webintents support from Chrome *because* the user experience was bad.
#
barnabywalters ah, so webintents disregarded it because it can’t be used to pass arbitrary data
#
cweiske seems so
#
voxpelli a big problem with protocol handlers right now is that there is no way of detetcing whether there is one or not – so you can degrade gracefully for the ones with no handler registered
#
cweiske yes, that's my problem, too
#
tantek voxpelli - agreed, that's what I ran into in my analysis
#
barnabywalters voxpelli: any idea why that constraint exists? is it maybe a security concern?
#
tantek I think the browser needs to do a better job at that
#
cweiske you don't want an adserver see what you use to read your mail
#
cweiske you getprotocolhandlerurl() is a bad idea
#
voxpelli there seems to be plans to add a isProtocolHandlerRegistered() – but seems like that will only be able to check for whether a specific handler is registered, not if any handler at all is registered
#
cweiske but at least isprotocolhandlerregistered() should be implemented
#
tantek you don't need to disclose that much
#
barnabywalters but we just need to know whether one exists or now
#
tantek is there a spec for isProtocolHandlerRegistered?
#
barnabywalters s/now/not
#
Loqi barnabywalters meant to say: but we just need to knot whether one exists or not
#
voxpelli tantek: http://www.w3.org/html/wg/drafts/html/master/webappapis.html#dom-navigator-isprotocolhandlerregistered
#
tantek so next question, is there a Firefox bug filed for this in Bugzilla?
#
tantek if one of you finds it / files it, let me know and I can help push it along
#
voxpelli tantek: yes, https://bugzilla.mozilla.org/show_bug.cgi?id=440620
#
cweiske voxpelli, the already implemented version requires you to give the url
#
voxpelli cweiske: is there already an implemented version? can’t find it in my firefox
#
cweiske firefox doesn't have it
#
cweiske chromium has
#
cweiske I use it at work for tel: urls
#
cweiske to control our VoIP phones
#
voxpelli cweiske: what Chrome version? My Chrome Canary didn’t have it either. Hidden behind flags?
gRegor` joined the channel
#
cweiske no, standard IIRC
#
cweiske let me check
#
cweiske oh
#
cweiske neither firefox nor chromium show that tel: is registerd
#
cweiske that must have been some previous version
#
cweiske opera 12 supports it :)
#
cweiske but since opera switched to webkit, it went away
#
cweiske http://fotos.cweiske.de/screenshots/2014-03-28%20tel%20protocol%20handler%20waehlscheibe.png
#
cweiske same image in firefox and chrome
#
cweiske opera 12: http://fotos.cweiske.de/screenshots/2014-03-28%20tel%20handler%20opera.png
#
voxpelli I think it will be hard to create a protocol-powered action approach that is secure, because to enable graceful degradation for those without a protocol you need to allow all webpages to check whether a user has registered a protocol – and that’s not okay
#
cweiske yep
#
cweiske what do you mean with "that's not ok"?
basal joined the channel
#
voxpelli for a web page to check for an ”indieweb”-protocol without me knowing it to see if I’m an indieweb-participant or not wouldn’t be too good - right?
#
tantek ok commented on https://bugzilla.mozilla.org/show_bug.cgi?id=440620
#
cweiske voxpelli, as long as the web page does not know what tool i use
#
cweiske i'd be fine with it
#
voxpelli Would make fingerprinting easier: https://wiki.mozilla.org/Fingerprinting
#
voxpelli And my impression is that the browser community generally wants to make it harder, not easier
#
tommorris Yep, slippery marketing types will use that for finger printing.
#
tantek we should still try
#
Loqi I agree
#
tantek whether or not you have a protocolhandler registered at all should be ok
#
tantek barnabywalters, cweiske, please comment in the bug with the use-cases you have in mind
#
julien51 barnabywalters JS is hosted in your browser! It’s AppCache, so loaded once, and then never again
#
julien51 tantek: no Chrome retired WebIntents suppport (at least publicly because it’s still there last time I checked) because they couldn’t not get the Firefox team to agree on anything with them as to compatibility. Typical NIH syndrome.
#
julien51 Now, FF has argued they did not want WebIntent because they did not like the UX… but that was not Chrome’s decision.
#
voxpelli cweiske: looking at it, the iframe with custom protocol that uses postMessage() to send back users preferences actually enables graceful degradation
#
voxpelli cweiske: so something like this to expose ones wanted endpoints https://gist.github.com/voxpelli/36b6485da8c54e98243c and have sites embed through indieweb:something ?
#
cweiske voxpelli, I don't quite understand
#
cweiske <iframe src="indieweb:foo"/>?
