#indiewebcamp 2014-05-23

2014-05-23 UTC
#
barnabywalters aaronpk: do you mind me diving into php-comments and splitting the logic up into a bunch of little functions?
#
aaronpk sure!
#
barnabywalters a lot of those functions are super handy for reader building, but the whole algorithm isn’t suitable
#
barnabywalters awesome
#
aaronpk oh yeah good call
#
barnabywalters e.g. returning plaintext content, etc
#
barnabywalters I’m pretty sure the only thing Taproot’s (unpublished) microformat-flattening code has which this doesn’t is HTML purification
#
barnabywalters which is a separate concern anyway
#
aaronpk if you think it makes sense to rename the package too I'd consider it
#
barnabywalters hrm
#
barnabywalters I have a bad history of naming microformat-processing packages
#
barnabywalters (*ahem* mf-cleaner *ahem*)
#
barnabywalters let’s keep it as it is for the moment
#
aaronpk ha ok
jedahan joined the channel
#
barnabywalters I think what is really needed is a package which, given microformats, gives you a foolproof, purified, normalised, flat list of arrays
#
barnabywalters which is what mf-cleaner was going to be
#
aaronpk ahh
#
barnabywalters microformats are easy to consume, but not easy enough
#
aaronpk yeah in my experience there ends up being still too many cases to handle when reading raw microformats, it's very useful to have a library that cleans things up a bit
#
aaronpk s/cleans things up/normalizes
#
Loqi aaronpk meant to say: yeah in my experience there ends up being still too many cases to handle when reading raw microformats, it's very useful to have a library that normalizes a bit
KartikPrabhu joined the channel
#
barnabywalters s/s/cleans things up/normalizes/both of the above
#
Loqi barnabywalters meant to say: microformatcleans things up are eacleans things upy to concleans things upume, but not eacleans things upy enough
#
barnabywalters ha ha ha ha
#
aaronpk wat wow
#
barnabywalters nice try Loqi
#
Loqi who, me?
#
KartikPrabhu lol! that is weird
#
tantek the "cleaning things up" and "normalizing" tends to be application specific
#
barnabywalters tantek: example?
#
tantek e.g. being interested in a "foolproof, purified, normalised, flat list of arrays"
#
aaronpk this is not a criticism of microformats btw
#
tantek no I know
#
aaronpk just that in practice, because there are multiple ways to indicate the author of an h-entry (full h-card, string, etc) you have to do a bunch of stuff
#
tantek barnabywalters: if you were instead reading microformats from a page to get a hierarchical comment thread - you'd want hierarchy in your structure as in the page
#
barnabywalters tantek: in my experience consuming microformats that is not the case
#
tantek right, with the use-cases you've implemented so far
#
tantek which of course are fairly flat
#
tantek since that's the most common!
#
barnabywalters tantek: by “flattened” I’m referring to properties rather than nested structures
#
aaronpk this is how I prefer to consume the data in my code: https://github.com/indieweb/php-comments##Resulting+PHP+array
#
aaronpk so php-comments is a thing that does all the normalization of the raw mf2 data and gives me exactly the properties I want in exactly the place I want
#
barnabywalters aaronpk: yes exactly like that
#
aaronpk and after I wrote that I immediately realized it would be useful for more than just rendering comments :)
#
aaronpk like you are now trying to use it for a reader
#
tantek the "exactly … I want" - is application specific
#
tantek which is fine, just consider it when naming such utility functions
#
aaronpk yep, thats why i'm not even remotely suggesting changing the way we publish mf2 data
#
barnabywalters tantek: there are things which are not application specific
#
barnabywalters like normalizing authorship data
#
tantek barnabywalters: might be worth documenting those
#
tantek sure - but those go beyond simple microformats
#
tantek and into variants of pages, page/site structure
#
barnabywalters tantek: that’s plumbing, I’m talking from the point of view of the consumer of the data
#
barnabywalters I typically don’t care about that stuff when consuming microformats
#
tantek yes - agreed from that point of view
#
barnabywalters I just want to get the data
#
tantek totally makes sense
#
tantek bbiab
#
aaronpk back later!
luxagraf joined the channel
#
barnabywalters aaronpk: is https://github.com/indieweb/php-comments#post-names accurate in implying that there will only be a ‘name’ key in the returned value if the name is not considered implied?
#
barnabywalters the $result array always has a name property
#
barnabywalters as per https://github.com/indieweb/php-comments/blob/master/src/indieweb/comments.php#L199
#
barnabywalters looks like name is actually false in that case
#
barnabywalters …which makes more sense, ensuring that the name property will always exist
#
barnabywalters (please ignore above rambling)
tilgovi joined the channel
#
kylewm is someone going to wiki-fy the emmak-aaronpk-barnaby idea about trustless-micropub? it sounds awesome but i'm not quite following it reading the logs, wondering if i should wait for a summary
#
KartikPrabhu i second the summary/documentation request above ^^
#
barnabywalters kylewm, KartikPrabhu: I would but am going to bed now — if no-one has documented it by the morning I’ll do it then
#
KartikPrabhu cool! thanks... seems it would be useful as I go through micropubbing!
#
kylewm good night, barnabywalters thanks again for your help this morning/afternoon
#
Loqi see you in the morning!
#
barnabywalters kylewm: not a problem! goodnight all
kylewm and caseorganic joined the channel
#
KartikPrabhu is reading /micropub_endpoint
#
aaronpk please excuse the in-progress documentation on this
#
aaronpk questions welcome
jedahan joined the channel
#
KartikPrabhu aaronpk: it is a little rough on the edges but I'll get through it and suggest edits as I understand more :)
scor, hidgw, tantek, jasonjohnwells, benwerd, dybskiy, ngoldman_, scor_, tabraldes, jtzl_ and kylewm joined the channel
#
KartikPrabhu has setup a micropub endpoint. now to do authorization with tokens :)
#
KartikPrabhu aaronpk: should I have https in place before doing all the micropub stuff?
#
aaronpk that would be a good idea yeah
benwerd joined the channel
#
KartikPrabhu goes and read up on /https
#
aaronparecki.com edited /micropub (+2480) "initial writeup of trust-less micropub from IRC chat" (view diff)
#
aaronpk there's a start
#
kylewm will the wiki still recognize someone after they switch from http -> https?
#
aaronpk i think so
netweb and tgbrun joined the channel
#
kylewm aaronpk: that writeup helps a lot. still a little confused on this: why do you need a 'comment' access token at all?
#
kylewm as in, why not just forward the comment data to your own post UI
#
aaronpk oh I didn't explain that there
#
aaronpk what I was thinking is this:
#
aaronpk the micropub POST request has comment text and other junk, and it's going to have to store or encode that data before being able to present the request to you
#
aaronpk I didn't like the idea of acceping completely unauthenticated requests, since that would end up just wasting server resources either encoding or storing these potential comments
#
aaronpk so I thought the initial untrusted micropub request could require an access token so that your server could flat out reject bogus requests
fmarier joined the channel
#
kylewm ahh, so it's sort of like comment moderation
#
aaronpk hm
#
kylewm like you store the comment on your site somewhere and then open the interface to edit it
#
aaronpk ah sure
#
kylewm and publish it
#
kylewm interesting, thanks for explaining :)
#
aaronpk i'm out! feel free to edit that or ask questions and i'll get back to it later!
jjuran and kylewm joined the channel
#
@kevinmarks http://signalvnoise.com/posts/3752-its-ok-not-to-use-tools it's OK not to use tools #indieweb (twitter.com/_/status/469666243343945728)
#
@jeremyzilar RT @kevinmarks: http://signalvnoise.com/posts/3752-its-ok-not-to-use-tools it's OK not to use tools #indieweb (twitter.com/_/status/469666374722547712)
realz, paulcp, tgbrun and luxagraf joined the channel
#
@caseywsj RT @kevinmarks: http://signalvnoise.com/posts/3752-its-ok-not-to-use-tools it's OK not to use tools #indieweb (twitter.com/_/status/469679981178544128)
#
KartikPrabhu is scratching the https itch
#
kylewm just cannot get excited about https
#
GWG KartikPrabhu: Is it worth the money?
