#dev 2017-06-14

2017-06-14 UTC
tantek and eli_oat joined the channel
#
aaronparecki.com
edited /2017/Schedule (+63) "same start time both days"
(view diff)
gRegorLove, petermolnar_ and KartikPrabhu joined the channel
#
eli_oat
does anyone POSSE github gists?
#
eli_oat
Or, maybe link-backs is a better term, then POSSE
#
eli_oat
What I mean is when I cross post an image, for instance, it includes a link-back to Instagram. I just made a post on my site that includes a code snippet that I made into a gist, rather than embed the gist itself I include it as a link-back: https://eli.li/entry.php?id=20170614014000
#
Loqi
[eli] Currently, whenever I reply to or like a link the source URL displays. I've found a really sturdy way to parse content titles, but the performance is absolutely abysmal. Wicked wicked wicked slow. I think it may be something to do with how I'm invoki...
#
KartikPrabhu
what is PESOS?
#
Loqi
PESOS is an acronym/abbreviation for Publish Elsewhere, Syndicate (to your) Own Site https://indieweb.org/pesos
#
eli_oat
I'm still starting at my site. What I'm wondering (but realizing I did a terrible job of asking) is if anyone POSSEs code snippets to gists?
#
aaronpk
I don't really see the point for me. I normally use gists for quick throwaway links to send to people.
#
aaronpk
If i had a quick way to do that on my site then I wouldn't use gists at all
#
eli_oat
that is legit
#
eli_oat
The impetus was one more of archiving than of anything else
#
aaronpk
Ah yeah. I guess I don't consider things I put there worth savig
#
ben_thatmustbeme
woo, new laravel based code-base now passing all but 6 micropub tests.
#
ben_thatmustbeme
scratch that, all but 3
#
ben_thatmustbeme
nested json, and the multipart photos
ricmac, tantek and loicm joined the channel
#
Loqi
ok, I added "https://simplystatistics.org/2017/06/13/the-future-of-education-is-plain-text/" to the "See Also" section of /markdown
#
loqi.me
edited /markdown (+81) "petermolnar_ added "https://simplystatistics.org/2017/06/13/the-future-of-education-is-plain-text/" to "See Also""
(view diff)
#
tantek
interesting sounding. going to have a read
#
tantek
reasonably sensible article
#
petermolnar_
quite similar to your/our reasoning for flat files & plain text
#
tantek
petermolnar_: have you seen my old blog post on that?
#
petermolnar_
I've seen a few, which particular one?
#
tantek
oh my, coming up 11 years ago
#
petermolnar_
wow, maybe not than
#
Loqi
Open data formats, longevity, and microformats
#
tantek
WOW nice work Loqi
#
tantek
oh yeah, hentry even back then
#
tantek
lol I remember this one. aaronpk this one is for you: http://www.tbray.org/ongoing/When/200x/2006/05/11/iCal-still-sucks
#
tantek
(linked from my post above)
#
petermolnar_
2006 live links, that deserves respect
#
petermolnar_
and yes, ical sucks
#
petermolnar_
nyeheh, XHTML
#
petermolnar_
quoting a friend of mine: "full valid XHTML strict... so bauhaus"
#
tantek
what is XHTML
#
Loqi
XHTML is a markup standard (W3C) for HTML that has been superseded by HTML5 https://indieweb.org/XHTML
#
Loqi
ok, I added "http://tantek.com/2010/302/b1/xhtml-dead-long-live-xml-valid-html5" to the "See Also" section of /XHTML
#
loqi.me
edited /XHTML (+69) "tantek added "http://tantek.com/2010/302/b1/xhtml-dead-long-live-xml-valid-html5" to "See Also""
(view diff)
#
Loqi
[Tantek Çelik] XHTML Is Dead, Long Live XML-Valid HTML5
#
tantek
^^^ petermolnar_ my updated thoughts on XHTML (only ~7 years ago)
#
tantek
oops it was already in the articles duh
#
tantek
rolled it back
#
petermolnar_
I'm curious of the emoji hell keeps running will utf8 suffice in the coming years
#
tantek.com
edited /longevity (+113) "open data and longevity post from nearly 11 years ago, sort articles reverse chronological, cleanup author/by a bit"
(view diff)
AngeloGladding and gRegorLove joined the channel
#
@WendyandCharles
ReadersGazette: BLOG Indie Author Answers by Jim Heskett http://www.thejugglingauthor.com/indieauth/ Get help writing your book #bookbloggers 74
(twitter.com/_/status/874871598473457669)
tantek, AngeloGladding, sebsel and [kevinmarks] joined the channel
#
[kevinmarks]
Utf-8 can express all possible emoji already
#
[kevinmarks]
Normalisation is still a bit tricky though.
sebsel joined the channel
#
petermolnar
random thoughts: why is there no schedule for a h-event? is would that be nested h-events? and why doesn't Facebook have a schedule option already for events?
#
vanderven.se martijn
edited /rsvp (+116) "/* What value could be used to? */ Document usage of remote yes."
(view diff)
sebsel and [kevinmarks] joined the channel
#
[kevinmarks]
An h-feed of h-events?