#
voxpelli cweiske: yes
#
cweiske hm
#
cweiske another layer of indirection :/
#
voxpelli one could perhaps use document.referrer + localStorage to maintain a whitelist of pages or something if one doesn’t want to send ones configuration all sites asking
#
voxpelli using a confirm() to ask whether to send settings or not
connextrum, alistair and CheckDavid joined the channel
#
ben_thatmustbeme good morning #indiewebcamp
julien51, LauraJ and kbs joined the channel
#
ben_thatmustbeme hey kbs, i was reading back in the logs, saw you talking about some sort of pgp key stuff
snarfed joined the channel
#
@PodcastFrance J'écoute #onvar 38 de @IndieWebRecords => http://indiewebrecordings.com/podcasts/onvar/Onvar-Episode-38.mp3 via @Podcast_Addict (twitter.com/_/status/449553893119504384)
#
barnabywalters julien51: RE subtome js location
#
barnabywalters according to http://docs.subtome.com/publishers/ publishers add a button which loads javascript hosted on subtome.com
julien51 joined the channel
#
kbs ben_thatmustbeme: yea :) Would love to hear what you're thinking about here
#
kbs I'm kinda trying to map some of the ideas in indieauth over to validating pgp keys [I guess an indieweb way to functionally achieve what keybase does]
_6a68 joined the channel
#
kbs ben_thatmustbeme: scenario is - Alice wants to get indieweb user Bob's public key with some degree of confidence from Bob's canonical site. How does Bob link "proof-I'm-Bob" from other sites [eg: prove he's also @bob on twitter, +Robert on g+, etc]
#
ben_thatmustbeme well I would think Bob has a rel=me link to his site and he could just have the public key posted on his site
#
ben_thatmustbeme basically eliminate the keybase altogether
#
kbs yep - that's exactly the idea :-) just formalizing this notion.
#
ben_thatmustbeme when I get done with my site (or at least the basics of it I'll put up my public key on a page with a link thats along the lines you guys were talking about rel="publickey"
#
ben_thatmustbeme alternatively, i don't know if any keybases have web-pages you can directly access to get the public key
#
ben_thatmustbeme if they do I would say a rel=me to your key on the keybase's website
snarfed joined the channel
#
kbs I have a sample page over at kbsriram.com that's doing this - some nitty-gritty on the [keybase.io-free] apprach is to handle sites that don't permit embedding a fingerprint (that's sufficient) on a profile page.
#
ben_thatmustbeme I had been thinking about this as well as i want to be able to generate specific keys to send between sites, and the safest way would be to use pgp and it cuts out a user having to log in at all. I just use the cannonical name to refer to a user, and the tech would do the rest
#
kbs yep.
#
kbs I think we've independently reached similar conclusions - so on the specifics, here's what I did. Embed a rel=key from my canonical page, pointing to a public key. For each rel=me link that lets me add a fingerprint to a profile page, I do so. Otherwise, I add a rel=pgp-fingerprint link with a post [that can be linked back to an owner] which contains a fingerprint.
#
ben_thatmustbeme actually, would be very cool to put it in the h-card, I'm interested in getting some contacts list auto-pulled from h-cards
#
ben_thatmustbeme to be able to auto-fetch their pgp could be very useful
#
kbs Right - absolutely. I think the actual act of pulling in a public key is reasonably in place [h-card, etc] - the act of verifying proofs with other sites isn't there yet.
#
ben_thatmustbeme ahh, i see what your concern is more now. basically you want to use multiple sites to verify that the key you are getting is correct
#
kbs yep, exactly
#
ben_thatmustbeme so if site A has the same key as site B, we can be sure it is correct
#
ben_thatmustbeme but isn't that a bit of overkill, the fact that both sites point to each other with rel=me should be the authentication that either of them can provide the correct key
#
ben_thatmustbeme hmm
#
kbs So it depends on where the key is linked, if that makes sense.right, that's exactly it :-) It's best that one site [the canonical user site] provide the key, and the supporting sites provide fingerprints.
#
ben_thatmustbeme i guess it guards against either site being hacked and only the pgp key getting changed. but if my site gets hacked, i'm going to change my other sites to break the rel=me relationship
#
kbs that's true
#
kbs though by using the key, going to all the rel=me sites and breaking the link is not necessary either
#
ben_thatmustbeme I see, it does secure that connection
#
ben_thatmustbeme i'm just concerned its getting too complex for most use cases
#
ben_thatmustbeme the fingerprint would have to be on a site that isn't just a generic key store, as the violated cannonical site could just change the link to the key store
#
ben_thatmustbeme it would have to be on another secure site, which for the trust to exist would likely mean a silo of some sort
#
ben_thatmustbeme thats my thinking anyway
#
kbs You're quite right. I think this is essentially the parallel to indieauth.
#
ben_thatmustbeme indeed
#
kbs indieauth effectively says - the person who can edit site A has a login at site B (where B = g+, twitter, etc)
#
kbs as you say :-)
#
kbs The work [from the perspective of the key-owner] is just about as much as indieauth, and the work [from the perspective of a validator] is less than needed by indieauth
#
kbs Link to a key from canonical site, and either tweet a fingerprint or update profile on major silo
#
kbs From a validator - simply follow the rel=me links, check for fingerprint
#
kbs or follow rel=pgp-fingerprint links and check for fingerprint
#
kbs People are already doing this -- https://www.google.com/search?q=site%3Atwitter.com+pgp+fingerprint+-php -- just formalizing this :-)
tilgovi joined the channel
#
ben_thatmustbeme my concern is that because of POSSE just tweeting is giving a false sense of security. I'd want something that my site cannot automatically post to
#
ben_thatmustbeme putting it in profiles makes sense, tweets become just as compromised the second your site becomes compromised
#
kbs That's a good thought
#
kbs I have mine linked to a gist (for the github-linked identity)
#
kbs Curious - does twitter have omnipotent oauth tokens, or are they restricted by capability etc?
voxpelli joined the channel
#
ben_thatmustbeme no clue, i have not worked with it at all
scor joined the channel
#
kbs You're quite right - any canonical site that just stores passwords for linked silos on the site, would be vulnerable :-) as would indieauth, etc I guess
#
kbs So the second thought/observation here is to also include the TOFU idea from ssl [trust-on-first-use] - flag when a new key is posted
#
kbs As you say, this makes the most sense to add contact info [hcard, etc.] So I expect consumers will effectively store the key locally along with the contact info. TOFU ought to be another line of defense for some of these things maybe?