#
KartikPrabhu StartSSL gives it for free see /http
#
KartikPrabhu s/http/https
#
Loqi KartikPrabhu meant to say: StartSSL gives it for free see /https
#
GWG I have one of those, I think.
#
GWG I should consider it.
#
Loqi yea
#
GWG KartikPrabhu: What is the advantage for your own site?
#
KartikPrabhu i am doing micropub things and aaronpk suggested https is better
#
KartikPrabhu since transfer of data and all that
#
KartikPrabhu also see: http://indiewebcamp.com/https#Why
#
KartikPrabhu mainly "But if only the “controversial” stuff is private, then privacy is itself suspicious. Thus, privacy should be on by default" -- Tim Bray
#
KartikPrabhu incidentally with Webfaction (my host) you can use its certs too see: http://docs.webfaction.com/user-guide/websites.html#secure-sites-https cc: kylewm
nloadholtes joined the channel
#
kylewm re: "the domain doesn’t match the security certificate (though the connection is still encrypted)"
#
kylewm I have wondered about that ... self-signed HTTPS seems like better than nothing, but the browser makes it seem like the end of the world
#
KartikPrabhu kylewm: yeah unsure how that affects things. But i just geenrated a cert from StartSSL
#
KartikPrabhu browsers are good at that aren't they!
#
kylewm I mean I understand why, but it'd be nice if it could say "We can't guarantee this site is who they say they are, but the data to them is encrypted"
#
KartikPrabhu yeah something less apocalyptic
#
rascul http://www.rogerbinns.com/blog/ssl-still-sucks.html
#
rascul "it doesn't really matter who issues your certificates, there are no real assurances behind them any way, and nobody checks"
brianloveswords joined the channel
#
KartikPrabhu rascul: is it better than nothing in the absence of other protocols?
#
rascul yes
#
KartikPrabhu PS: I will read that article (haven't yet) thanks for the link.
#
rascul the encryption is what counts
#
rascul identification is a joke with ssl unless you pay crap tons of money
#
KartikPrabhu rascul: In that case we should use it, and hope that smarter folks come up with better stuff
#
rascul er, for web sites i mean
#
rascul yes, do use ssl and https, don't worry overly much on where the certificate came from
#
rascul unless it's for a big money making site or something
#
KartikPrabhu re: indentification, of course encryption is good and identification is hard specially wrt privacy. You need to be a very very trusted institution to do identity verification while respecting privacy
#
rascul yes
#
KartikPrabhu rascul: any candidates you can think of? I can't
#
rascul i personally don't trust any of the big certificate authorities
#
KartikPrabhu <sigh> perfect now my http site does not work and https is not verified yet! nice work
#
rascul they exist for the sole purpose of ripping people off with over priced and under featured ssl certificates
#
rascul startssl i use for some things though just so browser doesn't complain
#
rascul this may interest you http://en.wikipedia.org/wiki/SPDY
#
KartikPrabhu i have read about SPDY in the past but wrt speed improvements etc...
#
rascul "The first draft of HTTP 2.0 is using SPDY as the working base for its specification draft and editing"
#
KartikPrabhu oh well i guess my site will be down for a bit unless you trust me ;)
#
rascul also, spdy requires the use of ssl
#
rascul cacert.org may also be interesting for some people
luxagraf joined the channel
#
KartikPrabhu ok http works again! sweet
#
KartikPrabhu webfaction++
#
Loqi webfaction has 1 karma
jedahan joined the channel
#
GWG Fine, you guys win.
#
KartikPrabhu kylewm: I changed my mind. Firefox's https warning is exactly what it should be. Though it is annoying for us techminded people, it is "best" that 'normal people' be given a strict warning about it since they might not really understand all the risks
#
KartikPrabhu GWG: to victory and beyond
#
GWG I'm getting two extra Class 1 certificates for my server
#
GWG It needs a default
#
KartikPrabhu two? why one too many?
#
GWG The server hosts multiple sites
#
GWG I don't want every secure request to be redirected to my site
#
j12t use a self-signed on, and save some money
#
j12t s/on/one/
#
Loqi j12t meant to say: use a self-signed one, and save some moneey
#
GWG j12t: Startssl is free
#
GWG I am not paying
#
j12t ok :-)
#
j12t and save some hassle
#
j12t i hate that dance
benwerd joined the channel
#
GWG If I was doing commerce, I'd pay
#
KartikPrabhu GWG: StartSSL does cost money to revoke
#
KartikPrabhu might be a little late as a warning but hope you took that into account
#
GWG KartikPrabhu: Do I plan to revoke?
#
j12t has anybody played around with the gpg stuff that the freedombox folks have put into apache ssl? I don’t know any details
#
rascul lets run a ca on indiewebcamp.com
#
KartikPrabhu GWG: unknown. My first foray into SSL too
#
KartikPrabhu j12t: any link to what that entails?
#
GWG KartikPrabhu: n9n.us has a StartSSL certificate
#
j12t i was hoping somebody else knew :-)
#
GWG I was using it to test SPDY at one point
#
j12t but it’d be cool to have web of trust instead of hierarchical certs for ssl
#
rascul GWG how is spdy working for you?
#
GWG rascul: It isn't right now
#
GWG I didn't maintain it. n9n.us only runs my TT-RSS installation right now, and a test server for theme development
#
rascul ok
#
rascul i have yet to do spdy on anything because i'm lazy
#
GWG It worked well enough
#
rascul but
#
rascul i did look briefly at nginx spdy docs
#
rascul briefly = i saw a link to it
#
GWG rascul: As did I. They've evolved since I last did it
#
GWG The module isn't compiled in by default
#
rascul building it is no problem
#
rascul iirc nginx modules are trivial to build
#
GWG I know.
#
GWG But one time I updated, forgot, and then didn't fix.
#
rascul yeah there is that
#
rascul solution: never update!
#
aaronpk rascul: one step ahead of you ;-) https://ssl.pin13.net/indiewebcamp/
#
rascul whoa nifty
#
aaronpk It auto-issues *.dev certs
#
aaronpk Anything else I have to manually approve
#
rascul ahh ok
#
rascul it's for indieweb sites?
#
aaronpk Whatever
#
rascul i'll get one in due time for rascul.io :)
#
aaronpk Mostly it's just for me testing
#
aaronpk I have a bunch of ssl sites on my laptop for development
#
aaronpk It's nicer to be able to get my machine to not throw cert warnings
#
rascul yeah
#
aaronpk Not just the browser but also other http clients
#
aaronpk Cause I test micropub clients and stuff locally
#
rascul ahh ok
#
rascul thoughts on supporting https only?