#
petermolnar
not convinced
#
petermolnar
because the event itself has start, end, venue, etc
#
petermolnar
so does the sub-events
#
seblog.nl
edited /rsvp (+480) "/* Remote Participation */ added brainstorm"
(view diff)
#
[kevinmarks]
Ah, I see. Well, there's nothing to stop you putting events inside events, but it may be a little confusing.
#
[kevinmarks]
We did try to mark up a session grid with the original hcalendar, but it needed to include venue by reference I think, which made markup and parsing hard.
#
Zegnat
I guess you could write parsing rules so that venue is implied from a parent h-event?
#
Zegnat
That would get around duplicate information quiet nicely.
#
petermolnar
yeah, but there comes the problem of the venue of the schedule, eg. the main venue is "indie elementary school", schedule for "X" happening between "8am-9am" in "classroom A" which is a sub-venue of "indie elementary school" and suddenly I'm reimplementing schema.org
#
[kevinmarks]
You'd still need to wrap the parent h-events around the columns.
#
[kevinmarks]
Hm. So you have a parent h-event, with an h-card for each room, and make the sessions children of that h-card? That makes a kind of sense
#
Zegnat
No parsing rules for col elements, [kevinmarks]? I guess not...
#
[kevinmarks]
It's tricky. An html table does make sense but it is not quite clear how to combine the thead info
#
[kevinmarks]
And you really want to pull the venue from the column header and the time from the row
#
loqi.me
created /LaTeX (+136) "prompted by petermolnar and dfn added by petermolnar"
(view diff)
#
vanderven.se martijn
edited /rsvp (+353) "/* What value could be used to? */ What about a set of space separated values?"
(view diff)
[kevinmarks] joined the channel
#
loqi.me
edited /LaTeX (+64) "/* See Also */ new section"
(view diff)
[shanehudson] joined the channel
#
loqi.me
edited /LaTeX (+28) "[shanehudson] added "https://www.overleaf.com/" to "See Also""
(view diff)
KevinMarks and eli_oat joined the channel
#
Zegnat
Is anyone doing Proof-of-Work validation on their WM endpoints? https://indieweb.org/Webmention-brainstorming#proof-of-work
singpolyma and KartikPrabhu joined the channel
#
eli_oat
I'm not doing it that way, but have been curious about spam prevention. I've been toying with trying to rate-limit or IP limit the endpoint, but haven't come up with a solution, yet
#
sknebel
I haven't heard of anyone doing that, no
#
sknebel
I think vouch, rate-limiting, domain blacklists and expiring endpoints are the things that people have tried/are using
#
ben_thatmustbeme
i am (was as i am rebuilding it) using vouch with black/white listing
#
www.svenknebel.de
edited /Webmention-brainstorming (+87) "/* should bookmarks send webmentions */"
(view diff)
#
Zegnat
I am building vouch into my new WM code, as well as private mentions, and was just wondering if I should implement pow too. Guess I’ll skip that.
#
ben_thatmustbeme
private webmentions will be cool to add
#
ben_thatmustbeme
i want to do that
#
Zegnat
Puzzling how I will do it async.
#
ben_thatmustbeme
what are you writing in?
#
ben_thatmustbeme
any sort of framework?
#
sebsel
sknebel I also show bookmarks on my posts, and aaronpk is sending webmentions on them, see https://seblog.nl/2017/01/02/2/screenshots
#
Loqi
[Sebastiaan Andeweg] Another take on uploading screenshots to a Micropub Media Endpoint
#
sknebel
sebsel: I know, your example was why I linked /facepile
#
sebsel
ah :)
#
sknebel
Zegnat: what's puzzling about it? just the time constraint?
#
sknebel
(I have 1,5 concepts for private webmentions without the time limit floating around, but didn't yet get around to build even the most basic of prototypes)
#
sebsel
ah, and I send mentions for bookmarks as well, I see, although i am in doubt about that indeed
#
sebsel
I really want to redo a lot of webmention stuff as well
#
sknebel
heh, me too. was one of the first things I wrote, and its creaking on failed assumptions
#
Zegnat
Sorry. Had to step out.
#
Zegnat
ben_thatmustbeme, PHP, no framework.
#
Zegnat
sknebel, yes, the time constraint
#
sknebel
my verifications triggers almost immediately once a received mention has been queued, and I've thought about adding a priority queue for private webmentions for situations with higher load
#
Zegnat
On my Swedish web hosting, where I am currently hosting my endpoint, I do not have enough server access to set something like that up. Best I can do is trigger a script once every 5 minutes.
#
Zegnat
I imagine many others on shared hosting would face similar problems.
#
Zegnat
As the `code` I receive with a private webmention may only be available for 60 seconds, it is impossible for me to do private webmentions async
#
sebsel
Zegnat you can point vanderven.se/martijn/'s rel=webmention to licit.li/webmention, or where ever you want.
#
sebsel
you would lose your relative-url edge case however :P
#
ben_thatmustbeme
may only be available for 60 seconds? that seems unreasonable
eli_oat joined the channel
#
Zegnat
I know. I could build it specifically to a server where I have more access. But that does not address the problem everyone else on shared hosting has, sknebel.
