#indieweb 2017-02-22

2017-02-22 UTC
[cleverdevil] joined the channel
#
[cleverdevil] https://cleverdevil.io/2017/yes-see-you-at-the-homebrew-website-club-in-portland
#
[cleverdevil] Wheee!
#
Loqi [Jonathan LaCour] Yes: See you at the Homebrew Website Club in Portland next week!
#
GWG Hello, cleverdevil
#
[chrisaldrich] GWG, I think I follow what you're indicating.
#
[cleverdevil] waves
#
GWG Chrisaldrich, Sometimes my random thoughts pan out.
#
[chrisaldrich] Mostly that might be interesting in the case of using bridgy publish to reply to a twitter POSSE reply while also replying to the original context with the original post helping to keep the same conversation in line on all sites....
#
[chrisaldrich] hey cleverdevil!
#
GWG Chrisaldrich, also if Semantic Linkbacks supported same we could dedupe backfeed
techlifeweb joined the channel
#
techlifeweb GWG: the screenshots are broken here https://github.com/dshanske/indieweb-post-kinds/blob/master/readme.md
nitot joined the channel
#
[chrisaldrich] !tell jeremycherfas I take your point and give a somewhat longer response on audio reposts here if you haven't already seen it: http://stream.boffosocko.com/2017/jeremy-this-seemed-a-little-long-for-loqi-to-handle
#
Loqi Ok, I'll tell them that when I see them next
#
Loqi [Chris Aldrich] Jeremy, this seemed a little long for Loqi to handle, and seemed worth keeping for later, so my response is below: I understand your situation and have been following some of the discussion about content ownership and reposting. I'm all about giv...
snarfed joined the channel
#
GWG The screenshots need updating
wolftune joined the channel
#
[chrisaldrich] I just filed a reminder to the repo, I'll fix them temporarily later tonight unless you think it's worth waiting until you're done on this round.
#
GWG Chrisaldrich, I should include them in the repo... they are only in the other repo
#
GWG But if I am fiddling with the design, I should make new ones
KartikPrabhu, mlncn, dch_, [keithjgrant] and cjk101010 joined the channel
#
miklb what up WP gang?
[acegiak_net] joined the channel
#
[acegiak_net] tweaking my comment display some more
#
miklb that's on my list tonight
#
GWG Hi [acegiak_net], miklb
#
GWG Two of my favorite WP gang members
#
[acegiak_net] ok this seems to look alright: https://acegiak.net/2017/02/13/iamthespacecadetkissing-tryst-is-one-of-the-worst-decisions/
#
[acegiak_net] I'll have to see what it looks like for non-bridgy/webmention comments yet
#
[acegiak_net] oh, that looks ok still, goo
#
GWG [acegiak_net]: You moved the domain to where I put it. Up next to the name
#
[acegiak_net] what I can't figure is the ordering of the comments
#
GWG Ordering?
nitot and davidmead joined the channel
#
[acegiak_net] check the timestamps on those three comments
#
GWG Odd
#
[acegiak_net] the two from twitter should be the other way around
#
[acegiak_net] yeah
#
jaduncan[m] !tell kylewm I don't mind hosting either silo.pub or woodwind.xyz, I have a lot of server resources.
#
Loqi Ok, I'll tell them that when I see them next
#
GWG [acegiak_net]: How would you feel about deduping backfeed vs direct webmention as an idea?
#
[acegiak_net] I don't know what that means?
#
GWG Let's say I write a post, and I POSSE to Twitter. You respond to my post directly from acegiak.net but also via Twitter.
#
GWG Deduplicating that?
#
[acegiak_net] oh right
#
[acegiak_net] it's currently not an issue I'm having to deal with so I don't have any major opinions on it
#
[acegiak_net] it will be important to work out a solution for when it IS an issue though
#
GWG [acegiak_net]: I've been thinking about it
#
jaduncan[m] GWG: Personally I'd say that dedupe would work if my reply is shown in the comments. If not, the flow of the conversation is broken.
#
GWG jaduncan[m]: This would be. One is backfed from Twitter, one is a direct webmention. But they are both the same comment
#
jaduncan[m] Personally I'd want to only see one, and for that to be the web mention. The actual content is preserved.
