[tantek]ugh that sucks KevinMarks, and at first I thought you meant his Twitter handle whereas what you actually meant was his domain danhon.com was added to some Twitter linking blocklist
[aciccarello]I've heard of similar malware flagging issues when sites hosted user content under the main domain.
geoffo, jacky, miklb, EncryptedGiraffe, barnaby, n8chz, bterry1, mro, jacky_, rvalue and [chrisaldrich] joined the channel; graycot[m] left the channel
barnabyI’m considering having three states: pending, shown, and trusted. Incoming mentions from unknown sources are pending by default. When approving, they can either be shown with rel=nofollow added to all links to indicate that I don’t know the person, or shown as-is if I trust the source
barnabythe nofollow rels would prevent random people who’ve replied to me but whom I don’t know from using that link as part of a webmention vouch for others, for example
barnaby[snarfed]: I was considering storing them with a rejected flag to prevent them from showing up again if someone re-sends the webmention, but thought it’d be cleaner to do that by adding the domain/author to a block list on rejection
barnabyI suppose there’s a difference between spam responses I want to outright delete, and, say, abusive responses which I want to hide but keep as evidence
barnabysknebel: currently my site keeps archives of the HTML of each response, and on updates stores each measurably-different copy separately, so I always have the original for each version
barnabyfor my posts, I just set up a parallel “versions” table where on each significant change, I store a JSON blob of the previous version. I’m considering doing the same for responses, so I can see edit histories etc
[aciccarello]barnaby, we also talked about different levels of trust in a recent Pacific HWC that were more granular than known/unknown. Let me see if there are some notes from that
angeloaciccarello we were talking about marking your own posts with an audience. this is about marking an incoming post for display. i suppose you could combine the two and mark some incoming mentions as only viewable by certain audiences
barnabyre different levels of trust: yes, and I want to avoid the case where (assuming wide adoption of /vouch) someone leaving a legitimate comment on my site allows them to spam my friend’s site
barnabyeven then it’s not as easy as it requires paying for the domain, but other than just using subdomains (which micro.blog, known, tumblr etc do already) that’s the closest we’re likely to get any time soon
barnabysounds like a pipe dream, but as we’re seeing more and more legislation focused on breaking up social silos and (in theory) enforcing data portability and interoperability, it might be possible to make a case for it
LoqiModeration is the process of holding comments for review by a human, and sometimes a source of frustration when a comment is written on another site that the commenter has no control over https://indieweb.org/moderation
barnabythat was the first thing I looked at, didn’t find much of interest and wanted to hear from people with experience implementing and using moderation on their sites
barnabyso I’d encourage anyone who does implement some sort of moderation (e.g. gRegor) to add themselves to an Indieweb Examples section on that page ;)
[tantek]IMO it's worth having a higher level conversation of good defaults for showing reactions / replies in the first place, with moderation as one possible approach
[tantek]IMO we have to figure out UX ways to make receiving webmentions and handling them as close to fully "automatic" as possible, and *not* require moderation in "normal" cases
barnabyagreed, I’m currently in the process of reqorking my site and want to start off with a basic moderation system so it’s quick and easy for me to approve/reject responses, which isn’t the case currently
barnabyso I was asking from the POV of what’s the simplest, quickest thing I can throw together which other people have found useful, while keeping in mind more advanced solutions to implement later e.g. allow lists, vouch etc
barnabyI’m satisfied with the indieweb-specific answers I got for the moment, but I definitely want to add to /moderation at some point with additional examples
gRegorMine isn't really moderation. I have a UI I can manually set a response as private, but the majority of the time visibility is set automatically if there's an error processing the response.
gRegorMaybe. I can't remember. If so, less than a handful of times and it was probably a spammy Twitter reply, so I just deleted the response from my site.
LoqiIt looks like we don't have a page for "ProcessWire Webmention" yet. Would you like to create it? (Or just say "ProcessWire Webmention is ____", a sentence describing the term)
[snarfed]agreed, fwiw "never have to think about it" is where I've been for a long time. I run Akismet on normal comments and auto-approve wms. very very rarely have to manually moderate anything
[KevinMarks] Dan is blacklisted from twitter and doesn't know why https://newsletter.danhon.com/archive/s13e10-dying-slowly-and-then-all-at-once/
jeremycherfas Sad story, and of course all too believable.
capjamesg Quick reminder that HWC London / Europe will be hosted this evening: https://events.indieweb.org/2022/10/homebrew-website-club-europe-london-pt1qY117l4St
[aciccarello] I've heard of similar malware flagging issues when sites hosted user content under the main domain.
Loqi Free domain names are provided by certain domain name registrars https://indieweb.org/free-domain-names
barnaby I’m satisfied with the indieweb-specific answers I got for the moment, but I definitely want to add to /moderation at some point with additional examples
[snarfed] redirect to https://indieweb.org/bluesky 🤷
[tantek] capjamesg, if you want citations for why Twitter and OG tags are unnecessary, I believe we have a bunch in /link-preview
gRegor ProcessWire Webmention is /ProcessWire#ProcessWire_Webmention