#
ben_thatmustbeme
i normally process my webmentions on a several minute delay
#
Zegnat
ben_thatmustbeme 60 seconds to 10 minutes is the timespan. But you do not decide that, the site issueing the code decides.
#
Zegnat
It also will not tell you about the timespan, so you cannot order accordingly.
#
ben_thatmustbeme
yeah, who set 60 seconds?
#
sebsel
but that's where the first exchange is for
#
sebsel
you need to exchange the code for an access token
#
Zegnat
From spec: “A maximum authorization code lifetime of 10 minutes and minimum of 60 seconds is recommended.”
#
sebsel
then you got an hour.
#
ben_thatmustbeme
i haven't looked in to it much yet
#
Zegnat
Yes, but I want the first exchange to be async for all the reasons as I want async for the second exchange, sebsel. I am fetching an unknown payload from an external server.
#
ben_thatmustbeme
but as long as that is simple, then yeah, i can do that before i queue it
#
sebsel
you can discover the token endpoint by a HEAD request, so no need for big payloads
#
sebsel
but it need two queues yeah, one for token, one for the mention
#
sebsel
with different priorities
#
sknebel
yeah, that's one of the main criticisms of the current proposal
#
sebsel
it's complicated
#
Zegnat
I could see myself finding the token endpoint with the HEAD. No problem. But then I still need to exchange my code for a token, and that request is a normal POST with an unknown payload coming back
#
sknebel
at least it doesn't involve parsing content as sebsel noted
#
sknebel
or rather, only small endpoint payloads
#
Zegnat
Who guarantees that the endpoint I am now fetching synchronously will be small, though, sknebel?
#
Zegnat
Or maybe I should limit private webmentions to whitelisted / vouched domains only.
#
sknebel
if you (all of you) want to help flesh out an alternative proposal say so, then I'll try to write something down about it in the next few days
#
sknebel
(doing verification with some type of /non-interactive IndieAuth , but there are some issues with identities for that)
eli_oat joined the channel
#
sknebel
(and of course the issue of non-interactive IndieAuth in general)
#
Zegnat
Would love to discuss, sknebel. I might skip private wm for now, it just doesn’t fit in with the flow I am trying to establish.
#
sknebel
(also, please add your concerns to /private-webmention if they aren't reflected already, or maybe add +1 to them to make it clearer people actually have an issue with them)
KevinMarks joined the channel
#
ben_thatmustbeme
Zegnat: if you need any inspiration, i am doing everything in laravel now
#
Loqi
[Inklings-io] splatter
#
Zegnat
My issue is purely with splitting it off into an asynchronous flow, ben_thatmustbeme. Framework does not matter there, I am afraid :(
#
sknebel
Zegnat: what kind of scheduling do you have available? cronjobs?
#
ben_thatmustbeme
i iknow, that more in general
#
sknebel
Zegnat: or are you thinking about something like WP-cron?
#
Zegnat
I assume they are cronjobs, just hidden behind my hosting’s control panel. And the smallest interval I can set is 5 minutes.
#
ben_thatmustbeme
so do the initial exchange for a token exchange sync and then push everything else to some storage for doing async
#
Zegnat
Adding that to the wiki, just writing up my problem now, sknebel
#
Zegnat
ben_thatmustbeme, why would I do anything async then? The entire point of doing verification async is to handle contacting external sources outside of the first request. Now I am going to have to fetch from an external source sync anyway?
#
ben_thatmustbeme
i have not looked at the protocol, but is it actually polling the page, or the auth endpoint
#
ben_thatmustbeme
auth should be a lot faster, but i agree, ideally it should all be doable async
#
Zegnat
I get a code. I then have to HEAD the source to retrieve the token_endpoint URL (I could get behind allowing a HEAD request sync). Then I have to POST the code to the token_endpoint URL and get back an unknown payload (should be JSON containing auth info).
#
Zegnat
If I am going to allow a POST to retrieve (and parse) an unknown payload sync, then I might as well allow normal WM verification sync.
#
Zegnat
token_endpoint should be fast, I agree, but can you give me a guarantee that it always will be? That it always returns JSON?
#
ben_thatmustbeme
HEAD of the source isn't really perfect either as you can't use html link tags then
#
Zegnat
I believe the private webmentions spec requires Link headers. (sknebel, confirm?)
#
sebsel
it specificly mentions the HEAD request + Link header.
KartikPrabhu joined the channel
#
sebsel
I wrote this thing after IWC Nürnberg (where I did a lot of IndieAuth and private webmention), and it's probably not great, but yeah, it's another take on it https://seblog.nl/temp/media-endpoint/d29e40-privatewebmentions.html
#
sebsel
I just talked with sknebel about it in DM, (for I am not sure if this is worth your time :P) and he disliked the point that every page has to have an AuthEndpoint then.
#
sebsel
(sknebel is now afk, catching a train)
#
vanderven.se martijn
edited /Private-Webmention (+1293) "/* Issues */ timing critical & breaks asynchronised flows"
(view diff)
#
Zegnat
I’ll read through that in a minute sebsel
#
Zegnat
sknebel, ben_thatmustbeme, see that latest wiki change of mine and feel free to refactor wording if you think of something ^^^
KevinMarks joined the channel
#
Loqi
zegnat has 11 karma in this channel (63 overall)
#
sknebel
Zegnat thx. I personally see a difference between a request to an "api endpoint" and fetching a page, but you are right that they share issues
#
sknebel
What is non-interactive IndieAuth?