#
GWG jaduncan[m]: Exactly. And all you have to do is put a link on the comment like you would on a post, also on...
#
[acegiak_net] oh weird. Just realised I have two webmention reply forms at the end of my comments section
#
jaduncan[m] Yes. I did wonder about an also on syndication icon, but I don't know how that would look.
#
GWG [acegiak_net]: You would.
#
GWG [acegiak_net]: There is one in mf2_s, which you based your theme on.
#
GWG And the new update to Webmentions includes one.
#
[acegiak_net] ah ok!
#
GWG But there is an option under Settings->Discussion to turn that off
#
[acegiak_net] which will turn off the plugin one?
#
GWG Settings->Discussion
#
KartikPrabhu jaduncan[m]: I use a syndication icon see: https://kartikprabhu.com/notes/re-indiescripter-webmention
#
Loqi [Kartik Prabhu] I think what you are looking for is Webmention https://indieweb.org/Webmention
#
GWG pfefferle put in a template system, so you could craft you own. But after he put it in, he deprecated his webmention form plugin.
#
miklb lol
#
GWG miklb: LOL?
#
miklb did I miss read that? I thought you were saying he added something then deprecated it.
#
Loqi misses read that too
#
jaduncan[m] KartikPrabhu: That's a nice implementation.
#
jaduncan[m] GWG: so would you add that kind of branding to the webmention comment?
#
GWG No. He added webmention form support to the webmention plugin, then deprecated the plugin that just did the webmention form.
#
GWG jaduncan[m]: Yes. I have a plugin that does the links, so I'll extend it to support displaying it on a comment. Then try to extend the webmention plugin to trigger it
#
jaduncan[m] GWG: That sounds like the option I'd want. It's a sane default because it keeps context but doesn't clutter.
#
GWG Right now, if Bridgy backfeeds from Twitter, it doesn't check to see if it is a dupe from another source.
#
GWG I haven't seen if anyone does that for displayed webmentions though
KevinMarks, KevinMarks_, nitot, mlncn and wolftune joined the channel
#
KartikPrabhu GWG: see https://indieweb.org/dedupe#How_to_deduplicate_responses for deduping practices. It seems kylewm has implemented it though his site is down
#
GWG KartikPrabhu: That is why I haven't been abler to look lately.
#
GWG I hope it comes back up soon
#
KartikPrabhu GWG: see here http://web.archive.org/web/20160711221855/https://kylewm.com/2015/06/i-wonder-how-much-this-conversation-is-annoying-kartikprabhu
#
Loqi [Kyle Mahan] I wonder how much this conversation is annoying @KartikPrabhu if he is seeing it.
nitot, miklb and [scottgruber] joined the channel
#
[scottgruber] chrisaldrich I'm planning on writing tomorrow during homebrew club time. I'll try to keep Slack open too.
#
miklb GWG if I create a custom callback for listing comments, would that prevent webmentions from showing up?
#
GWG Not specificaly, no
#
miklb hmm. must be something else. Just wanted to make sure before deubugging. Thanks
#
GWG miklb: Webmentions are comments, so you could not show them if you choose to.
#
miklb no, they aren't showing up so I'm just making sure before I debug my callback function.
#
GWG Did you set it to only show comments in your comment type?
#
miklb no, I didn't change anything in my settings, just rewriting my comment output/form
#
GWG ok
#
GWG There is no setting for that, it is in the call for the comments
#
miklb yeah, I have some spaghetti code going on at the moment. Thanks for clarifying though.
#
GWG Any time
nitot, snarfed, miklb, dch_, cweiske, wolftune, KevinMarks, jihaisse, DanC, KevinMarks_, friedcell, Pierre-O, calumryan, Guest50840 and jeremycherfas joined the channel
#
@twoodwar POSSE explained more deeply https://indieweb.org/POSSE #kaulive (twitter.com/_/status/834341287419588609)
#
jeremycherfas Morning
#
Loqi jeremycherfas: [chrisaldrich] left you a message 9 hours, 28 minutes ago: I take your point and give a somewhat longer response on audio reposts here if you haven't already seen it: http://stream.boffosocko.com/2017/jeremy-this-seemed-a-little-long-for-loqi-to-handle
#
Loqi rise and shine!
dch_ joined the channel
#
@t @junglecode ? hilarious. May I upload that “Haitian Creole” screenshot to @IndieWebCamp wiki as public domain / CC0? (ttk.me t4mz1) (twitter.com/_/status/834360824408002561)
friedcell and gko joined the channel
#
dietricha hi all! anyone tried https://github.com/notenoughneon/skein ?