LauraJ and Sebastien-L joined the channel
#
kbs (and yea, it does seem like twitter has just one token-type - and an update_profile api :-)
demis joined the channel
#
ben_thatmustbeme kbs, i think the most secure way would be to have one silo that is used for auth but does not have profile update api
#
kbs I think g+ fits that bill, at least at the moment
#
kbs I also think github fits it [but more because of the immutable commit - can link to a specific version of a gist, etc.]
#
ben_thatmustbeme true, so long as the link is somewhere immutable too
#
ben_thatmustbeme anyone have any thoughts on storing the slug in DB at time of creation vs creating it on the fly?
iangreenleaf joined the channel
#
@hertling IndieWeb is hugely important, but I hope we can include more than just programming technorati in the movement. http://electricabacus.wordpress.com/2014/03/25/the-indieweb-revolution-and-other-reasons-you-should-learn-to-code/?utm_content=buffer1d679&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer (twitter.com/_/status/449574638671372288)
#
@vmvisor RT @hertling: IndieWeb is hugely important, but I hope we can include more than just programming technorati in the movement. http://t.co/hz… (twitter.com/_/status/449575529985744896)
demis and voxpelli joined the channel
#
@kyle_wm RT @hertling: IndieWeb is hugely important, but I hope we can include more than just programming technorati in the movement. http://t.co/hz… (twitter.com/_/status/449580692427386880)
#
bear @t do you know if anyone in Mozilla Portland codes with NodeJS?
caseorganic and pasevin joined the channel
#
aaronpk "However, some developers love wheel-reinvention (it can make a diverting break from yak-shaving)." http://www.brucelawson.co.uk/2014/notes-on-accessibility-of-web-components/
benprew joined the channel
#
kbs aaronpk: speaking of wheel-reinvention :) do you have any thoughts on this pgp 'indieauth-style' checking conversation?
#
aaronpk i haven't been able to follow it too closely just yet
scor joined the channel
#
kbs Gotcha. I saw you've done some nice things here, would be much interested in your thoughts when you get around to it
#
aaronpk is any of it on the wiki? or do I have to catch up on the irc logs?
#
kbs I put a massive missive on /pgp - but it's too long and I'll pare it down sometime today
#
kbs has the bad habit of babbling
#
aaronpk cool, if you update the wiki text I'll go over that this weekend. make sure to phrase it as a user-centric problem rather than just explaining the protocols
#
kbs yep :) appreciate the advice - (that's what tantek suggested as well) - so iterating on the writeup
snarfed joined the channel
#
gRegor` ben_thatmustbeme: Since the slug is usually based on information that doesn't change and isn't intended to be changed, I'd say store it at post creation time.
#
gRegor` And if you do change it, be sure to set up a 301 redirect.
#
gRegor` kbs, ben_thatmustbeme: Cool PGP conversation. I hope TLS on your domain is implied in all this. :)
paulcp joined the channel
#
kbs gRegor`: ah, actually :) specifically for fingerprint-validation - do you think it's required? I thought a bit about this and I can't find any holes - I thought that was an advantage or something...
LauraJ joined the channel
#
kbs but quite possibly I've missed something - won't be the first time :)
#
gRegor` If you're serving your PGP key on your domain without TLS, I wouldn't trust it, personally.
#
gRegor` Well, I suppose if your fingerprint is on multiple other sites (twitter profile, etc) then yeah, I'd trust it.
#
kbs *nod* - yea - that's just it -- the typical domain is non-TLS
#
kbs and I figure this would actually enable leveraging additional safeguards that would otherwise not be possible
#
gRegor` Without TLS, I feel like I would want to verify the fingerprint on two other sites. With TLS, I would accept just one other site.
#
kbs I hear you :) and you're more distrustful than indieauth, I guess ;)
#
snarfed kbs: re your twitter q, they don't do oauth scopes, sadly, but they do have coarse permission buckets for app ids: read only, read/write, and r/w + direct messages
#
gRegor` It's just the MITM attack vector if the key isn't over TLS that concerns me.
#
kbs snarfed: ah, okay - thanks for the clarification. Oh well.
#
snarfed https://dev.twitter.com/docs/application-permission-model
#
kbs gRegor`: yep, makes sense. Though, even with a single silo verification (and non-TLS from the original domain) - the attacker would need to also MITM the silo connection to be effective
#
kbs and _those_ are TLS'ed pretty much...
#
gRegor` I was thinking of gaining access to the Twitter, not MITM it. But you're right
snarfed joined the channel
#
gRegor` Hopefully anyone putting their fingerprint on Twitter also has 2FA on. :)
tantek joined the channel
#
kbs gRegor`: :-) ah, yes indeed. ben_thatmustbeme also pointed this out - convinced me that twitter [especially with most indiewebsites having omni-tokens on their sites] is probably not too hard to get into.
pasevin and snarfed joined the channel
#
ben_thatmustbeme yay, url parsing works
#
Loqi yay!