#
Loqi
non-interactive IndieAuth is a future way of using IndieAuth to authenticate/authorize services against other services, without a human user confirming things https://indieweb.org/non-interactive_IndieAuth
KevinMarks joined the channel
#
sknebel
(That's what I'd want to use, similar to sebsel s thing, but exact protocol and which identity exactly gets used to log in is open)
#
sknebel
Reminds me, I wanted to read that IETF draft aaronpk recommended again
#
Zegnat
What is the difference then, sknebel? On one I expect valid JSON, on the other valid HTML, to be returned within as short amount of time as possible.
#
Loqi
It looks like we don't have a page for "difference then, sknebel" yet. Would you like to create it?
#
Zegnat
In both cases, as the requester, I have no guarantees on exactly what I will get back.
#
Zegnat
This is why I said I might still implement it, synchronously, but then only for whitelisted domains.
#
Zegnat
I would trust several people to adhere to the spec and quickly return a JSON body and nothing else. But to allow private webmentions from everyone?
#
sknebel
I'd be a lot more demanding towards the API when it comes to speed and size of response. But it still is fetching and parsing content, as you say. A stricter format than JSON would be easier for that
#
sknebel
Thus: let's see if we can figure out something better
tantek and pfefferle joined the channel
#
sknebel
Aaronpk : I think this time I understood the dialback oauth proposal. it seems more or less identical in function to the IndieAuth dance of fetching a page and looking for an auth endpoint? If you'd replace the host or web finger lookup with looking for a rel-link you'd basically have indieauth, minus he first step of entering the domain and getting redirected (which indeed could probably be skipped)
#
tantek
what is dialback
#
Loqi
It looks like we don't have a page for "dialback" yet. Would you like to create it?
#
tantek
what is oauth dialback
#
Loqi
It looks like we don't have a page for "oauth dialback" yet. Would you like to create it?
#
tantek
what is IndieAuth dance
#
Loqi
It looks like we don't have a page for "IndieAuth dance" yet. Would you like to create it?
eli_oat joined the channel
#
aaronpk
sknebel: yeah that's what i thought
KevinMarks_ and tantek joined the channel
#
aaronpk
reviews dialback auth again
#
aaronparecki.com
edited /2017/Leaders (+148) "move schedule brainstorming lower"
(view diff)
#
aaronparecki.com
edited /2017/Leaders (-47) "/* When */ update schedule with absolute times"
(view diff)
#
tantek.com
edited /2017/Leaders (+140) "/* Schedule */ shorter TBD, note possible optional 08:30 get your own breakfast"
(view diff)
gRegorLove joined the channel
#
Loqi
IndieWeb Summit 2016
#
aaronparecki.com
edited /Calagator (+83) "/* Features */"
(view diff)
#
aaronparecki.com
edited /Calagator (+87) "/* Good Ideas */"
(view diff)
#
tantek.com
edited /2017/Leaders (+701) "/* Sessions */ HWC Organizing"
(view diff)
#
tantek.com
edited /2017/Leaders (+36) "/* HWC Organizing */ proposer / interested"
(view diff)
#
tantek
^^^ add your "interested"ness
#
tantek.com
edited /2017/Leaders (+207) "/* HWC Organizing */"
(view diff)
#
tantek
when is IWC Berlin?
#
Loqi
what
#
Zegnat
when is 2017/Berlin?
#
tantek
what is IWC Berlin?
#
Loqi
It looks like we don't have a page for "IWC Berlin" yet. Would you like to create it?
#
tantek
IWC Berlin is /2017/Berlin
#
loqi.me
created /IWC_Berlin (+24) "prompted by tantek and dfn added by tantek"
(view diff)
#
aaronparecki.com
edited /2017/Leaders (-30) "/* When */"
(view diff)
#
Zegnat
When is IWC Berlin?
#
Zegnat
when is IWC Berlin?
#
Loqi
IndieWebCamp Berlin 2017 is on 2017-11-04 at Contentful GmbH https://indieweb.org/IWC_Berlin
#
Zegnat
That capitalisation issue bites me every. single. time.
#
loqi.me
created /TPAC (+301) "prompted by tantek and dfn added by tantek"
(view diff)
#
loqi.me
edited /TPAC (+48) "/* See Also */ new section"
(view diff)
#
tantek
what is a nickname cache
#
Loqi
A nicknames cache is a way indieweb sites store information about people to improve the user experience of the site owner referring, mention, and/or linking to those people https://indieweb.org/nickname_cache
[barryf] joined the channel
#
sebsel
sorry that's a redirect
#
tantek.com
edited /person-tag (+33) "try to clarify person-tag person-mention difference some more"
(view diff)
#
Zegnat
http://www.kevinmarks.com/indiewebcampdusseldorf2016.html - p-category / persontag usage in noterlive
#
sebsel
for those not in the call: we're discussing my new @-mentioning, and wether that should be a person-tag or just a mention. (so: mark it up with .u-category.h-card or not)
#
sebsel
I'm now considering adding a syntax to explicitly tag someone vs just mentioning.
gRegorLove and snarfed joined the channel
#
vanderven.se martijn
edited /2017/Leaders (+78) "/* When */ Add some useful times."