#
dietricha or have recommendations for an indieweb static site tool?
#
cweiske this depends on what you expect from it
#
petermolnar dietricha static site vs indieweb is a known, somewhat problematic area, see http://indieweb.org/2016/Brighton/goingstatic
#
petermolnar I'm not familar with skein but it seems like a node server which, intead of dynamic output, generates static entries for things you throw at it
#
cweiske I made my own static site generator, but have dynamic tools to complement it
#
cweiske e.g. to send and receive linkbacks, and to search, and to publish updates
#
cweiske s/publish/notify about/
#
petermolnar I did the same
#
cweiske dietricha, so you can use any static site generator as long as microformats are added to the generated HTML
#
cweiske but the rest needs dynamic parts
#
dietricha ok, thanks. i guess i was wondering about where that line was. and really, what of the dynamic parts can be in front-end vs back.
#
dietricha i'll read through those notes
#
dietricha thanks y'all!
#
cweiske indieweb is not all-or-nothing, it can be anything in between
#
cweiske and simply having a static blog with microformats is the first step, which is fine on its own
#
cweiske what is static?
#
Loqi A static site is a website that is served by a web server directly from the file system https://indieweb.org/static
dch_ joined the channel
#
petermolnar to be honest, I would consider making a site mf2 friendly should be the next step after having a domain and a running site
#
petermolnar not the rel=me things
#
cweiske yep
#
sknebel What is skein?
#
Loqi Skein is a Node.js static site generator developed by https://twitter.com/notenoughneon/profile_imageEmma Kuo and running on http://notenoughneon.com since July 2015 https://indieweb.org/Skein
skunkwerks, mbrock and hs0ucy joined the channel
#
@malcolmblaney @henaredegan in the same spirit, have you checked out http://indieweb.org (twitter.com/_/status/834390570890051585)
Gold and leg joined the channel
#
sknebel does anyone by chance know if there is a way to get details about the TLS connection on a page (or a JS-triggered fetch) from javascript?
KartikPrabhu, gkbrk_ and friedcell joined the channel
#
sknebel answering myself: no, there isn't
#
Zegnat There might be if you are running with elevated privileges on Firefox, e.g. as an extension: https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/How_to_check_the_secruity_state_of_an_XMLHTTPRequest_over_SSL
#
Zegnat sknebel, any plans for HWC tonight?
#
sknebel Zegnat: we'll see. last HWC was purely discussion, might be the case tonight as well. Have a bunch of new ideas, but realistically I should fix existing stuff first :P
#
sknebel well, one idea is micropub debugging tool, that might be valuable for doing that
#
Zegnat I am finally going to HWC with a plan again. I want to implement private posts. Might update my webmention endpoint to also be able to receive private mentions.
#
sknebel yeah, that's one of the half-finished things ;)
#
sknebel I can receive them, but don't have working private posts yet
#
sknebel so I can't send them usefully
#
sknebel I asked the TLS question since I discovered that caddy has a feature to detect clients behind intercepting proxies, thought about adding that to my page (like, show a banner "your HTTPS looks wonky, you know that?") and thought about improving it with page JS
#
sknebel detecting lack of HPKP headers would work
dch_ joined the channel
#
Zegnat My private posts will be private by ways of URL only at first. So no "sending" for me yet either. But I treat my Webmention Endpoint and my blog as two completely separate entities. They aren't even running on the same server.