#
rascul i mean for the personal domains
#
aaronpk Sure! As long as you have a cert that won't throw warnings for people
#
rascul my thoghts were if i was gonna do https, why should i bother still with http
glennjones, whaity, eschnou and indie-visitor joined the channel
#
rjruss so I got a domain earlier today....now I assume I host it on a server somewhere? any cheap ideas for putting that together? looks like there is a billion options
jsilvestre, cweiske, caseorganic and fmarier joined the channel
#
jjuran rjruss: nearlyfreespeech.net is what I use
#
jjuran It's really cheap, especially if you have low traffic
#
rjruss I was just looking at bluehost....I'll check out nearlyfreespeech as well...thank you
Jihaisse joined the channel
#
KartikPrabhu rjruss: that really depends on what you'd like to run on the host maybe this will help: http://indiewebcamp.com/hosting
#
KartikPrabhu it also lists people who use diff services so you can them about it here
zaal joined the channel
#
rjruss KartikPrahbu: hey thanks..yeah I was just reading that a minute ago....just trying to get this put together and then see what I want to do from there
#
KartikPrabhu some things you might want to look at would be 1.cost 2. technology available that you'd like to use like Wordpress/PHP/Python etc... 3. support direct/through some community forum
petermolnar joined the channel
#
rjruss yeah cost is a big one..would be awesome to go VPS but yeah..cost is a huge factor! The technology available is something I am unclear on at this point..obviously the more flexible the better..but yeah...and support is one I didn't think of ...yeah thats an important one
#
cweiske I share a vps with 2 friends
#
cweiske so we pay 10€/month
#
cweiske each
#
cweiske which gives us a pretty good vps
nloadholtes, LauraJ and eschnou joined the channel
#
voxpelli rjruss: all the first VPS:es within an app's cluster is free on http://www.heroku.com/ – only downside is that it will pause itself one hour after it was last accessed, but it will start again the next time someone accesses it
#
voxpelli I host eg. https://webmention.herokuapp.com/ there for free
pfefferle, tobiastom, Sebastien-L, chrisroos, tpinto, tgbrun, friedcell, ttepasse, alistair and adactio joined the channel
#
Loqi adactio: tantek left you a message on 5/21 at 10:01am: appreciate your review of the updates to /IndieMark per the DecentralizeCamp session today and your feedback! http://indiewebcamp.com/wiki/index.php?title=IndieMark&action=historysubmit&diff=9381&oldid=7063
Sebastien-L, chrisroos, adactio, alistair, jonnybarnes, scor, tgbrun, netweb, aboynejames, pbeaulieu, pfefferle, tobiastom_, glennjones, luxagraf and krendil joined the channel
#
luxagraf So I was doing some research on reverse geocoders last night and it seems geoloki is being replaced by Esri's Geotrigger Service: https://geoloqi.com/faq
#
luxagraf Looks like pretty much the same thing, different name, but i thought it might make sense to update the wiki http://indiewebcamp.com/Location
paulcp, chrissaad, pfefferle, gRegor`, j12t, chloeweil, chloeweil_, ttepasse, jasonjohnwells, luxagraf, brianloveswords and caseorganic joined the channel
#
@benwerd Owning your own site is the only way to guarantee you'll reach your audience. http://stream.withknown.com/2014/for-content-creators-theres-no-guarantee-youll-reach-your-audience #indieweb (twitter.com/_/status/469861843813404672)
pfefferle, jedahan and chrissaad joined the channel
#
@lionzan @dsearls @YouOwnTheWeb i try to do something for my Online Identity Reclamation thanks to @indiewebcamp (twitter.com/_/status/469866548547821568)
#
sixtwothree.org edited /2014/Guest_List (+85) "/* Regrets */" (view diff)
#
@kevinmarks URL based payment protocol for Bitcoin https://github.com/bitcoin/bips/blob/master/bip-0070.mediawiki #indieweb (twitter.com/_/status/469870389485518849)
#
@timburks RT @kevinmarks: URL based payment protocol for Bitcoin https://github.com/bitcoin/bips/blob/master/bip-0070.mediawiki #indieweb (twitter.com/_/status/469870673918455808)
sparverius, pbeaulieu, gRegor`_ and iangreenleaf joined the channel
#
kylewm.com created /queue (+22) "-> queueing" (view diff)
netweb joined the channel
#
kylewm.com edited /queueing (+1023) "added info about uwsgi-spooler and redis" (view diff)
#
kylewm.com edited /queueing (-10) "/* Users */ typo" (view diff)
#
aaronparecki.com edited /queueing (+12) "change header to "IndieWeb Examples" for consistency" (view diff)
dariusdunlap joined the channel
#
kylewm danke
j12t, gRegor`, barnabywalters, luxagraf, paulcp and tantek joined the channel
#
@indiewebcamp RT @andigalpern: The web is your playground. Go play! @t @kevinmarks @erinjo @katelosse @generic_brian @MozSF #indieweb http://t.co/9MU0VIu… (twitter.com/_/status/469883679703973888)
emmak joined the channel
#
Loqi [mention] https://brid-gy.appspot.com/like/twitter/kartik_prabhu/469303851695108097/235193328 linked to http://indiewebcamp.com/2014 (webmention)
#
@YouOwnTheWeb @lionzan @indiewebcamp I wish I could help you today. Our common initiative should avoid people need to reclaim identity in the future (twitter.com/_/status/469884562060091392)
#
@YouOwnTheWeb @lionzan @indiewebcamp Thank you.I was wondering if you would be so kind to add you voice to our initiative to change https://www.thunderclap.it/projects/12026-you-own-the-internet (twitter.com/_/status/469884710882406400)
pbeaulieu and brianloveswords joined the channel
#
Loqi [mention] https://brid-gy.appspot.com/like/twitter/glennjones/469406296887001088/235193328 linked to http://indiewebcamp.com/backfeed (webmention)
#
aaronpk it's about time for webmention.io to start parsing those bridgy links and making these things look better in IRC
#
aaronpk what state is the ruby mf2 parser at?
#
Loqi [mention] https://brid-gy.appspot.com/like/twitter/glennjones/469406296887001088/11628 linked to http://indiewebcamp.com/backfeed (webmention)
#
tantek !tell tommorris,adactio wherefore art thou RSVPs? http://indiewebcamp.com/2014/UK/Guest_List#Creators ;)
#
Loqi Ok, I'll tell them that when I see them next
#
tantek what is ruby?
#
Jeena ruby is a stone
#
Jeena aaronpk, I use it on my website and it works really well.
#
Jeena The only thing is that it lacks a bit of documentation on how to use it.
#
aaronpk ah cool
paulcp joined the channel
#
tantek does the ruby mf2 parser have name beyond "ruby mf2 parser" ?
#
tantek.com edited /2014/Guest_List (-64) "replace requirements section with Creators, Bloggers, Apprentices, update header" (view diff)
tpinto and whaity joined the channel
#
aaronpk it's just called microformats2 https://github.com/G5/microformats2
luxagraf joined the channel
#
tantek.com edited /2014/Guest_List (-100) "add Lanyrd and Plancast URLs" (view diff)
#
tantek.com edited /2014/Guest_List (+31) "link to main page" (view diff)
chloeweil joined the channel
#
tantek.com edited /2014 (+115) "/* RSVP */ add Lanyrd & Plancast URLs" (view diff)
#
tantek.com edited /2014/Guest_List (+32) "/* IndieWebCamp 2014 */ add Calagator" (view diff)
#
tantek welcome back chloeweil!
#
tantek has been creating Lanyrd and Plancast copies for IndieWebCamp 2014
#
GWG tantek: I'm excited for it
#
tantek Send all the RSVPs!