(view diff)
#
snarfed
re this morning's conversation on expiring webmention endpoints (Zegnat sebsel ben_thatmustbeme)...just as a reminder, bridgy currently caches them for up to 2h.
#
aaronparecki.com
uploaded /File:server-to-server-indieauth-flow-diagram.svg "generated with https://bramp.github.io/js-sequence-diagrams/<pre>Title: Server-to-Server IndieAuthparticipant alice.authparticipant alice.serverparticipant aliceparticipant bobparticipant bob.tokenalice.server->bob: 1. discover token\nendpointalice.server->bob.token: 2. request a token\nme=…&code=…&callback=…bob.token->alice: 3. discover verification\nendpointbob.token->alice.auth: 4. verify auth code\ncode=…bob.token->alice.server: 5. deliver access token\naccess_token=…alice.server->bob: 6 request page\nwith access token</pre>"
#
Zegnat
snarfed, we didn’t mean for entire endpoints to expire. Just the `code` in private webmentions.
#
snarfed
ah ok nm!
#
sknebel
I mentioned them
#
sknebel
when talking about general antispam techniques
#
aaronparecki.com
uploaded /File:server-to-server-indieauth-flow-diagram.png "generated with https://bramp.github.io/js-sequence-diagrams/<pre>Title: Server-to-Server IndieAuthparticipant alice.authparticipant alice.serverparticipant aliceparticipant bobparticipant bob.tokenalice.server->bob: 1. discover token\nendpointalice.server->bob.token: 2. request a token\nme=…&code=…&callback=…bob.token->alice: 3. discover verification\nendpointbob.token->alice.auth: 4. verify auth code\ncode=…bob.token->alice.server: 5. deliver access token\naccess_token=…alice.server->bob: 6 request page\nwith access token</pre>"
#
aaronpk
oops sorry haha
#
Loqi
hehe
#
sknebel
token endpoint in both cases?
#
sknebel
(s/tcases/steps)
#
aaronpk
i think i called alice's the auth endpoint, although it might be something different
#
aaronpk
i try to avoid calling things tokens that aren't bearer tokens
#
sknebel
why does it directly talk to the token endpoint and not going through bobs auth endpoint? I guess I should wait for a text description bfore asking ;)
#
aaronpk
there is no authorization step needed
#
aaronpk
the authorization endpoint is used when bob needs to be in front of his computer to confirm a request, and bob's browser is directed to bob's authorization endpoint. that doesn't really apply in this case at all.
#
sknebel
apparently have some misconception there then
#
sknebel
I'll read again and ask once I'm back from HWC
#
aaronpk
i'll try to write up a narrative as well
#
tantek.com
edited /responses (+69) "add tag-of and edit, also note review is a sometimes"
(view diff)
#
sknebel
I know where I got confused
#
Zegnat
Please do put in the narrative aaronpk, I have a hard time consoling this with “I an h-entry and I want only sknebel to see it”
#
aaronpk
Zegnat: haha yeah. this is just the part about getting an access token. not integrated with the webmention flow yet
#
sknebel
aaronpk: did you look at https://indieweb.org/non-interactive_IndieAuth#proposal:_simple_flow ? the difference in your flow is that it gets a token instead of just authenticating for a single request (which could be the one to aquaire a token?9
#
seblog.nl
edited /reacji (+240) "added myself"
(view diff)
#
aaronpk
sknebel: yeah, but didn't quite get a specific suggestion out of it
#
sknebel
then it's less clear than I hoped
#
sknebel
(but yes, it has points open where gaps have to be filled)
#
tantek.com
edited /quotation (+13) "response dfn"
(view diff)
#
aaronparecki.com
created /server-indieauth (+3500) "describe initial brainstorming of server-indieauth"
(view diff)
#
sknebel
aaronpk: thx
#
Zegnat
aaronpk, I think I got it now. Not very different from the private wm flow, but you can no longer send the temp code to an endpoint that doesn’t expect it? That’s the “fix”?
#
aaronpk
correct, and everything can happen async
#
sknebel
server-indieauth << [[non-interactive IndieAuth]]
#
Loqi
ok, I added "[[non-interactive IndieAuth]]" to the "See Also" section of /server-indieauth
#
loqi.me
edited /server-indieauth (+49) "/* See Also */ new section"
(view diff)
#
sknebel
non-interactive IndieAuth << server-indieauth
#
loqi.me
edited /non-interactive_IndieAuth (+40) "/* See Also */ new section"
(view diff)
#
Loqi
ok, I added "[[server-indieauth]]" to the "See Also" section of /non-interactive_IndieAuth
#
tantek.com
edited /tag-reply (+325) "move how to to brainstorming since no one does it yet, and add tag and fallback as a use-case that is perhaps more interesting / expected than tag and comment"
(view diff)
#
aaronpk
oh yeah guess icould have added it there
#
tantek.com
edited /tag-reply (+370) "/* tag and fallback */ e.g. and advantages"
(view diff)
sebsel joined the channel
#
vanderven.se martijn
edited /2017/Leaders (+12) "/* Remote Participation */ Add Joschi"
(view diff)
#
loqi.me
created /untag (+105) "prompted by sebsel and dfn added by sebsel"
(view diff)
#
tantek
Zegnat: I don't know if Swarm supports untagging in checkins. Presumably it should?