#
sknebel that's why I can receive but not send as well ;)
#
sknebel (well, it is the same server, but nothing in the system requires that)
#
petermolnar Zegnat how is the bloggercode en/decoder coming together? :P
mlncn joined the channel
#
Zegnat From Thursday onwards I have been in and around the Amsterdam area playing tour guide. So not very well :p
#
Zegnat Do you suddenly have a dire need for it, petermolnar? ;)
#
petermolnar well, with all the retrofuturistic hits on tumblr/kickstarter there might soon be a need for that :D
#
Zegnat I'll make it my side project and work on it on the train to HWC ;)
ben_thatmustbeme joined the channel
#
aaronpk interesting
#
aaronpk we had originally made the rel=me things as the next step before microformats because it's easier to do, requires fewer changes to the site, etc
#
dgold aaronpk: just wanted to thank you again for pointing me at SequelPro - been a lifesaver the past few days
#
aaronpk oh good :)
tantek_ joined the channel
#
tantek_ greetings from Berlin
#
Loqi tantek_: gRegorLove left you a message 1 day, 20 hours ago: I forget, is that your friend who joined us /events/2016-08-10-homebrew-website-club
[kevinmarks] joined the channel
#
tantek_ !tell gRegorLove yes that’s the same Katie as /events/2016-08-10-homebrew-website-club
#
Loqi Ok, I'll tell them that when I see them next
#
tantek_ I'm ~2mi from the HWC Berlin meetup spot
#
tantek_ and did not bring an umbrella :/
#
@_dgoldsmith Indieweb Adventures: https://ascraeus.org/indieweb-adventures/ (twitter.com/_/status/834438789447692289)
#
Loqi [indieweb] "Indieweb Adventures" by dgold@ascraeus.org (Daniel Goldsmith) on 2017-02-21 https://ascraeus.org/indieweb-adventures
wolftune and loicm_ joined the channel
#
Zegnat and sebsel are at HWC The Netherlands, started off with some discussion
#
@junglecode @t @indiewebcamp sure! (twitter.com/_/status/834446306667962368)
#
tantek_ anyone here from HWC Berlin?
#
sknebel Tantek: i'm in my way
#
sknebel Ah... On my way
#
sknebel (Wrong autocorrect language )
#
sknebel But will need another 30 min or so
#
tantek_ sknebel, I'm ~3km away and was going to walk
#
tantek_ hmm, maps.me says ~48 minutes
#
tantek_ a-ha I borrowed an umbrella! now I'm ready for adventure
#
tantek_ I should post an RSVP first though :)
#
Loqi it is probable
#
Loqi [indieweb] "Repost of Indieweb Adventures" by Daniel Goldsmith on 2017-02-22 https://hylozoist.ascraeus.org/2017/repost-of-indieweb-adventures-e576d190a6
#
Loqi [indieweb] "Comment on ? This Week in the IndieWeb February 10 – 17, 2017 (audio edition!) by Scott Kingery" by Scott Kingery on 2017-02-21 http://boffosocko.com/2017/02/20/this-week-in-the-indieweb-february-10-17-2017/#comment-33910
#
Loqi [indieweb] "Comment on Buzzfeed implements the IndieWeb concept of backfeed to limit filter bubbles by Grant Lease" by Grant Lease on 2017-02-22 http://boffosocko.com/2017/02/20/buzzfeed-implements-a-form-of-the-indieweb-concept-of-backfeed-to-limit-filter-bubbles/#comment-33917
jmelesky joined the channel
#
@t going to Homebrew Website Club Berlin at Salon Schmück! RSVP: https://sebastiangreger.net/2017/02/homebrew-website-club-berlin-2017-02-22/ Wiki: https://indieweb.org/events/2017-02-22-homebrew-website-club (ttk.me t4mz5) (twitter.com/_/status/834450762621210628)
#
tantek_ ETA 1 hr HWC Berln
#
tantek_ *Berlin
#
sknebel Great, see you then :)
snarfed, [kevinmarks] and j12t joined the channel
#
j12t Question: is there a meeting in San Francisco tonight? https://indieweb.org/events/2017-02-22-homebrew-website-club is a little unclear about that.
dch_ joined the channel
#
aaronpk it looks like KevinMarks_ posted an event on his site for tonight
#
aaronpk http://known.kevinmarks.com/2017/homebrew-website-club-san-francisco-2017-02-22
#
Loqi Homebrew Website Club San Francisco 2017-02-22
#
aaronpk and on FB https://www.facebook.com/events/171653883330781/
#
aaronpk KevinMarks_: maybe update the wiki page?
wolftune joined the channel
#
KevinMarks_ Oh, did I only update the bottom bit.