#
ben_thatmustbeme thanks Loqi
#
Loqi you're welcome
#
ben_thatmustbeme I love you Loqi
#
Loqi loves ben_thatmustbeme
#
ben_thatmustbeme Loqi, will you marry me?
#
ben_thatmustbeme its okay, you think about it
#
ben_thatmustbeme Gah, every time I think I'm ready to swap out my new code as a temporarily working site, I realize I forgot something
#
ben_thatmustbeme author page grrr
#
aaronpk yay john carmack encouraging people to blog! https://twitter.com/ID_AA_Carmack/status/449594122936922112
#
@ID_AA_Carmack (3/3) What are the hazards? What should be done to guard against them? What are the tests for failure? Blog and I'll read. (twitter.com/_/status/449594122936922112)
benprew joined the channel
#
@SocialSafe Jump to any date in your social networking history: http://www.youtube.com/ via @YouTube #OwnYourData #IRememeberWhen (twitter.com/_/status/449599118793383936)
#
barnabywalters some writings and experimentation with PuSH fragment identifiers and the problems with them: http://waterpigs.co.uk/articles/problems-with-hash-fragment-subscriptions/
#
ben.thatmustbe.me edited /User:Ben.thatmustbe.me (+158) (view diff)
#
ben_thatmustbeme well, version 0.1 is up and running
#
ben_thatmustbeme I have a lot of work to do, but at least I have a working site.
#
@AbdTorah Indieweb and RSS http://app.swayy.co/links/8a9f21721fdf4f56804e106718a0f4d7/ #rss #vendors #consensus (twitter.com/_/status/449606575595204608)
#
barnabywalters ben_thatmustbeme: nice work!
#
ben_thatmustbeme thanks
#
ben_thatmustbeme its up in github too https://github.com/dissolve/openblog.git
#
kbs ah, sorry to ask a dumb questions - and won't be the last I'm sure - but does the typical publishing system essentially run remotely, rather than somehow proxying data from a locally running setup to a remote site?
#
ben_thatmustbeme I suppose it could be either, but mostly I've seen everything runs on the server and you just deal with it all there. Prevents any need for client software on your local machine
#
ben_thatmustbeme if I understand you correctly
#
kbs ben_thatmustbeme: yep - thanks for the clarification :) (and - congrats on round#1 of getting the moving pieces fitted!)
#
ben_thatmustbeme and not to worry, asking dumb questions is how you learn. I ask plenty
#
kbs I think it was my early misread of POSSE -- I took "own site" to be something I could run on my computer, rather than "owning a domain" :)
#
kylewm kbs: with something like Jekyll (a static site generator), you can do it the other way... generate the html files and stuff on your local machine and just transfer it to a public server somewhere
#
kbs kylewm: aah - okay. Thanks for that pointer as well. Does it periodically also ah, check for webmentions and so on via a cron job or something
#
kbs so it can merge them back into the files it generates?
LauraJ joined the channel
#
kylewm that would definitely be a good approach -- i'm not sure what work has been done with static site generators so far. I believe bret's bret.io is a jekyll site that accepts webmentions, might be interesting to see what he does
#
kbs Oh, I see - gotcha.
#
aaronpk barnaby made a thing that loads mentions webmention.io from javascript and renders them as comments
#
aaronpk i think he linkde to it here yesterday
#
kbs *nod* makes sense, at least conceptually :)
#
kylewm and it looks like bret does something similar with pingback.me
#
kylewm oh, that's the same site... oops :)
#
aaronpk pingback.me == webmention.io
#
aaronpk i made it before we had webmention
#
kbs (noscript makes me miss all the good stuff :)
bnvk joined the channel
#
@ShaneHudson #indieweb RT @ManikRathee: So unbelievably bummed about this: Readmill Epilogue — https://readmill.com/epilogue?utm_content=bufferae710&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer (twitter.com/_/status/449614737790492672)
benward, bnvk and julien51 joined the channel
#
kylewm question about /databases-antipattern ... my instinct building a flat-file store would be to put everything in JSON blobs organized like year/month/day/note_1 ... but then am i not just building a pale imitation of mongo?
#
julien51 barnabywalters yes, the load the js ONCE from https://subtome.com WHEN the user clicks on the button. If no one clicks on the button, the JS is never loaded and if it’s been loaded ONCE for a visitor it will never be loaded again…
#
aaronpk kylewm: sorta yeah, but even then it's better than (especially) mongo
#
kylewm hehe, I have no experience with mongo. I just mean, I want to heed the warning about databases without just rebuilding something worse :)
#
kylewm but if the main point is to have things in stable, easy-to-backup files, then I tihnk I'm good
#
aaronpk easy to back up, and easy to move around
#
aaronpk and easy to read as technology changes
#
aaronpk (e.g. not a binary sqlite format that requires a specific version of sqlite to parse)
#
kylewm thanks aaronpk. you made a point the other day about transferring data between development server/production server that definitely resonated with me
#
kylewm because that is not easy right now
bnvk, pasevin, voxpelli and cweiske joined the channel
#
cweiske aaronpk, I was wrong yesterday
#
cweiske my lib parses html to check for linkback urls
#
cweiske but somehow it decided that does not have to do it for the wiki
#
aaronpk oh ok, and it's not finding the url for the wiki?