#
tantek http://plancast.com/p/lg3r
caseorganic joined the channel
#
tantek and Lanyrd too: http://lanyrd.com/2014/indiewebcamp-2/
#
@indiewebcamp The 4th annual #IndieWebCamp is in 5 weeks & bicoastal (PDX & NYC) http://indiewebcamp.com/2014 Sign-up! http://indiewebcamp.com/2014/Guest_List (twitter.com/_/status/469895553602449409)
#
@aaronpk RT @indiewebcamp: The 4th annual #IndieWebCamp is in 5 weeks & bicoastal (PDX & NYC) http://indiewebcamp.com/2014 Sign-up! http://indiewebcamp.com/2014/Guest_List (twitter.com/_/status/469895657289822208)
#
tantek let's see if that garners any more sign-ups :)
#
GWG I want to beat West
#
@obensource RT @indiewebcamp: The 4th annual #IndieWebCamp is in 5 weeks & bicoastal (PDX & NYC) http://indiewebcamp.com/2014 Sign-up! http://indiewebcamp.com/2014/Guest_List (twitter.com/_/status/469896006704709632)
#
aaronpk I want to beat east :)
#
tantek aaronpk - it's West's game to beat ;)
friedcell, bnvk and tgbrun joined the channel
#
tantek chloeweil, know anyone who would enjoy IndieWebCamp? We need to get more people for East! (West is beating us by only 1 sign-up more)
#
@AAinslie #URL based payment #protocol for #Bitcoin https://github.com/bitcoin/bips/blob/master/bip-0070.mediawiki #indieweb /v @kevinmarks (twitter.com/_/status/469901526031675392)
#
chloeweil tantek I’ll have to ask around, and see which nerds I work with are also freedom fighters :)
gRegor`_ and dariusdunlap joined the channel
#
tantek hey Garbee - you should come to IndieWebCamp 2014 June 28-29 http://indiewebcamp.com/2014
#
tantek chloeweil: especially if they fight for their own freedom!
#
GWG Garbee is in VA
#
Garbee Yup. :( I may try to come digitally though.
jsilvestre and squeakytoy joined the channel
#
@NickReynolds Known - The latest run at decentralised publishing system from the Indieweb folks. http://sparkspring.com/post/86612815727/known#_=_ (twitter.com/_/status/469903096651722752)
#
tantek.com created /Ruby (+912) "stub with a few examples, libraries, projects. please add more!" (view diff)
#
tantek.com created /ruby (+18) "r" (view diff)
#
tantek ok Ruby fans - have at it! http://indiewebcamp.com/Ruby
#
tantek aaronpk: IndieAuth is written in Ruby right?
#
aaronpk yeah
#
tantek ok cool - I put it on the page :)
#
aaronparecki.com edited /Ruby (+16) "s/python/ruby" (view diff)
pbeaulieu joined the channel
#
tantek what is ruby?
#
Loqi Ruby is a programming language and web server runtime environment used for some IndieWeb projects http://indiewebcamp.com/Ruby
#
tantek.com edited /Ruby (+38) "/* Libraries */ link uf2 lib" (view diff)
#
@lionzan @YouOwnTheWeb @dsearls I like @indiewebcamp because it's something you do yourself, without forcing big corporations change their behaviour. (twitter.com/_/status/469904601085669377)
#
tantek Garbee add yourself as a remote participant: http://indiewebcamp.com/2014/Guest_List#Remote_Participants
#
@ThatAmyMac RT @indiewebcamp: The 4th annual #IndieWebCamp is in 5 weeks & bicoastal (PDX & NYC) http://indiewebcamp.com/2014 Sign-up! http://indiewebcamp.com/2014/Guest_List (twitter.com/_/status/469904993823510528)
#
aaronpk b 21
#
@YouOwnTheWeb @lionzan @indiewebcamp We share a common vision. We need to embrace all initiatives. https://www.thunderclap.it/projects/12026-you-own-the-internet (twitter.com/_/status/469905627377336321)
#
tantek.com edited /Events (+143) "move past events to recent" (view diff)
#
bnvk did y'all know in Doctorow's book Little Brother they create software called Indie Net ?
#
tantek.com edited /Main_Page (+9) "/* Homebrew Website Club */ next one is 2014-06-04 - can we do FOUR cities?" (view diff)
#
tantek bnvk - no idea - URL to description?
#
@natevw RT @indiewebcamp: The 4th annual #IndieWebCamp is in 5 weeks & bicoastal (PDX & NYC) http://indiewebcamp.com/2014 Sign-up! http://indiewebcamp.com/2014/Guest_List (twitter.com/_/status/469912808868806656)
eschnou joined the channel
#
bnvk tantek: can't find any official links describing- but "IndieNet" is mentioned multiple times a piece of social software being created by these hacker kids
#
tallpaul 'id,title,clientCorporation,owner,dateAdded, address(\'state\
#
bnvk not sure when the book was written / first published- according to Amazon, Jan 2013
#
tallpaul oops wrong buffer
#
tallpaul http://craphound.com/littlebrother/Cory_Doctorow_-_Little_Brother.htm
#
@AttentiveBot @npdoty: https://twitter.com/indiewebcamp/statuses/469895553602449409 (twitter.com/_/status/469913879959842816)
#
tantek what is attentivebot?
#
bnvk tallpaul: ah cool, I didn't see links to the book source, I'm listening to the audio book :)
#
tallpaul yeah, he distributes all them for free under a CC license (http://craphound.com)
#
GWG Okay, site now https.
pbeaulieu, caseorganic and chloeweil joined the channel
#
aaronpk I don't really understand the ruby mf2 parser
#
aaronpk and it doesn't seem to have docs
tantek joined the channel
#
@michaeldexter RT @indiewebcamp: The 4th annual #IndieWebCamp is in 5 weeks & bicoastal (PDX & NYC) http://indiewebcamp.com/2014 Sign-up! http://indiewebcamp.com/2014/Guest_List (twitter.com/_/status/469923362563575809)
paulcp, caseorganic, tantek and KartikPrabhu joined the channel
#
tantek tallpaul that's awesome! are his books browsable online?
#
tantek KevinMarks: you know what would be cool? getting Doctorow to add Fragmentions support to craphound.com and then being able to cite stuff in his books by phrase!
#
kylewm.com edited /licensing (+88) "/* External Links */" (view diff)
#
tantek (would make for an amazing demo of Fragmentions too)
#
GWG tantek: Were you the one who told me about the problem with my SSL site?
#
GWG I can't recall.
#
tantek I don't think that was me
#
tantek though there's a lot of documentation on /https
#
aaronpk i feel like I might be better off with a parser that just returns the JSON structure and doesn't do all the fancy attribute accessor stuff
#
GWG Someone was trying to access the site, and got redirected to another site
#
GWG I finally fixed that
#
GWG I can't remember who in here it was
#
tantek aaropnk - jlsuttles was last maintaining the ruby uf2 parser
#
aaronpk i like the way barnabywalters did the PHP one, the parser itself just returns the data structure, and then any fancy normalization/access stuff is handled as a separate library
#
tantek aaronpk: agreed, that's a good separation of concerns ;)
#
tantek perhaps try @-mentioning @jlsuttles for info on ruby uf2 parser? (like docs etc.)
#
tantek she did a bunch of work on it at IWC Hollywood last year
#
KartikPrabhu hello!
#
GWG Hello, KartikPrabhu
iangreenleaf and scor joined the channel
#
KartikPrabhu finished setting up http :D and of course it broke things, like some font loading :P ref: https://kartikprabhu.com/article/impermanence
luxagraf joined the channel
#
GWG KartikPrabhu: You convinced me to add https support.