#
KevinMarks_ Bugger
KartikPrabhu, calumryan, wolftune and funwhilelost joined the channel
#
dgold could be worth a look - https://upspin.io/
#
Loqi [indieweb] "? Encouraging individual sovereignty and a healthy commons by Aral Balkan" by Chris Aldrich on 2017-02-22 http://boffosocko.com/2017/02/22/%f0%9f%91%93-encouraging-individual-sovereignty-and-a-healthy-commons-by-aral-balkan/
#
@ChrisAldrich This is a whole new tragedy of the commons: people don't know where the commons actually are anymore. #indieweb http://boffosocko.com/2017/02/22/%f0%9f%91%93-encouraging-individual-sovereignty-and-a-healthy-commons-by-aral-balkan/ (twitter.com/_/status/834473318254272512)
sgreger joined the channel
#
@benwerd Homebrew Website Club SF is at Matter tonight. 6:30pm; optional writing hour at 5:30pm. Come join us! https://www.facebook.com/events/171653883330781/ #indieweb (twitter.com/_/status/834474515212156928)
#
Loqi [indieweb] "Homebrew Website Club SF is at Matter tonight. 6:30pm; optional writing hour at 5:30pm. Come join us! https://www.facebook.com/events/171653883330781/ #indieweb" by Ben Werdmüller on 2017-02-22 http://werd.io/2017/homebrew-website-club-sf-is-at-matter-tonight-630pm-optional
gRegorLove joined the channel
#
gRegorLove Howdy, indieweb
#
Loqi gRegorLove: tantek_ left you a message 2 hours, 45 minutes ago: yes that’s the same Katie as /events/2016-08-10-homebrew-website-club
cweiske and benwerdmuller joined the channel
#
benwerd good morning, indieweb
#
Loqi benwerd: tantek left you a message on 2017-01-18 at 7:35pm UTC: you show # of reposts (or a facepile or some other display) of your posts on your posts right? Add yourself, site, and implementation here: https://indieweb.org/reposts#IndieWeb_Examples
#
Loqi benwerd: tantek left you a message on 2017-01-25 at 12:49am UTC: Is there a Known plugin to automatically auto-internet-archive the links in your posts? e.g. as documented here: https://indieweb.org/archive.org#Trigger_an_Archive
#
Loqi benwerd: tantek left you a message 1 week, 5 days ago: could you upload HWC SF photo to wiki or txt me and I can do it? Thanks! :) https://indieweb.org/events/2017-02-08-homebrew-website-club#Photos
#
Loqi benwerd: tantek left you a message 6 days, 22 hours ago: HWC SF next week? Are you able to host? https://indieweb.org/events/2017-02-22-homebrew-website-club#Where
#
benwerd waves
#
benwerd eep. been a while. to confirm, SF Homebrew is at Matter tonight: 421 Bryant St (at the corner with 2nd St).
#
benwerd Quiet writing hour at 5:30, event proper at 6:30.
#
Loqi [indieweb] "Virtual Homebrew Website Club Meetup | February 22, 2017" by Chris Aldrich on 2017-02-22 http://stream.boffosocko.com/2017/virtual-homebrew-website-club-meetup-february-22-2017
KevinMarks, benwerd, wolftune and tantek_ joined the channel
#
tantek_ tap tap tap
#
tantek_ reload
#
KevinMarks https://twitter.com/thomasfuchs/status/834481271443226627
#
@thomasfuchs 1997: Let’s make a website! *fires up vi* 2007: Let’s make a website! *downloads jQuery* *fires up vi* 2017: Let’s make a website! ? https://pbs.twimg.com/media/C5SsSbCVYAAxx40.jpg (twitter.com/_/status/834481271443226627)
#
tantek_ lol that photo
#
tantek_ in positive / interesting silo news, /Instagram added support for multiphoto posts!
#
tantek_ what is a multiphoto?
#
Loqi It looks like we don't have a page for "multiphoto" yet. Would you like to create it?
#
tantek_ wat
#
aaronpk whoa they did?!