#
cweiske it does a HEAD request
#
cweiske and then decides that it does not need to do a GET
#
cweiske probably because it thinks the page is not htm
#
cweiske l
#
cweiske I have to investigate
#
aaronpk oh strange, ok
#
cweiske I guess it's because of the charset attribute in the content-type header
#
aaronpk "Content-Type: text/html
#
aaronpk charset=UTF-8"?
#
cweiske yep
#
cweiske need to split that
#
aaronpk ah
#
cweiske https://github.com/pear2/Services_Linkback/blob/master/src/PEAR2/Services/Linkback/Client.php#L169
#
cweiske there is the problem
#
cweiske ok
#
Loqi [mention] http://cweiske.de/tagebuch/atom-vs-hfeed-size.htm linked to http://indiewebcamp.com/ (webmention)
#
Loqi [mention] http://cweiske.de/tagebuch/atom-vs-hfeed-size.htm linked to http://indiewebcamp.com/h-feed (webmention)
#
Loqi [mention] http://cweiske.de/tagebuch/atom-vs-hfeed-size.htm linked to http://indiewebcamp.com/feed#Criticism (webmention)
#
cweiske ok, works
#
aaronpk yay
#
Loqi woot
Kopfstein joined the channel
#
cweiske a good way to see stapibas doing work in progress
#
cweiske http://fotostore.cweiske.de/screenshots/2014-03-28%20stapibas%20is%20pinging.png
tilgovi and tantek joined the channel
#
tantek good day #indiewebcamp!
#
tantek lots of early morning discussion!
#
KartikPrabhu good day! tantek
#
ben_thatmustbeme good afternoon tantek
eschnou joined the channel
#
tantek kbs, ben_thatmustbeme you guys have seen this right? http://microformats.org/wiki/key-examples
#
tantek in particular the use-cases etc.
#
kbs tantek: yep - info read and digested by what's left of my few brain cells :)
ttepasse joined the channel
#
ben_thatmustbeme I had not. It seems no matter what I discuss there is a page for it somewhere. I think I need to just sit down and read every wiki page for like a month first
#
aaronpk nah, just search first :)
#
tantek ben_thatmustbeme: what aaronpk said. search first. then ask if there's a page on "x".
#
ben_thatmustbeme i'm slowly getting in to that habit
#
tantek and by search first, start with checking directly for an indiewebcamp.com page on the subject.
#
tantek and if none found, and your subject is something formats / protocol related, then also check the microformats.org/wiki/
#
tantek and only after that try Google search
CheckDavid joined the channel
#
tantek so many subjects this morning!
eschnou joined the channel
#
kbs (btw, I don't know that adding a key to a keyserver actually changes anything as far as the provenance of a key goes :) cf. https://hkps.pool.sks-keyservers.net/pks/lookup?op=vindex&search=president@whitehouse.gov
#
tantek more moving pieces
#
tantek ben_thatmustbeme: nice start on your user page!
#
ben_thatmustbeme tantek, thanks. I'm trying to keep the code behind it as clean as possible, I want to make something super easy to hack on
tilgovi joined the channel
#
@dougmckown Exciting #indieweb news! @TrsstProject binaries are ready for testing. h/t @mrmzholland https://github.com/TrsstProject/trsst/releases/tag/v0.2 (twitter.com/_/status/449642581849161728)
#
tantek but have TrsstProject binaries been selfdogfooded?
#
tantek and why are they "binary"?!?
#
KartikPrabhu looks at TrsstProject
#
cweiske compiled java classes
#
cweiske binary
#
KartikPrabhu aah so it is a Atom publishing/reading application built in Java
#
KartikPrabhu desktop application
#
tantek how is that indie*web*?
#
KartikPrabhu shrugs
#
cweiske there are java web apps, you know
#
tantek you mean java apps delivered over HTTP?
#
tantek has yet to see anything "web" about any java "apps"
#
cweiske ?
#
cweiske java web servers
#
cweiske $ java -jar target/trsst-client-0.2-SNAPSHOT-exe.jar port 8181
#
cweiske Services now available at: https://192.168.1.5:8181/feed
#
cweiske like php
#
cweiske accepting HTTP requests, responding with HTTP responses
#
tantek ah ok that makes more sense now. thanks for clarifying cweiske.
#
cweiske a sad day for openid: http://cweiske.de/tagebuch/sourceforge-openid.htm
#
tantek :(
#
Loqi it'll be ok
#
cweiske don't laugh at it. it's sad. and they won't adopt indieauth
#
tantek not laughing - that was an unhappy face :(
#
cweiske yes
#
cweiske I had the words already written
#
tantek ok so they dropped it from their main UI but they still support it?
iangreenleaf joined the channel
#
cweiske yes
#
cweiske if you know the hidden button
#
tantek yeah we should probably note this on the /openid page :/
#
cweiske s/button/url parameter/
#
Loqi cweiske meant to say: if you know the hidden url parameter
snarfed joined the channel
#
tantek http://indiewebcamp.com/openid#Shutdowns
#
tantek could you add an entry there and cite your blog post cweiske?
#
cweiske 2013-10-29 SourceForge.net is considering phasing out OpenID login
#
cweiske I already wrote that
#
cweiske half a year ago
#
cweiske duh
#
snarfed tommorris: saw you mentioned posseing to facebook from your web site! obligatory plug, just fyi: https://snarfed.org/2014-03-25_bridgy-publish
#
cweiske my memory isn't really that well
#
tantek but the UI thing is new? or happened back then?