#
KartikPrabhu hmm cool! :P
#
kartikprabhu.com edited /User:Kartikprabhu.com (+25) "/* Itching */ scratched https" (view diff)
#
GWG KartikPrabhu: I'm not forcing it though
#
GWG Are you thinking of forcing all connections to https?
#
KartikPrabhu GWG: yes. and redirecting http tp https
#
GWG I would have to resolve some of the conflicts there
chrissaad and paulcp joined the channel
#
tantek GWG, KartikPrabhu what do you think of the levels here? https://indiewebcamp.com/https#IndieMark_Levels (and what level have you achieved?)
#
GWG tantek: Level 3
#
KartikPrabhu tantek: I looked at those, but they are sort of vaguely worded...
#
GWG I serve my admin from https now
#
KartikPrabhu also Level 3
#
tantek KartikPrabhu: which is vague?
#
GWG I turned on 4, but the images were insecure
#
KartikPrabhu tantek: I think the Level 1 and Level 4 descriptions are not clear specially for beginners
#
KartikPrabhu if you don't already know words like "ciphers" it doesn't make much sense
dariusdunlap joined the channel
#
tantek that's really good feedback
#
tantek GWG - when did you reach level 3? Today?
#
kylewm Level 1 is kinda a double-negative. I couldn't tell if barnaby is an example of "not doing the wrong thing"
#
GWG tantek: people were talking SSL yesterday, I figured...what the heck
#
tantek you got it working yesterday?
#
tantek same question to you KartikPrabhu - when did you reach level 3? Today?
#
GWG tantek: About an hour ago?
#
KartikPrabhu 2014-05-23 yes
#
GWG tantek: Why? Are we gamiefying Indiemark?
#
tantek GWG how did KartikPrabhu convince you to get to Level 3 level support?
#
GWG Getting a leaderboard?
krendil joined the channel
#
tantek GWG - yes, IndieMark is definitely a gamification attempt
#
GWG tantek: He said he was doing it, and I said... "Why not?"
#
tantek for now we're just tracking IndieWeb Examples per technology
#
tantek heh
#
tantek ok I'll quote you on that
#
GWG I've been meaning to fix that SNI problem with the server for a while anyway
#
GWG It was redirecting all SSL requests
#
tantek.com edited /https (+367) "/* Level 3 security */ reword slightly, add examples KartikPrabhu and GWG" (view diff)
#
tantek.com edited /https (+171) "/* Level 4 security */ examples" (view diff)
dariusdunlap and paulcp joined the channel
#
tantek.com edited /https (+94) "/* Level 1 security */ clarify wording a bit, note question about what should be minimal level 1" (view diff)
#
tantek GWG, KartikPrabhu what do you think *should* happen if you try to go to a site with https and the site doesn't have a certificate?
#
KartikPrabhu as in on the browser level?
#
GWG tantek: Well, ideally not failure
#
tantek example?
brianloveswords and dariusdunlap_ joined the channel
#
tantek like my site currently gives the "This Connection is Untrusted" if you try to go via https - because someone else on my VPS is I think serving a self-signed certificate for "localhost"
#
tantek and I have no idea how good or bad that is
#
tantek anyway - looking for guidance on this one
snarfed joined the channel
#
Loqi snarfed: tantek left you a message on 5/22 at 1:47pm: I'm going to be out of town (SF) on 2014-06-04 - could one of you host at another transit-accessible SF location? http://indiewebcamp.com/Events#Upcoming
#
snarfed tantek: sure, benwerd and i are happy to host
#
snarfed !tell benwerd you and i might be hosting a few HWCs over the next couple months. the event you did at rockit colabs worked well...want to try there again? i'm happy to join as a member, or donate or whatever, if it'll help.
#
Loqi Ok, I'll tell them that when I see them next
#
tantek thanks so much snarfed!
#
tantek while you're here, snarfed, what do you think a site without SSL support should do when someone tries to reach it via https?
#
snarfed usually just refuse the connection
#
KartikPrabhu tantek: I think the browser giving a strict warning is a good thing for https without cert
#
snarfed if you don't support ssl, generally you're not listening on port 443, so clients can't connect
#
GWG How about... "There is no secure version of this site. Would you like to visit the http version?"
#
snarfed GWG: but how would you serve it?
#
snarfed you'd have to serve that page over https
#
tantek exactly
#
KartikPrabhu which is why I think browsers are doing the right thing. A bit alarmist but is there an alternative?
#
snarfed not really. and it's not really a problem imho. if you just type a domain into a browser, it defaults to http. if the user explicitly types https, and it can't connect, they're probably clueful enough to understand why
#
GWG There should be a browser protocol to specify the message, perhaps
#
KartikPrabhu I think with HTTP 2.0 movnig to SPDY type stuff it is a good idea
dariusdunlap_ joined the channel
#
snarfed spdy requires ssl, so it's a non issue there
#
kylewm KartikPrabhu: GWG: for both of you I get an HTTPS triangle with ! icon that says "This website does not supply ownership information" when i click on it
#
kylewm just FYI. I'm not sure if that's expected or not
#
GWG kylewm: Free certificate?
#
KartikPrabhu kylewm: yes I don't knwo why that is...
#
snarfed GWG: nah, unrelated to free vs paid
gRegor`_ joined the channel
#
KartikPrabhu snarfed: re: spdy, make everything "https" by default so end-users don't have to worry about typing http or https
#
kylewm sorry, "Identity information"
#
kylewm not ownership
#
snarfed kylewm: i'm guessing it's a mixed mode error, not a cert misssing details problem
#
GWG snarfed: I don't do much with SSL.
#
snarfed np!
#
KartikPrabhu snarfed: aah so if some resources are not https then that occurs?
#
GWG If I install SPDY, I might force everything to SSL mode
#
snarfed KartikPrabhu: yes
#
KartikPrabhu cool will fix that too
#
GWG Who needs to load pictures over SSL usually?
#
tantek snarfed, well if you think refusing a connection is reasonable behavior I'll note that as an xample
#
tantek GWG if you don't want your pictures to get sniffed via something like Etherpeg
#
snarfed tantek: yup. another way to find reasonable behavior is, pick big clueful web properties that don't support ssl, see what they do
#
GWG I haven't gotten to the level where I am worried about it
#
tantek.com edited /https (+350) "/* Level 1 security */ Refuse the connection option and example" (view diff)
#
snarfed re images and ssl, more importantly, you *have* to serve them all over ssl if the page itself is ssl. otherwise users see the mixed mode error, not the padlock you want them to see
#
KartikPrabhu yes! I now have to somehow change all the http to https in my posts and css :P
dariusdunlap joined the channel
#
snarfed GWG: KartikPrabhu: common techniques for this are 1) use relative links (ie without scheme hostname) for images on your owns site, so when a page is served over https, the image will be requested over https
#
snarfed 2) use //hostname.com/xyz… (ie no scheme) for images loaded from other domains
#
snarfed omitting scheme makes it default to the current page's scheme
#
GWG I need to fix all of that. For now, I'm leaving it.