#
tantek_ https://www.instagram.com/p/BQ0mDB2gV_O/
#
Loqi [Mike Krieger] Today we're launching the ability to post multiple photos and videos in one Instagram feed post! Here's a tour of Instagram HQ, where we moved in last year, including the Blue Bottle Coffee on our first floor. Looking forward to seeing what everyone ... https://scontent.cdninstagram.com/t51.2885-15/s1080x1080/e35/16585414_390771237973093_6186516363977162752_n.jpg
#
aaronpk checks for an app update
#
tantek_ multiphoto is /multi-photo
#
Loqi ok
#
aaronpk 10!!
#
aaronpk oh boy i'm gonna have to update ownyourgram
#
tantek_ yeah! and major Bridgy feature requesting too!
#
aaronpk i'm not a huge fan of their presentation on the website. i could barely tell that was a multiphoto
#
tantek_ app is more obv
nitot_ and benwerd joined the channel
#
aaronpk i can't figure out how to add more photos in the app lol
#
aaronpk interesting that they went for a swipe interface rather than twitter's which shows all the photos at once
snarfed joined the channel
#
@kevinmarks Or you could start with https://github.com/indieweb/blank-gh-site https://twitter.com/thomasfuchs/status/834481271443226627 (twitter.com/_/status/834490205772009472)
#
tantek_ the web UI is similar to Twitter's, with the next/prev arrows
#
aaronpk ?
#
@calum_ryan Quiet writing about Micropub tonight at HWC #indieweb https://twitter.com/calum_ryan/status/834490588254896130/photo/1 (twitter.com/_/status/834490588254896130)
#
aaronpk twitter shows a tiled layout of all the photos
#
tantek_ until you click one
#
gRegorLove I only see one photo on that instagram link above?
#
tantek_ ooh I shoul take/post a HWC Berlin photo!
#
aaronpk gRegorLove: that's what i thought too! there's a little arrow at the right of the photo
#
gRegorLove Ohh
#
aaronpk tantek_: yeah i'm going to say that instagram and twitter have drastically different presentation styles
#
aaronpk "until you click" is a pretty big difference
#
gRegorLove And the classic dots at the bottom to indicate where you are in the carousel
benwerd joined the channel
#
tantek_ looks like Bridgy Publish already supports multi-photo to Twitter!
#
tantek_ https://github.com/snarfed/bridgy/issues/583
#
aaronpk yep i've been using that
#
aaronpk same with silo.pub
#
snarfed yes! https://brid.gy/about#publish-types
#
tantek_ hmm nothing abou Flickr
#
aaronpk so instagram's posts can now contain a single photo and a video
#
tantek_ or multiple of each!
#
aaronpk which clashes with my use of photo+video where the photo is a thumbnail of the video
#
tantek_ I thought we had a different property for that
#
aaronpk do we?
#
tantek_ what is a poster?
#
Loqi It looks like we don't have a page for "poster" yet. Would you like to create it?
#
tantek_ wat
#
aaronpk https://indieweb.org/video shows u-photo for the poster
#
tantek_ no u-featured
#
tantek_ https://indieweb.org/video#How_to_markup
#
tantek_ u-featured for the poster
#
aaronpk "Alternatively (with poster frame and fallback img tag)" ... camcorder.png" class="u-photo"
#
tantek_ u-photo for the *fallback*
#
aaronpk same problem
#
aaronpk a consumer can't distinguish that from a post that should show both the video and photo
#
tantek_ have you been publishing fallbacks?
#
aaronpk yes
#
aaronpk all my videos
#
tantek_ huh - for some reason I am not
#
tantek_ were we wrong to use u-photo as a fallback?
#
aaronpk i'm not sure
#
aaronpk previously, there weren't any examples of a post containing both a video and a photo
#
aaronpk twitter's multi-photo posts were limited to photos only
#
tantek_ and only 4
#
aaronpk (wat... the instagram UI changed between app launches. this "select multiple" button was not here until i relaunched the app, even though i updated it already)
#
tantek_ yeah UI from embedded web view ;)
#
tantek_ totally want to post tonight's HWC Berlin photo as a multi-photo
#
aaronpk "turn off commenting"!
#
aaronpk did not know you could d othat
#
tantek_ yes that's been there for a while
#
tantek_ what is turn off commenting?
#
Loqi It looks like we don't have a page for "turn off commenting" yet. Would you like to create it?