#
tantek
Or maybe it just allows you to delete the checkin from your history?
#
tantek
tag-reply << untag
#
Loqi
ok, I added "[[untag]]" to the "See Also" section of /tag-reply
#
loqi.me
edited /tag-reply (+12) "tantek added "[[untag]]" to "See Also""
(view diff)
#
tantek
person-tag << untag
#
loqi.me
edited /person-tag (+12) "tantek added "[[untag]]" to "See Also""
(view diff)
#
Loqi
ok, I added "[[untag]]" to the "See Also" section of /person-tag
#
seblog.nl
edited /untag (+707) "expanding"
(view diff)
#
tantek
aaronpk, sebsel Post Type Discovery issue filed - feel free to add more examples / commentary: https://github.com/tantek/post-type-discovery/issues/25
#
Loqi
[tantek] #25 Response Type: consider "reply" for 2nd to last for fallback use-cases
eli_oat joined the channel
#
seblog.nl
edited /untag (+142) "/* Use case */"
(view diff)
#
aaronpk
an h-event inside an h-entry?
#
Zegnat
legacy?
#
Zegnat
Also: allowing h-entry wraps makes it easier to handroll things in a CMS where the h-entry mark-up is fixed in the template.
#
sebsel
Yeah, don't know, should've discussed here first maybe, sorry
#
sebsel
goes and eat something
#
Zegnat
E.g. a WordPress theme could have h-entry support that I do not touch. I can still hand-roll an event by embedding the h-event HTML inside my post body.
#
aaronpk
the only way i can see to make that parsable as an h-event is if the uid property was in the h-event instead of h-entry
#
Zegnat
how about u-url for h-event matching the u-url for h-entry? “Representative event”, like with h-cards? (Obviously does not apply to my event post.)
#
aaronpk
I guess that'd work too
#
aaronpk
I'm hesitant to start recommending this tho cause it's adding work to consumers
#
Zegnat
I am not a super big fan of uid property, tbh. url is so much better within web.
#
gRegorLove
+1 for removing "optionally they can be wrapped in h-entry"
#
Zegnat
then we need to scrap it from the wiki, only allow root events. Current wording is a bit ambiguous and lets people like me break honest websites like sebsel’s ;)
#
gRegorLove
Given the option, some people will definitely do it and it will become more widespread
[kevinmarks] joined the channel
#
gRegorLove
is working on sample markup to add there
#
gregorlove.com
edited /event (+988) "/* How to markup */ example markup"
(view diff)
#
vanderven.se martijn
edited /2017 (+67) "/* Volunteers */ This should have been obvious."
(view diff)
#
gRegorLove
^ Left the "optionally... h-entry" there pending further discussion, but below the example markup.
#
tantek
scrolls up
#
aaronpk
I still don't understand why the suggestion of wrapping the event in an h-entry is there to begin with
#
Zegnat
I would remove it from the page, pending someone using it? (Not counting my site which is probably a break anyway.)
#
tantek
Zegnat++ for multipelle right guesses!
#
Loqi
zegnat has 12 karma in this channel (64 overall)
#
tantek
yes, WordPress legacy support is the issue
#
Zegnat
takes a bow
#
tantek
and aaronpk your criticisms are 100% correct
#
aaronpk
Wouldn't that be an hEntry then?
#
tantek
class='hentry' but yeah
#
gRegorLove
I don't understand it being there either; just being careful about removing stuff :)
#
aaronpk
And we could expect to never encounter an h-entry -> h-event case
#
tantek
either way it gets parsed into an h-entry
#
tantek
sorry, I should have been more explicit about why
#
tantek
based on how little WordPress sites have bothered to try to publish events, receive RSVPs etc., I'm totally ok with breaking this
#
tantek
sorry snarfed
#
Zegnat
tantek, how are you sure the entry is supposed to *be* an event rather than just containing event mark-up? Parsing is an issue by itself.
#
Loqi
[sebsel] #42 Parse h-entry with embedded h-event as 'event'
#
tantek
Zegnat: yes the page / post is supposed to just *be* an h-event
#
Zegnat
My vote definitely goes to striking that sentence from the wiki then.
#
tantek
it was added when we were first developing events as an indieweb thing, and that was the fastest / easiest way to get WordPress folks being able to support it
#
tantek
but in practice posting events using WordPress never took off anyway (nor RSVPs for that matter) so yeah, no need to bend over backwards for something that never took off
#
tantek
digs into revision history
#
sebsel
I also see no Events in GWG's Post Kinds plugin https://wordpress.org/plugins/indieweb-post-kinds/
#
Loqi
[David Shanske] Description Post Kinds adds support for responding to and interacting with other sites using the standards developed by the IndieWeb by implementing kinds of posts. It can also distinguish certain types of passive posts in a manner similar to pos...