#
KartikPrabhu snarfed: yup I did figure out the "no scheme" so have to edit all files now. fixed it for main fonts this morning
#
kylewm so https Level 1 is kinda like spelling your name correctly on the SAT :)
#
tantek kylewm: I'm still trying to figure out a good definition of what level 1 https is
#
kylewm GWG: KartikPrabhu: confirmed that i get the same error message on https://snarfed.org/2014-04-29_9249 ... which has a link to my profile image which is not ssl. so snarfed was right it's a mixed-mode error, not an issue with the cert/configuration
caseorganic joined the channel
#
tantek snarfed the reason I ask is because e.g. my site gives a browser warning about a self-signed cert for "localhost" and I'm not sure how to prevent that
#
aaronpk i don't think you can prevent it on a shared host
#
aaronpk aside from getting a real ssl cert
#
snarfed tantek: aaronpk: he may be able to just disable serving https altogether for at least his site, though
#
aaronpk doubtful... unless he has his own IP address which is unlikely
#
snarfed doubtful? you can definitely do it on a per domain basis in e.g. apache
#
tantek trying my hosting control panel now
#
snarfed aaronpk: actually, i take it back, you may be right
#
bear valid self signed certs for local host just means getting the details right for the CN field
#
bear oh - your talking about locahost on a shared server and not dev localhost stuff
#
tantek hmm - my service says SSL Service: Enabled but I don't seem to be able to turn it off
#
tantek so I'm trying to create a self signed cert and see what happens
#
tantek even though I don't have a dedicated IP
#
bear IP doesn't matter for certs
#
bear the CN just has to match the host name given
#
bear so try CN=localhost
#
KartikPrabhu Level 4! w00t!
#
Loqi does a happy dance!
#
bear KartikPrabhu++
#
Loqi KartikPrabhu has 25 karma
#
KartikPrabhu tantek: should I just move up my IndieMark or keep both?
#
tantek move it up!
#
GWG KartikPrabhu: Where is the leaderboard?
#
tantek every level assumes you support every other
#
tantek GWG there is no global leaderboard
#
KartikPrabhu GWG: https://indiewebcamp.com/https#IndieMark_Levels
#
tantek there is only Levels per features right now
#
tantek is tempted to just serve current content over https with a self-signed cert
#
tantek as another way to achieve level 1
#
KartikPrabhu aaronpk: ok now IndieAuth gives me the error: "RelParser::InsecureRedirectError at /auth/start Insecure redirect error. http redirected to https. To fix, link to https://kartikprabhu.com/ directly." what should I do?
#
aaronpk arg i gotta fix that
#
tantek well - where did you link to http?
#
aaronpk but your github should link to https, not http
#
KartikPrabhu hmm oh I should just login with my https
#
tantek hmm - I may be able to achieve Level 2
#
KartikPrabhu aaronpk: the redirect does not work?
erikmaarten joined the channel
#
KartikPrabhu I have to change github setting?
#
KartikPrabhu aaronpk: oh I got it! It is to avoid false "secure redirections"
#
aaronpk yes, your github profile needs to link to https
#
KartikPrabhu got it! :)
#
bear remembers the fun of enabling https - all those link updates and learning about //foo/bar.txt
#
kartikprabhu.com edited /https (+19) "/* IndieMark Levels */ Level 4!" (view diff)
#
tantek does this seem like a legit command line? openssl x509 -in certificate.crt -text -noout
#
KartikPrabhu bear: what is this foo/bar.text
#
bear you should include -days 1024 also rename your csr to certificate.csr
#
tantek is playing with things he doesn't fully understand
#
bear tantek - this is a more normal command: openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt
#
bear KartikPrabhu - instead of having links in your html include the scheme (https://) you can use //
#
tantek I'm trying to verify by hand whether the self-signed cert that FF got from my server is the same one that my hosting provider claims I have on my site.
#
bear and the browser will replace the appropriate scheme
#
KartikPrabhu aah yes that one :)
#
tantek bear ^^^
#
bear ohhh
barnabywalters joined the channel
#
bear yes, then you use openssl x509 -in certificate.crt -text -noout
#
bear (sorry, thought you were generating one)
#
tantek no this is for https IndieMark level 2
#
tantek so that I can add an exception
#
tantek knowing that the cert is the same one I created on the server
#
bear you can also get openssl to connect and validate -- openssl s_client -connect yoursite.com:443
#
tantek (via the hosting UI)
#
tantek and it looks like it checks out (the public key is the same)
#
bear cool
#
tantek from what I understand of PKI, that's a sufficient check that someone hasn't MiTM their own self-signed-cert in there
#
bear yes
#
tantek restarting my browser to test this
luxagraf joined the channel
#
barnabywalters aaronpk: FYI, next button weirdness: http://waterpigs.co.uk/img/screen-shot-2014-05-23-at-212124.png
#
aaronpk barnabywalters: yeah thanks
#
aaronpk something not html escaping properly
#
barnabywalters aaronpk: also, thanks for writing up trustless micropub!
#
aaronpk yeah! still have a bit to add but it's a start
#
aaronpk i want to document http requests and respones
#
barnabywalters I think it can be made simpler for the commonest case of commenting on an untrusted site
#
barnabywalters reducing the process to sign-in (with no access token given out) and form submit to your site
#
barnabywalters where the signin is really just for micropub endpoint detection
#
aaronpk that might be ok, but i'm worried about opening up a bad attack vector
#
aaronpk it'll make sense when I write the HTTP requests
#
barnabywalters aaronpk: how so?
#
barnabywalters okay I’ll wait until they’re done
#
tantek ok that worked. certificate exception added permanently :)
#
aaronpk ok so say you know my micropub endpoint and have authenticated my browser session, you're ready to submit the comment to my micropub endpoint
#
aaronpk your server makes a completely unauthenticated HTTP request to my micropub endpoint containing the comment I entered
#
tantek now I have to makes sure my RelMeAuth / OAuth dance takes me back to the https URL
#
aaronpk my server would respond with a Location header which I would then see and preview the comment and post it to my site
caseorganic joined the channel
#
aaronpk the problem is that because this request is completely unauthenticated, anyone can start making requests there
#
aaronpk and my server would have to spend resources to handle those even if they're fake
#
barnabywalters aaronpk: spend resources == cache the requests for future moderation?
#
aaronpk right
#
KartikPrabhu isn't that similar to receving spammy webmentions?
#
aaronpk sorta, but I don't have to store anything to handle spammy webmentions
#
barnabywalters aaronpk: that’s one of the reasons the simplified flow removes the need to store anything
#
aaronpk ?
#
aaronpk with an access token I don't need to store spam requests because I can check for an access token first
#
barnabywalters aaronpk: yeah, but the simplified flow doesn’t need to store *anything*, or give out access tokens
#
aaronpk how?
#
barnabywalters …but actually has a separate problem I only just realised
jgee joined the channel
#
tantek interesting, it looks like the OAuth 1.0a library I'm using with Twitter automatically knew to ask Twitter to return to my https admin URL!
#
aaronpk tantek: did you just ssl-enable your site? i'm still getting a warning on it
#
aaronpk oh I see you got a new cert for tantek.com self-signed
#
aaronpk so at least I get your real site when I visit https://tantek.com even if I get the cert warning
#
tantek right!
#
aaronpk so at that point you may as well have gotten a free ssl cert from startssl
#
tantek and because I've manually verified the self-signed cert, I can now use https://tantek.com/falcon/ (my admin UI) !
#
tantek :D
#
tantek Level 2 achieved
#
GWG tantek: I thought you used BBEdit
#
tantek just need to try posting a new note with it
#
tantek GWG indeed, I use BBEdit + scp + https://tantek.com/falcon/
#
tantek confessions here: http://indiewebcamp.com/Falcon#Publishing_UI
#
caseorganic tantek++
#
Loqi tantek has 42 karma
#
tantek.com edited /https (+200) "/* Level 2 security */ split why/examples, added myself as an example! Level 2 achieved :)" (view diff)
#
GWG Pfefferle has been busy updating the Wordpress stuff.