#
aaronpk so yeah i don't know what to do about this for my site
#
aaronpk i might have to start with something like "if there is one photo and one video, assume the photo is a fallback for the video, otherwise show it as a multi-post"
#
tantek_ turn off commenting is a UI option for the entirety of a blog or per post that disables and removes any commenting UI, and possibly even disables receiving comments via protocols like [[Webmention]].
#
Loqi ok
sgreger, wolftune, KevinMarks and mlncn joined the channel
#
@100daysindieweb Day 64: Documentation and Fixes for my GPS Logger App #100DaysOfIndieWeb: https://aaronparecki.com/2017/02/22/7/day-64-gps-app (twitter.com/_/status/834505703360323584)
funwhilelost, snarfed, KartikPrabhu, KevinMarks and sgreger joined the channel
#
Loqi [indieweb] "Comment on Buzzfeed implements the IndieWeb concept of backfeed to limit filter bubbles by Alan & Kim Zimmerman" by Alan & Kim Zimmerman on 2017-02-21 http://boffosocko.com/2017/02/20/buzzfeed-implements-a-form-of-the-indieweb-concept-of-backfeed-to-limit-filter-bubbles/#comment-33907
benwerd, travisfw, KevinMarks, snarfed, rrix and camerongray joined the channel
#
gRegorLove Oops, double-booked myself a bit for tonight's HWC. I will have to duck out a little early.
#
gRegorLove Salt: Did you reach out to Bellingham Linux User Group about IWC?
#
Loqi [indieweb] "Comment on ? Encouraging individual sovereignty and a healthy commons by Aral Balkan by wavis" by wavis on 2017-02-22 http://boffosocko.com/2017/02/22/%f0%9f%91%93-encouraging-individual-sovereignty-and-a-healthy-commons-by-aral-balkan/#comment-33921
benwerd joined the channel
#
Loqi [indieweb] "Comment on ? Encouraging individual sovereignty and a healthy commons by Aral Balkan by Amanda J. Rush" by Amanda J. Rush on 2017-02-22 http://boffosocko.com/2017/02/22/%f0%9f%91%93-encouraging-individual-sovereignty-and-a-healthy-commons-by-aral-balkan/#comment-33922
tantek_ joined the channel
#
tantek_ trying web IRC UI again
#
tantek_ now let's see if I can make some minimal cassis auto_link (embed) changes to add /multi-photo support to my site and try a IG multi-photo PESOS indie multi-photo POSSE post
#
tantek_ hmm, I can't chat on #indieweb-dev from here
#
aaronpk Correct. Been making slow progress on that
#
tantek_ sknebel, Web Sign-in is for the entire UX of using your website to sign into another website. Relmeauth is a plumbing/protocol(s) that works to make that happen under the covers. IndieAuth is another protocol for doing so. IndieAuth.com implements both IndieAuth and RelMeAuth. hope that helps a little!
#
tantek_ my IRCCloud setup failed so I'm waiting on some support tickets and such
Lana, mlncn and snarfed joined the channel
#
tantek_ aaronpk, re: naming, I'd say give the protocol priority over the service
#
tantek_ aaronpk, re: naming, I'd say give the protocol priority over the service
#
KartikPrabhu indieauth sounds like a good name for the protocol
#
aaronpk I'd really like to rename indieauth.com to something else but that domain is in too many places now
#
tantek_ it can redirect though right?
#
aaronpk I can redirect GETs, but I have to still handle POSTs to indieauth.com
#
tantek_ huh
#
aaronpk so, effectively yes
#
KartikPrabhu POSTS can't be redirected?
#
aaronpk not really
#
KartikPrabhu hmm I guess that is a good thing
#
aaronpk there's an http code 303 I think? But it requires the client understand that
#
sknebel aaronpk: ok, that's what I thought, but /IndieAuth on the wiki really isn't clear on it.
#
aaronpk its more a retry at this URL rather than a redirect
#
sknebel (the protocol being called IndieAuth)
#
Zegnat 307 might be the thing? https://stackoverflow.com/questions/13628831/apache-301-redirect-and-preserving-post-data#21821236
#
aaronpk Ah maybe yeah
#
aaronpk either way I can't rely on clients supporting that
#
Zegnat Agreed
#
tantek_ aaronpk, why not see if it can work, and then see how hard it is for clients to be updated?