#
tantek sorry I'm confused
#
cweiske same thing
#
cweiske nothing is new as I now found out
#
tantek ok
yaf joined the channel
#
tantek.com edited /OpenID (+176) "/* Shutdowns */ note sourceforge removal of OpenID from UI, but still supporting through old URL param, citation cweiske blogpost" (view diff)
#
tantek hey KevinMarks - what was the old terminology for full feeds vs. partial feeds that only had a title and link, or title summary link etc? I remember there was a specific term you used while at Technorati
#
tantek I'm going with "partial feeds" until / unless someone provides a better / more canonical term
#
KartikPrabhu tantek: I used truncated feeds but that doesn't seems so nice :)
#
tantek KartikPrabhu: I've never heard that phrase used before, nor is it really accurate - as there's nothing that's "truncated" typically, but rather a choice of only title, or only summary, rather than full content
#
KartikPrabhu agreed. That was just something that came up in my head while writing.
#
tantek totally fine. much better to get something written first, then clean up terminology etc. later
#
tantek thank you for writing that up
#
KartikPrabhu sure thing! :)
#
KartikPrabhu a Google search reveals a lot of articles saying "partial feeds" so that seems good
#
tantek yeah I'm pretty sure I've heard that before but I know KevinMarks would know the canonical term for it
grantmacken joined the channel
#
tantek.com created /feed_files (+23) "r" (view diff)
#
tantek.com edited /h-feed (+746) "edit summary definition, use term partial rather than truncated, re-order content slightly for intro/use-case, subheads" (view diff)
#
tantek KartikPrabhu - take a look and see if my edits still make sense with what you were thinking - I tried to keep the intent/meaning of what you wrote and just expand on it: http://indiewebcamp.com/h-feed#Brainstorming
#
cweiske I didn't get why you think I compared apples with oranges last night
#
tantek because you're not comparing the same content
#
tantek in two different formats
#
tantek comparing a full feed vs. a partial feed with permalinks
#
kartikprabhu.com edited /h-feed (+7) "/* prior work */ typpo fixed" (view diff)
#
tantek no matter what format(s) you use in that comparison
#
tantek you'll get the same result
#
tantek so you proved only that a full feed is smaller than partial feed with permalinks
#
KartikPrabhu tantek: edited a small typo but otherwise pretty good. also reads better than my version
#
tantek nothing about whether RSS or Atom or h-feed is more or less efficient
#
cweiske tantek, my atom feed is a full feed
#
tantek cweiske - so is mine - so?
#
cweiske where is the partial feed you're talking about?
#
tantek KartikPrabhu: good catch!
#
tantek cweiske - the h-feed in your example is a partial feed
#
KartikPrabhu tantek: now changing crosslinks from reader page
#
tantek KartikPrabhu: great - that's how a wiki is supposed to work! collaboration :)
#
cweiske sure, because I don't have a special h-feed file
#
tantek sure - that's your design choice - not a format difference
#
cweiske which you're damning on http://indiewebcamp.com/feed_file
#
cweiske DRY and all that stuff
#
tantek right, that's another issue - DRY violations
#
tantek again, you can DRY violate with any format
#
kartikprabhu.com edited /reader (-35) "/* Brainstorming */ changed crosslinks to h-feed brainstorming" (view diff)
#
cweiske so to get the same content, the h-feed consists of 11 files
#
tantek it's the having a separate file/URL that's the violation
#
cweiske so the DRY h-feed is 2.3 times larger than the atom feed
#
tantek cweiske - that's your choice, nothing to do with the format
#
tantek nope a DRY h-feed would just be full content on your home page
#
tantek but you chose not to have full content - which is fine, that's your design choice
#
tantek so you could havea feed.xml file and a feed.html file and compare them
#
tantek that would actually compare the efficiency of the formats
#
tantek by comparing one feed file to a partial feed + permalink pages, you are comparing one apple to many oranges
#
aaronpk question: say I have a home page with only headlines (or headlines + summary) *and* a feed.html file with the full text of everything. does that violate DRY or not?
#
tantek you could do the converse and have worse results too: a full h-feed feed.html, and a partial feed.xml that linked to permalinks
#
cweiske but following the "spirit" or "reason" for h-feed forces me get rid of a full-content feed, or forces me to abandon my design choices
#
tantek aaronpk - well it violates what's been duplicated
#
tantek cweiske it does not
#
tantek you simply replace your feed.xml with a feed.html. done
catsup joined the channel
#
cweiske then I repeat myself
#
cweiske which is I thought the reason for h-feed
#
cweiske to not repeat yourself
#
tantek it's *one of* the reasons for h-feed
#
tantek it enables DRYer publishing
#
tantek if you choose for your own design to violate DRY - that's your choice
#
tantek you can use any random set of formats to violate DRY
#
tantek h-feed gives you the *possibility* of being DRYer than any other separate XML/RDF/JSON formats
#
cweiske everyone violates DRY by having permalinks that are not anchors on the main page
#
tantek this is the whole reason for microformats in the first place
#
tantek and also why even RDF folks push RDFa now. and others push microdata.
#
tantek the point is to *minimize* DRY violations
#
tantek just as the point is to minimize errors
#
tantek minimize security violations
#
tantek / vulnerabilities etc.