#
GWG I'd better iterate
#
aaronpk I wonder if it'd be worth recommending using the indiewebcamp CA rather than self-signed certs?
#
aaronpk cause at least then you can add the root cert to your computer and you won't get the SSL warning for your own site
#
GWG I stick with StartSSL
#
GWG It's free, and no one has to install anything
#
aaronpk yeah if you don't mind dealing with their horrible UI
#
aaronpk but if you don't want to do that, and you're considering a self-signed cert, then why not use the indiewebcamp CA instead?
#
aaronpk like, only use the indiewebcamp CA if you're considering self-signed
#
GWG aaronpk: I have to deal with it, but my visitors don't
#
@t setup self-signed SSL certificate on my site, verified in Firefox, using it for site admin per https://indiewebcamp.com/https#Level_2_security (ttk.me t4WD1) (twitter.com/_/status/469959390078832640)
#
tantek and with that - I'm off to lunch. Yay for https for my admin!
#
Loqi woot
#
aaronpk i mean specifically for what tantek just did
#
rascul aaronpk i like the indiewebcamp ca idea
#
aaronpk like clearly tantek didn't want to go through the overhead of using startssl, so he was happy to use a self-signed cert so he at least gets the benefits mentioned here http://indiewebcamp.com/https#Level_2_security
#
aaronpk I'm saying that at that point, you're better off using the indiewebcamp CA because then at least you can prevent the browser warning on your own computer for your own admin UI rather than having to click to ignore the warning every time
luxagraf and pfefferle joined the channel
#
Loqi [mention] https://brid-gy.appspot.com/like/twitter/t/469959390078832640/139199211 linked to https://indiewebcamp.com/https#Level_2_security (webmention)
#
aaronpk "This week in the IndieWeb" just went out! http://indiewebcamp.com/this-week/2014-05-23.html
#
Loqi [mention] https://brid-gy.appspot.com/comment/twitter/t/469959390078832640/469961918946349057 linked to https://indiewebcamp.com/https#Level_2_security (webmention)
#
Loqi [mention] https://brid-gy.appspot.com/like/twitter/t/469959390078832640/14321720 linked to https://indiewebcamp.com/https#Level_2_security (webmention)
#
Loqi [mention] https://brid-gy.appspot.com/like/twitter/t/469959390078832640/12920742 linked to https://indiewebcamp.com/https#Level_2_security (webmention)
snarfed joined the channel
#
aaronpk i'm still not sure the markup of those is correct. cause that link is basically saying "@pius liked https://indiewebcamp.com/https#Level_2_security"
#
Loqi [mention] https://brid-gy.appspot.com/like/twitter/t/469959390078832640/460493 linked to https://indiewebcamp.com/https#Level_2_security (webmention)
#
aaronpk but really @pius liked tantek's post which links to the wiki page
glennjones joined the channel
#
snarfed aaronpk: true
#
snarfed to get it more precise, i could require rel-syndication links
#
aaronpk i think it's simpler than that
#
snarfed but that would kill 95% of current bridgy users, since very few people add those links
#
snarfed yeah?
#
aaronpk wait maybe what i'm thinking only works for likes
#
aaronpk but let's just explore that for a second
#
aaronpk you are looking for likes on tweets, and you're generating this: http://pin13.net/mf2/?url=https%3A%2F%2Fbrid-gy.appspot.com%2Flike%2Ftwitter%2Ft%2F469959390078832640%2F460493
#
aaronpk the only URL that should have the "like" property is the tweet URL
#
Loqi [mention] https://brid-gy.appspot.com/like/twitter/t/469959390078832640/7788062 linked to https://indiewebcamp.com/https#Level_2_security (webmention)
#
aaronpk that makes sense, right?
#
aaronpk and doesn't require any sort of additional markup anywhere
#
snarfed well, that's the strict interpretation, yes
#
snarfed but it loses the part of bridgy that "bridges" likes on silo posts to likes of non-silo posts
#
snarfed which is kind of the point :P
#
aaronpk oh right um
#
aaronpk but don't you also know the canonical URL of the tweet?
#
snarfed yeah, i can put that in too
#
snarfed i just didn't think it would be useful to anyone
#
aaronpk either from the citation link at the end or from the new backwards discovery?
#
aaronpk maybe i'm missing something then
#
snarfed hmm maybe i am too
#
snarfed what do you mean by canonical url for the tweet?
caseorganic joined the channel
#
aaronpk in this example: http://pin13.net/mf2/?url=https%3A%2F%2Fbrid-gy.appspot.com%2Fcomment%2Ftwitter%2Ft%2F469959390078832640%2F469961918946349057
#
snarfed the ttk.me link to his post?
#
aaronpk would include the ttk.me and tantek.com
#
snarfed yes. are you saying, if i see a PSC or PSL, i should interpret that as the original post link, and not include any other links?
#
aaronpk i think so
#
snarfed that's reasonable
#
aaronpk and if you don't see a PSC or PSL but discovered the tweet the other direction (by looking for rel-syndication on posts linkde from my home page) then the same
#
snarfed PSCs are very rare, so that wouldn't hurt most users
#
aaronpk i'm not sure I understand this "hurt" thing
#
snarfed yeah both of those are reasonable
#
snarfed the original hurt i worried about was requiring rel-syndication links, which would cut off most users. i know you didn't propose that, though
#
snarfed so to summarize, if there's a PSC or rel-syndication link, then exclude any other links
caseorganic joined the channel
#
aaronpk i think so. but let me come at it the other way as well... looking for an example
#
snarfed yeah http://indiewebcamp.com/original-post-discovery#Algorithm agrees with this proposal
#
snarfed i've knowingly chosen to make bridgy promiscuous, but these are good ways to tighten it without overtightening
#
aaronpk found an example of the problem!
#
aaronpk ok:
#
aaronpk dan gillmor wrote an article http://dangillmor.com/2014/04/25/indie-web-important/
#
snarfed a silo post with a link where the author wasn't in favor of the link?
#
snarfed k, listening
#
aaronpk tantek tweeted about it https://twitter.com/t/status/459772054884335616
#
@t Writing & *doing*: @dangillmor post on his own site about #indieweb: http://dangillmor.com/2014/04/25/indie-web-important/ and syndicates to Slate. (ttk.me t4Vk2) (twitter.com/_/status/459772054884335616)
#
aaronpk @dotpeople retweeted tantek's tweet
#
@benwerd RT @kevinmarks: URL based payment protocol for Bitcoin https://github.com/bitcoin/bips/blob/master/bip-0070.mediawiki #indieweb (twitter.com/_/status/469969756531871744)
#
aaronpk BUT: dan gillmor's article shows that @dotpeople retweeted his article http://dangillmor.com/2014/04/25/indie-web-important/##DOTPEOPLE
#
aaronpk and clicking the "@dotpeople reposted this article on twitter.com" link goes to @t's tweet: http://twitter.com/dotpeople/status/461381322632867840
#
@dotpeople RT @t: Writing & *doing*: @dangillmor post on his own site about #indieweb: http://dangillmor.com/2014/04/25/indie-web-important/ and syndicates to Slate. (ttk.me t4Vk2) (twitter.com/_/status/461381322632867840)
#
snarfed aaronpk: sure, understood. same problem
#
aaronpk yep that's the situation I was trying to prevent with the description
#
aaronpk I *think* what you last described would cover this
#
snarfed filing an issue now
#
aaronpk great
#
aaronpk include those URLs in the example for reference
caseorga_ joined the channel
#
snarfed doh, github @-mentions don't work if they're inside a link
#
snarfed https://github.com/snarfed/bridgy/issues/154
#
snarfed so, this is probably the right thing to do, and i should probably do it
#
snarfed it is a bit sad though, since we lose a little backfeed
#
aaronpk maybe there's a way to keep the other backfeed but not have it be listed as a "like" or "retweet"
#
snarfed you're right that likes and reposts like the ones you pointed out are technically incorrect….but they're still kinda nice in spirit
#
snarfed actually, there totally is
#
snarfed it's still a mention
#
aaronpk maybe not for likes, but retweets make sense
#
snarfed i should just remove the u-* classes
#
Loqi yea
#
aaronpk in that example, @dotpeople's RT of tantek's tweet counts as a full h-entry post that conains a link to dangillmor's article. it's just not an RT of the article
#
snarfed right. it's a mention of dangillmor's article
#
aaronpk yeah
#
snarfed so should all non original post links be stripped down to just mentions?