#
tantek_ since IndieAuth is still a spec in "incubation", I think it's good to keep iterating on it to solve issues like "moving a domain"
#
aaronpk I don't really need to. I can effectively rename the service by redirecting the home page, docs, and the authorization URL which are all the things people see in their browser, and then still handle everything else at the old URL
#
tantek_ sure, that's "workable" but would be better if future services could arbitrarily move
#
tantek_ e.g. from a domain to a subdomain
#
aaronpk there's actually an open issue on WebSub about this same thing
#
tantek_ oh - for moving a hub?
#
aaronpk yeah
#
tantek_ makes sense!
#
aaronpk its an analogous situation
#
tantek_ similar situ yes. indieauth is perhaps more security sensitive
#
aaronpk agreed
#
tantek_ btw did you like our HWC Berlin hacker pic? esp me and sknebel: https://indieweb.org/events/2017-02-22-homebrew-website-club#Photos
#
bear put into the spec such that there is always a GET for status or somesuch
#
aaronpk lol yes very shady
#
aaronpk bear: status?
#
bear sorry - popping into the middle of the conversation
#
bear just saying that if a client is making indieauth calls for POST then maybe it can gather the endpoint items from a status call on error
#
bear POST fails; do check for metadata update; retry POST
#
tantek_ as long as the "check for metadata update" is via redirectable GET
#
bear yea - that was a given (but assumed on my part)
#
aaronpk Yeah I just hate adding these steps for clients
#
bear you could force the client to restart the auth dance
#
tantek_ indeed, every step you add for a client is one more step where a mistake could open a vuln
#
aaronpk this OAuth stuff is hard enough for people without all the redirections and metadata endpoints and every step I add is that much more confusing not to mention one more place a vulnerability can creep in
#
bear just invalidate all tokens
#
bear (yea, just trying to solve the issue regardless of how practical it is -- hoping that it spurs another idea that proves useful)
#
tantek_ that's a reasonably iterative approach
#
aaronpk What's amazing is reading the OAuth security document and seeing all the places they've had to tighten things up after a couple years of deployment experience
#
bear aaronpk - what calls are POST; could they be forced to retry by invalidation?
#
aaronpk For indieauth.com, verifying ID Codes and authorization codes. Unless the user updates their HTML tag to point to the new domain the client won't know where to retry it
#
bear so it's also something for libs like mine to worry about
#
Zegnat Alright. I wrote about today’s development fail (https://licit.li/58ae0d5f76601), time for bed. aaronpk, I’ll keep an eye on the Micropub issue so if there is any follow-up I’ll be more swift with my response. Have a good night all!
#
aaronpk Zegnat++
#
Loqi zegnat has 33 karma in this channel (35 overall)
#
bear as I have as the validation endpoint the default value of 'https://indieauth.com/auth' :/
#
tantek_ considers textual patterns for /multi-photo plain text authoring
#
aaronpk bear: if you're using it as handling signing like the wiki then that's fine.
#
bear sure, i'm just saying that if you change the base domain, i'll need to update my lib for a new default
#
bear (or should)
#
aaronpk Hm that reminds me, maybe moving it to a new domain would be a good opportunity to split apart the two different roles it plays. So I'd actually move it to two different domains
#
bear +1
#
aaronpk Now I just need to find some names
#
KartikPrabhu heard "names"
#
aaronpk Names are hard
#
KartikPrabhu what are you trying to name?
#
tantek_ hmm looks like I already implemented it, and tried it in a post 2015-352, but Bridgy didn't support multi-photo POSSE to Twitter until 2015-364, so theoretically all I should have to do is try a post and see what happens!
#
aaronpk I need a name for a service that abstracts RelMeAuth into a simple API for developers to use to sign people in without a password
#
aaronpk I also need a name for a service that implements an IndieAuth authorization endpoint that you can point your domain to if you don't want to build an authorization server
#
KartikPrabhu those are hard!
#
KartikPrabhu specially in "steam punk"
#
aaronpk Haha. I don't mind breaking the theme for these
#
Loqi awesome
#
aaronpk Tho the second one would make sense to fit the theme
#
KartikPrabhu for bear I just give him translations in japanese
#
bear :)
#
aaronpk There's gotta be some cool name of a lock or something
KevinMarks joined the channel