#
KartikPrabhu !tell snarfed: trying webmention discovery on "https://www.brid.gy/about" gives an SSLError.
#
Loqi Ok, I'll tell them that when I see them next
#
tantek i.e. saying, well my code is a little crappy is no excuse for making your code even crappier.
#
KartikPrabhu IMO all of these design principles are guidelines. You can choose how much to sacrifice one of them for the other. Being very black & white about it seems counterproductive
#
tantek.com edited /storage (+21) "/* Databases */ idno uses MongoDB currently" (view diff)
#
tantek KartikPrabhu: yes they're ideals, and we should work to achieve them
#
tantek but sometimes there are other things we prefer instead, such as the user experience design of our pages
#
KartikPrabhu "ideals tempered with pragmatism" this should be a quote by someone famous
#
KartikPrabhu tantek: would a flat file (as opposed to DB) system be better for having a easy-installation for Gen>2 users?
#
tantek.com created /MongoDB (+174) "stub" (view diff)
#
tantek KartikPrabhu: and freedom to pursue ideals
#
tantek that's the problem with side files and in particular random XML formats - they *force* you to compromise ideals
#
tantek if you're going to compromise an ideal, you should do so for a good user-centered-reason, not a crappy-designed plumbing-centered reason.
#
tantek.com created /favourite (+22) "r" (view diff)
#
KartikPrabhu yup. In fact I have a partial atom feed, mainly because I had posts that used custom CSS and scripts that don't render in feed readers anyway. I could have full feeds for normal posts and partial for custom ones, but now I am not inclined to dive into Atom/RSS to do this
#
KartikPrabhu it would be great if I could syndicate http://kartikprabhu.com/article/life in some meaningful way, but I don't see how
#
tantek KartikPrabhu: right. there is too little benefit to you to bother with Atom/RSS to do this
#
tantek.com edited /pgp (+201) "/* Key Lookup Algorithm */ note look for representative h-card first, since that's what microformats.org/wiki/key-examples has found and documented" (view diff)
#
cweiske who hosts webmention.org?
#
cweiske it does not support HEAD requests
#
cweiske curl -I webmention.org
#
cweiske HTTP/1.1 503 Service Temporarily Unavailable
#
cweiske Server: nginx/1.4.4
#
KartikPrabhu that seems to just redirect to github
#
tantek I think github is the host
#
aaronpk i think sandeep hosts webmention.org on his server and sends a redirect
#
aaronpk you've gotta handle 503 errors from hosts that don't accept head requests tho ;)
#
aaronpk the world is a wild place
#
cweiske not accepting head requests is a different status code
#
cweiske 405
#
cweiske method not allowed
#
aaronpk s/don't accept head requests/are misbehaving/
#
cweiske oh, I've got another github.com URL that exhibits the same error
#
cweiske so it's probably github
Jeena joined the channel
#
tantek there's probably a github/github where you can file issues like that ;)
#
cweiske just checked my mails
#
cweiske I sent them a report in oct 2013
#
cweiske "Thanks very much for the report! I'll mention this to the team so they can check out our help application."
KevinMarks and josephboyle joined the channel
#
Loqi [mention] http://kartikprabhu.com/article/indieweb-love-blog linked to https://indiewebcamp.com/backfeed (webmention)
#
Loqi [mention] http://kartikprabhu.com/article/indieweb-love-blog linked to http://indiewebcamp.com/webmention (webmention)
#
Loqi [mention] http://kartikprabhu.com/article/indieweb-love-blog linked to https://indiewebcamp.com/selfdogfood (webmention)
#
Loqi [mention] http://kartikprabhu.com/article/indieweb-love-blog linked to http://indiewebcamp.com/ (webmention)
#
Loqi [mention] http://kartikprabhu.com/article/indieweb-love-blog linked to http://indiewebcamp.com/POSSE (webmention)
#
jonnybarnes anyone here any good at PHP, I want to do something to a URL variable unless the url is a twitter.com or pbs.twimg.com url
#
jonnybarnes this doesnt work:
#
jonnybarnes $url = parse_url($content['photo'])['host']
#
jonnybarnes if($url != 'twitter.com' || $url != 'pbs.twimg.com') { ... }
#
tantek you want &&
#
tantek that || statement will always be true :)
#
KartikPrabhu sorry about the mention spam... just fixed some webmention sending
#
tantek it's a nice reminder when people update their blog posts ;)
#
tantek but Loqi has no idea it's a Create webmention vs an Update webmention
#
KartikPrabhu it isn't an updating of post, just fixed some webmention sending code that had failed when I wrote the post
#
tantek even better reason
#
KartikPrabhu it is very useful to see if mentions are working. good job Loqi!
#
Loqi grins profusely
#
jonnybarnes thanks tantek
Jeena joined the channel
#
tantek np! elementary boolean logic my dear ;)
#
KartikPrabhu kylewm: I broke your share (http://kylewm.com/share/2014/03/27/1) by sending a faulty mention. apologies, please delete it :(
#
KartikPrabhu also let this be a lesson to not directly post a 1000 word essay in replies... :P
#
tantek oh my goodness did you send your article as a reply to his comment on your article?!?
#
KartikPrabhu unfortunately yes :(
#
tantek that shouldn't have shown up because your article is not "in-reply-to" his comment!
#
tantek I mean, you just found a bug in his code!