#
tantek
interesting my first draft of that page said to use *both* h-entry and h-event (which means on the same element)
#
sebsel
I wonder if that's helping anyone
#
gRegorLove
That would kind of make sense for consumers that understand h-entry but not h-event, but that's a hypothetical afaik
#
Zegnat
Maybe influenced by the h-as-* syntax, tantek? .h-entry.h-as-event?
#
tantek
here's the edit where I added the 'Optionally they can be wrapped in an' wording: https://indieweb.org/wiki/index.php?title=event&action=historysubmit&diff=5877&oldid=5834
#
tantek
and then benwerd called it an error if the h-entry was *missing*! https://indieweb.org/wiki/index.php?title=event&action=historysubmit&diff=5879&oldid=5877
#
tantek
checks a Known event post
#
tantek
has a sneaking suspicion
#
gRegorLove
I don't read that as "error if the h-entry was missing"
#
tantek
gRegorLove: note the edit summary
#
tantek
that's where he called it an error
#
gRegorLove
Eenteresting.
#
tantek
's concern has been allayed, Known does NOT wrap h-event in an h-entry: http://pin13.net/mf2/?url=https://werd.io/2017/homebrew-website-club-june-14-2017
saranix and KartikPrabhu joined the channel
#
seblog.nl
edited /person-tag (+330) "added myself"
(view diff)
#
tantek.com
edited /event (-99) "drop h-entry parent option - it never saw any uptake in 4+ years; note at least Benwerd's site has h-event as the top item"
(view diff)
#
tantek
gRegorLove: ok finally updated /event per discussion above
#
seblog.nl
edited /person-tag (+344) "/* Using + as autolink */"
(view diff)
#
tantek
and noted explicitly that Benwerd's site does it right
#
tantek
could use some help verifying the markup of the indie event post permalinks on other examples on https://indieweb.org/event#IndieWeb_Examples (like add a nested list item for each noting what type of markup it is using on the event permalink page - just h-event at the top, or contained in anything else)
#
tantek
if we can document a consistent publishing pattern, and start documenting some consumers of h-event, then we can add a request to add it to Post Type Discovery https://github.com/tantek/post-type-discovery/issues
#
gregorlove.com
edited /event (+38) "/* gRegor Morrill */ h-event as top-level microformat"
(view diff)
#
gRegorLove
tantek: Thanks! I'll work on that a bit.
#
gRegorLove
Aw, bret.io links died
#
gregorlove.com
edited /event (+110) "/* IndieWeb Examples */ note aaronpk's top-level h-entry, bret's broken links"
(view diff)
#
seblog.nl
edited /event (+250) "Added myself"
(view diff)
#
gRegorLove
What is sitedown?
#
Loqi
It looks like we don't have a page for "sitedown" yet. Would you like to create it?
#
gRegorLove
Sitedown is software to generate a static HTML site from a collection of Markdown files https://hypermodules.github.io/sitedown/
#
loqi.me
created /Sitedown (+156) "prompted by gRegorLove and dfn added by gRegorLove"
(view diff)
KartikPrabhu joined the channel
#
gregorlove.com
edited /event (+39) "/* Jeena */ h-event as top-level microformat"
(view diff)
sebsel joined the channel
#
gregorlove.com
edited /event (+39) "/* Kyle Mahan */ h-event as top-level microformat"
(view diff)
#
gregorlove.com
edited /event (+39) "/* Shane Becker */"
(view diff)
#
gregorlove.com
edited /event (+38) "/* Sebastiaan Andeweg */ h-event as top-level microformat"
(view diff)
#
Zegnat
aaronpk re /server-indieauth how does Alice know Bob’s page contains private content? HTTP 401/403? HTTP header field Vary with Authorization?
#
aaronpk
TBD, but out of scope of the spec
#
aaronpk
it could be because of a webmention extension that indicates that, it could be that alice always fetches bob's home page with an authorization header when she start following bob, etc
#
Zegnat
Hmm, yeah, guess it is out of scope for /server-indieauth. I was just mulling over in my head how I would get from receiving a webmention, to identifying it as private, then to the /server-indieauth flow.
#
aaronpk
for private webmentions, i'd say the response of the initial verification request returning 401 along with the Link header would be sufficient
#
Zegnat
I think private webmentions is a great first place for implementing and testing out this flow. Though I am biased as I am working on wm code and do not like the current private wm flow.
#
aaronpk
yeah it's a solid use case for sure, but i also want to be able to have people fetch my home page with an access token and provide private posts in the feed for them
#
gregorlove.com
edited /event (+226) "/* Ryan Barrett */"
(view diff)
#
Zegnat
Yes, I would like that too. Nice for /audience. That’s where I thought Vary: Authorization might fit.
#
Zegnat
Well. I’ll go mull it over in my sleep. I am not on PDT yet. Good night all!