#
aaronpk i believe so
#
snarfed sounds like yes for like and repost, and it's moot for rsvp. and reply …?
#
snarfed i guess yes for reply too
#
aaronpk maybe a non-silo example would help for this
#
aaronpk that's tougher to find right now
#
snarfed i'm convinced that all three should be downgraded to just mention, but if you want to find an example, go for it
#
aaronpk ok let's just go with that for now. i might try to dig up an example later
brianloveswords joined the channel
#
aaronparecki.com edited /Ruby (+111) "add mention-client library" (view diff)
john3213 and caseorganic joined the channel
#
kylewm snarfed: what about a PSC or PSL or a link that has the same domain as the tweet's author?
luxagraf joined the channel
#
snarfed kylewm: probably, sure
#
snarfed feel free to jump in on the issue!
#
kylewm snarfed: actually, can you "recognize" a PSL (as opposed to a regular link) now?
#
snarfed kylewm: no :P
#
kylewm ok, I think my suggestion is moot then :)
#
snarfed nah, the PSL part is moot, but your suggestion still works
#
KartikPrabhu snarfed: kylewm: Does bridgy look only for rel=syndication and not u-syndication?
#
kylewm KartikPrabhu: it looks for both
#
KartikPrabhu hmm
chrissaad joined the channel
#
kylewm what's hmm?
#
KartikPrabhu it did not find the original post (https://kartikprabhu.com/notes/IWC-2014) to this tweet https://twitter.com/kartik_prabhu/status/469303851695108097
#
@kartik_prabhu Officially going to @indiewebcamp NYC! @craigmod you should come if you're around @jeremyzilar is hosting. see: http://indiewebcamp.com/2014 (twitter.com/_/status/469303851695108097)
#
KartikPrabhu cc: snarfed ^^
#
snarfed busy right now, sorry, but kylewm can probably help debug
#
kylewm snarfed: on it!
#
KartikPrabhu also see the second line here https://www.brid.gy/twitter/kartik_prabhu
#
KartikPrabhu so it detected the /2014 page of course but not my original post which does not have a link (due to char limits)
scor and jasonjohnwells joined the channel
#
kylewm KartikPrabhu: i think it does not know where to find your unfiltered h-feed
#
KartikPrabhu i was wondering about that... how do I make it know?
#
kylewm right now <link rel="feed"
#
KartikPrabhu aah ok i see :)
#
KartikPrabhu so i looks for h-entries in a h-feed and matches u-syndication?
#
kylewm it looks for h-entries, they don't necessarily have to be in an h-feed
#
kylewm and it follows to the permalink page, since most people seem to publish u-syndication only on the permalink pages
#
KartikPrabhu but that page has to be linked by a rel=feed from homepage
#
kylewm yes, it has to be the homepage or linked with rel=feed
#
KartikPrabhu ok cool! thanks :)
grantmacken joined the channel
#
KartikPrabhu kylewm: you should've just pointed me to: http://indiewebcamp.com/posse-post-discovery#Algorithm sorry I was outof-the-loop on that one
#
snarfed thanks kylewm! when you get a chance, would you mind adding that explanation to the bridgy about page?
#
kylewm snarfed: absolutely, I'll add it right near where you added stuff about rel-syndication recently
#
snarfed perfect, thanks
#
@dotpeople #identity #privacy RT @benwerd: Why we believe in the #indieweb, over on the @withknown stream: http://stream.withknown.com/2014/why-we-believe-in-the-indieweb (twitter.com/_/status/469982050913878016)
jjuran, brianloveswords and tgbrun_ joined the channel
#
KartikPrabhu just realised that his webmentions might not work with the switch to https!
#
KartikPrabhu is relieved to find that everything is alright! :D
#
snarfed KartikPrabhu++
#
Loqi KartikPrabhu has 26 karma
#
KartikPrabhu kylewm/snarfed: is there a way to tell bridgy to retry/reparse some tweets?
#
snarfed no retry button?
#
KartikPrabhu no. I just added some feed markup so bridgy can find my original without a link in the tweet. ref: second one here https://www.brid.gy/twitter/kartik_prabhu
tpinto joined the channel
#
kylewm KartikPrabhu: unfortunately once it's done the reverse discovery and not found a backlink, it won't look for that tweet again
#
KartikPrabhu aah ok. just missed a fav from "@indiewebcamp" but that's cool. no biggie :)
luxagraf joined the channel
#
KartikPrabhu fixed for the future
#
kylewm hmm, it's possible that the next time it searches you h-feed for a new tweet, it might pick that one up, and then a retry will work :)
#
KartikPrabhu yeah it could :) thanks!
#
snarfed kylewm: you can also go into the datastore viewer in the app engine admin console and delete entities manually so that it will retry
#
KartikPrabhu snarfed/kylewm: don't bother :)
#
kylewm snarfed: i don't think i have/want permission to do that?
#
snarfed kylewm: lol. i think you should be able to. and don't worry, it's hard to do unintentionally, and hard to do anything worse than you intend…but i definitely appreciate the caution
#
snarfed btw, kylewm and KartikPrabhu, what's the status of mf1 backward compatibility in mf2py? does it work? do i need to enable it somehow?
#
kylewm snarfed: we're at am impasse on it, with BeautifulSoup+htmllib5 it crashed parsing silencematters.com
#
KartikPrabhu snarfed: haven't merged kylewm's PR because of one test case where bs+html5lib fails. Using lxml parser seems to work though.
#
snarfed (kylewm: ah, you're right, you only have r/o access in the admin console right now. i can upgrade that if/when you want)
#
KartikPrabhu though I don't know if lxml should be made a requirement
#
snarfed ok. consider this a vote for figuring that out then, however you want. i'm itching to use it
#
KartikPrabhu snarfed: yeah me too.. will think more about it :)
#
kylewm snarfed: that's helpful to know, i'd backgrounded it
#
snarfed it will help more people use bridgy publish, since lots of blog providers automatically include mf1 but not mf2
#
snarfed e.g. wordpress.com
#
kylewm snarfed: the results of parsing wordpress were less good than i'd hoped. e.g., http://kylewm.com/reply/2014/05/05/1
#
snarfed oh man yeah
#
Loqi [mention] https://brid-gy.appspot.com/like/twitter/t/469959390078832640/16536059 linked to https://indiewebcamp.com/https#Level_2_security (webmention)
#
kylewm :(
#
KartikPrabhu blergh! kylewm: what failed there?
#
kylewm wordpress.com has a bunch of javascript inside the 'entry-content' class