#
KartikPrabhu possibly! :P
#
KartikPrabhu tantek: something funnier: http://kartikprabhu.com/article/indieweb-love-blog#responses
#
KartikPrabhu weekend project: fix this whole webmention fiasco on PT!
#
tantek heh
#
KartikPrabhu I should send mentions only to the links in the first h-entry. is that a good policy?
#
Loqi yea!
#
tantek you should send mentions to all the links in your h-entry
#
tantek it's up to the destinations to properly interpret them
#
Loqi yea
#
kylewm KartikPrabhu: :D it is in my databaes as a "reference" but I do not display them differently yet (mostly because nobody would have a reason to reference me on anything)
#
KartikPrabhu tantek: but I shouldn't have sent a mention to kylewm's reply in the first place right?
#
KartikPrabhu even though it is in my h-entry
#
tantek so the right question to ask is
#
aaronpk think of the webmention as just saying "hey there, this page of mine linked to this page of yours"
#
tantek what's the use case for your article sending a webmention to kyle's reply?
#
KartikPrabhu aaronpl: come on! :P
#
KartikPrabhu aaronpk ^^
#
tantek and at least *one* answer to that use-case question is:
#
tantek if you update your article title, or summary, etc. at the top, by sending a webmention to all the replies to your article, you give them a chance to update their reply-contexts accordingly!
#
KartikPrabhu ooo!
#
tantek I have no idea if anybody does this - but it's a good idea
#
tantek and how we keep that info up to date via notifications
#
KartikPrabhu but I really shouldn't have sent a mention to my own article from kyle's comment on my article!
#
KartikPrabhu or I should have handled that better on the incoming side?
#
tantek you should have handled it better on the incoming side
#
tantek a-ha I *have* written up reply-context updating before!
#
tantek check this out KartikPrabhu: http://indiewebcamp.com/reply-context#Update
#
Loqi agreed.
#
KartikPrabhu I see. good points to implement over the weekend
#
tantek and check out the Delete possibility too
#
KartikPrabhu I actually implement the delete possibility myself!
#
tantek see these kinds of interactions are what the indieweb is about -
#
tantek actually implementing federated commenting, updating, deleting etc.
#
tantek which are *user level* features
#
tantek and have nothing to do with the petty format wars of old.
#
tantek or plumbing-centric discussions
#
KartikPrabhu nods
#
tantek that was perhaps the worst part of the RSS/Atom wars - it distracted so many smart people away from actual important things
#
kylewm so as the receiver, I can only know that the webmention is from the thing I originally replied to by checking it against my existing reply-contexts right?
#
tantek and the sadder part is that some of those folks are *still* spending time fighting that war instead of working on user-facing features
#
KartikPrabhu oh well...
#
KartikPrabhu kylewm: i think so. yes
#
kylewm looking at the mf2 on KartikPrabhu's page, I don't think there is a way to distinguish a uncategorized reference
#
tantek kylewm - of course there is
#
tantek *you* know by looking at *your* page that the "source" of that webmention happens to be the reply-to of your comment!
#
KartikPrabhu yeah. one that has no u-in-reply-to , u-like-of etc...
#
tantek and thus you should treat it as a reply-context update
#
tantek per http://indiewebcamp.com/reply-context#Update
pfenwick joined the channel
#
KartikPrabhu !tell snarfed: also sending a mention to https://snarfed.org/ returned a 404. Seems like somethign the wordpress plugin does in general. also happened on dariusdunlap's site
#
Loqi Ok, I'll tell them that when I see them next
#
KartikPrabhu this is such a complicated puzzle. this federated comments thing... very interesting
#
tantek KartikPrabhu - interesting thing is - I'm pretty sure we're the first to actually solve this properly, from a user-experience perspective: real time notifications, updates, deletes, reply-contexts etc.
#
tantek *distributed/decentralized* across sites
#
KartikPrabhu yeah i think the distributed part is what makes it harder
#
KartikPrabhu but that is why it is cool
#
KevinMarks venturebeat is hiring in SF for PHP+js in wordpress - anyone interested?
ttepasse joined the channel
#
kbsriram.com edited /pgp (+1204) "Focus on authentication, better user-centric scenarios" (view diff)
kbs joined the channel
#
kbs aaronpk et. al - have at it :) http://indiewebcamp.com/pgp#Secure_communication hopefully less-worse than the last iteration
ttepasse, pfenwick, designdream and _6a68 joined the channel
#
bret been playing around with feedbin lately. really happy with it. makes following lots of small websites a joy... for now
#
bret every feed reader I have used ends up becoming a major maintanance chore after a while and the noise floor tends to gorw over time
#
KartikPrabhu bret: would be great to document those frustrations, niceties as people build indie readers
#
bret I still have not found a filtering or training system for a reader that I like, and I think it stems from treating all posts and feeds as the same
#
bret KartikPrabhu: ill try to get these down right now
tantek joined the channel
#
aaronpk would be interesting to re-explore my thoughts on twitter stream filtering but in the contenxt of indie readers https://aaronparecki.com/articles/2010/09/21/1/bayesian-twitter-client
#
bret aaronpk: have not see that
#
aaronpk it's quite old
#
bret even something like quicksilver or awesome bar level of ++ or --
#
bret on feeds/posts
#
bret i honestly miss the sort by magic from google reader
#
bret that would dig up the weirest stuff and it was great