#
gRegorLove
!tell tantek Updated /event examples. Looks like only WordPress is the outlier with a an h-event inside h-entry
#
Loqi
Ok, I'll tell them that when I see them next
#
sebsel
gRegorLove++
#
Loqi
gregorlove has 23 karma in this channel (144 overall)
#
sknebel
In the train back home
#
sknebel
I guess what I saw as "logging into an app" is getting a token in aaronpk s design
#
sknebel
Which seems like the more generic thing to get
#
aaronpk
yeah, i think the term "logging in" has implications that are not part of this. e.g. session management
#
sknebel
I'm not sure yet on discovery of the correct auth endpoint
#
sknebel
Yeah, I didn't have anything like a session
#
sknebel
A token is at least a basic form of it
#
sknebel
And already established
#
aaronpk
i'm not sure "auth endpoint" is the right term for what we need for this flow
#
aaronpk
but i do think the mechanism is right
#
aaronparecki.com
created /Template:anomalily (+169) "anomalily template"
(view diff)
#
sknebel
In indieauth, the thing called to verify the data is called auth endpoint, I'm not sure it's that much different?
#
aaronpk
yeah my thought with calling it auth endpoint was that it verifies short-lived codes
#
aaronpk
ooh if you add another step between 4 & 5 then you could actually prompt the user out of band to approve the request
#
sknebel
I kind of want the webmention ebtpoint to be able to use its own identity, but thats a detail of the specific aplication of it for private WMs, not of this level
#
aaronpk
that would let third-party apps use this flow as well
#
aaronpk
speaking of that... i should compare this against the OAuth 2 Device Flow
#
aaronparecki.com
edited /2017/Schedule (+59) "/* Keynotes */"
(view diff)
#
sknebel
(Because the webmention endpoint acts sort of in place of a human, but it could be different users and it should only be permitted to do so in specific cases)
[kevinmarks] joined the channel
#
sknebel
With replies, I'd kind of want to give access to the posts author (URL), but that could be on a different domain. Then what identity does the webmention endpoint use?
tantek joined the channel
#
aaronpk
that's kind of where i was going with the oauth thing
#
aaronpk
essentially you give your webmention endpoint a way to authenticate as you
#
aaronpk
it's a relationship between your webmention endpoint and your authorization endpoint
#
aaronpk
if they're both in the same code base then of course you don't need a spec for it. but if it's like webmention.io and your site, then webmention.io would need a way to talk to your auth endpoint to be able to generate and use the auth codes
#
sknebel
I guess it could be limited by a scope
#
sknebel
Then multiple endpoints could still act interchangeably.
#
sknebel
(As in, if you post on an external site using wm.io, and have your own endpoint on your homepage, and I send you a homepage WM, then wm.io could (if it knew the URL) read that
#
sknebel
Not sure if relevant
#
sknebel
so maybe the scope should limit the url-range (is that "scope", "realm" or some other parameter in oauth-speak?)
#
sknebel
(thinking out loud here, since thinking quietly clearly hasn't lead me to good answers)
#
gregorlove.com
edited /Donut.js (+72) "link dfn, note sponsor of /2017"
(view diff)
#
gregorlove.com
created /CSV_Conf (+235) "stub"
(view diff)
tantek joined the channel
#
gregorlove.com
edited /2017/Schedule (+59) "/* Friday Pre-Party */ link http://www.pinestreetpdx.com/"
(view diff)
KevinMarks joined the channel
#
gregorlove.com
edited /2017/Schedule (-1) "/* Friday Pre-Party */ fix link"
(view diff)
#
GWG
!tell tantek I never implemented events. I could someday
#
Loqi
Ok, I'll tell them that when I see them next
KartikPrabhu and KevinMarks joined the channel
#
tantek
GWG, I partially implemented events in /Falcon and then got interrupted
#
Loqi
tantek: gRegorLove left you a message 1 hour, 52 minutes ago: Updated /event examples. Looks like only WordPress is the outlier with a an h-event inside h-entry
#
Loqi
tantek: GWG left you a message 19 minutes ago: I never implemented events. I could someday
#
GWG
I don't go enough places to put it higher
#
tantek
gRegorLove: as predicted
#
GWG
Same reason why it took me so long to do RSVPs
#
tantek
makes sense, scratch your itchiest itch first!
#
tantek
interesting the h-event discussion makes me think that it's bad for WP core to include anything "entry" in the markup, and that should be left up to themes with smart defaults in themese
#
tantek
themes*
#
GWG
tantek: It goes back to backward compatibility again though
#
tantek
GWG, how does core make decisions about what themes to break or not?
#
aaronpk
there's no backwards compatibility to worry about for h-entry, just hentry
#
tantek
right
#
GWG
Exactly. But right now, hentry goes on everything by default.
#
GWG
That was the issue.
#
tantek
GWG, if its that dependable, then a theme can find it and replace it, e.g. with h-entry, or h-event
#
tantek
it's*
#
tantek
reviews Events
#
GWG
tantek: Correct. And that is what I do.
#
tantek
interesting, so (or someone) could add h-event support to Post Kinds and have it replace the hentry
#
GWG
tantek: You just identified my plan.
[kevinmarks] joined the channel
#
GWG
I thought of doing that for h-event and h-review if I ever did it
eli_oat joined the channel