#dev 2018-02-27

2018-02-27 UTC
#
theReal33mhz I implemented microformats on pnut.io six or eight months ago, but a couple months ago we switched primary canonical post front ends, and I dropped the ball - so I reimplemented that, and will look towards bigger things for the spring.
#
snarfed GWG: microsub bridge! https://snarfed.org/microsub-bridge
#
Loqi [Ryan Barrett] Microsub bridge
#
snarfed ooh theReal33mhz you may also be interested in https://github.com/snarfed/bridgy/issues/736
#
Loqi [chrisaldrich] #736 New silo: pnut.io
#
aaronpk Zegnat: where did we end up with the rel=auth discussion?
#
theReal33mhz thanks snarfed. Will read up this evening, during the MondayNightDanceParty. Off to dinner o/
#
snarfed GWG: you?
#
aaronpk ah, looks like general support of the idea https://indieweb.org/RelMeAuth#Consolidated_identities_do_not_carry_inherent_trust
#
GWG Finished a UI update on my Post Kinds plugin which added Issues. Sped through Bridgy(the plugin) to add Github support. Now doing an update on Syndication Links to add some plugins people wanted. Then I was thinking of doing the authorization endpoint to complement the token endpoint I did next
[eddie] joined the channel
#
[eddie] 🙌 finished migrating my old posts and got my nginx rewrite rules working to redirect all my old post urls
#
aaronpk nice
snarfed, tantek, gobengo, clever__, snarfed1 and theReal33mhz joined the channel; clever__ left the channel
#
loqi.me created /chat.indieweb.org (+126) "prompted by tantek and dfn added by aaronpk" (view diff)
#
loqi.me edited /chat.indieweb.org (+79) "aaronpk added "[https://github.com/indieweb/chat.indieweb.org Source Code]" to "See Also"" (view diff)
renem, tantek and [miklb] joined the channel
#
[miklb] find myself desiring to set up Compass
#
[miklb] oh. I wonder if I can just run it locally and sync my phone when I’m on the same local network 🤔
snarfed and [eddie] joined the channel
#
[eddie] Hmmm maybe. There is a setting to manual sync, not sure how much data space it would take since it would store it all day
#
[eddie] Compass is fun, join the party 😉
loicm joined the channel
#
Zegnat !tell aaronpk I think the rel-auth discussion is fully documented on the wiki
#
Loqi Ok, I'll tell them that when I see them next
snarfed, barpthewire, cweiske and [kevinmarks] joined the channel
#
[kevinmarks] What about using two of the rel-me links for two factor auth?
#
Zegnat Also interesting [kevinmarks], but not sure that solves any trust issue. That just means I can have at most 1 login I don't trust, because auth requires at least 2 to be used.
gRegorLove_ and loicm joined the channel
#
loqi.me created /social_media_fatigue (+291) "prompted by petermolnar and dfn added by Zegnat" (view diff)
#
danq.me edited /User:Danq.me (+107) (view diff)
#
Zegnat [kevinmarks], mind adding that rel-me idea to the wiki?
#
vanderven.se martijn edited /RelMeAuth (+362) "/* Consolidated identities do not carry inherent trust */ Continuing the discussion" (view diff)
Ruxton joined the channel
#
vanderven.se martijn edited /RelMeAuth (+567) "/* Articles */ Was going to update {{barnabywalters}}’ URLs to [[HTTPS]], decided to add full {{citation}}s." (view diff)
#
Zegnat For people using Firefox: does Barnaby’s profile photo load for you on https://indieweb.org/Template:barnabywalters ?
#
Zegnat Firefox seems to block it for me, with the following in the console: “The resource at "https://twitter.com/barnabywalters/profile_image" was blocked because tracking protection is enabled.”
#
cweiske yep, blocked here
#
Zegnat Guess that’s the end of hotlinking Twitter images.
#
petermolnar with that logic anything 3rd party could be blocked...
Ruxton joined the channel
#
sknebel I think using a blacklist is a reasonable compromise
sebsel, mmm and [kevinmarks] joined the channel
#
[kevinmarks] Fritter has a toggle for that for similar reasons
#
[kevinmarks] http://known.kevinmarks.com/2018/fritter-image-inlining-settings-indieweb
#
Loqi [Kevin Marks] Fritter image inlining settings #indieweb http://known.kevinmarks.com/file/a0d72d451a8936d71aa81192c2e85e47/thumb.png
#
sknebel neat
#
Zegnat Discord supports something similar: https://i.imgur.com/sA1Fzvj.png
#
Zegnat sknebel, moving here because techy: what problems do you see in stripping dots and +labels from email addresses?
#
Zegnat I think they only recommend it while checking for uniqueness, not for storing the actual address, right?
#
Zegnat As an uniqueness test, it sounds fine to me
#
sknebel sure, if you don't need me as a customer because the person that has almost the same e-mail with a dot in it already has signed up, and are sure there is no legitimate reason to have multiple accounts on your site
#
sknebel it makes assumptions that the article notes aren't generally true, for little actual benefit
#
sknebel as far as I can tell, the only thing it prevents is that someone forgets they already had an account and signs up again
#
sknebel (and if you do not want multiple signups by the same person it makes it almost imperceivably harder to do so)
#
Zegnat I felt like it was all specifically about uniqueness. I am not sure what email providers are going to allow names that vary only by some periods. And as it rightly notes, most MTAs ignore the + already.
#
Zegnat It is a little mixed I guess, not always clear how the article thinks names are to be used.
#
Zegnat E.g. punycode is fine for uniqueness, but they also want names to be distinct in display and usable in several ways.
#
sknebel and that makes sense for usernames
#
sknebel it's less clear why this matters for the e-mail addresses people use
#
sknebel gmail is the only mail provider I'm aware of that ignores dots, and I know several that for certain don't
#
Zegnat Difference between ignoring dots and accepting names that only differ on dots
#
Zegnat I know some companies where the dots between first and last name is important. But the period will always be there, so there is no harm in doing the uniqueness test without them. They are never going to assign someone the address without the dot
#
sknebel I have e-mail addresses that are only a dot from other people's
#
Zegnat That’s interesting! I’ve never seen that be a problem in practice.
[mrkrndvs] and [kevinmarks] joined the channel
#
[kevinmarks] I have an email address that many other people think is theirs and send me their flights, car part listings on ebay, mortgages and baby showers
leg, jeremycherfas, eli_oat and dougbeal|mb1 joined the channel
#
aaronpk [miklb]: running it on a local network would be fine. The data isn't huge. I sometimes queue up 30,000 records on the phone before it sends to the server
#
Loqi aaronpk: Zegnat left you a message 7 hours, 35 minutes ago: I think the rel-auth discussion is fully documented on the wiki
snarfed and [miklb] joined the channel
#
[miklb] thanks aaronpk. Hardest part will be figuring out how to get the iphone to “see” my .dev local sites. Might skip that part and use <machine>.local that reads like it’s easier.
#
aaronpk Oh yea. I run a local dns server in my home network so it's easy to add custom hostnames like that
#
[miklb] cool. I’m off to test how well Overland can track me while I wade around in Tampa Bay 🙂
#
aaronpk hah nice
#
aaronpk if you want a fun project for home, this is what I use as my home DNS server. once it's installed you can add hostnames to the config file really easily https://pi-hole.net
#
aaronpk man sometimes I really think I dont know anything about css
#
petermolnar aaronpk what lead you to that statement about css?
#
aaronpk this text is shrinking based on the width of the window and I can't figure out why. but it only does it when chrome is set to mobile preview mode
#
aaronpk oh and only some of the text, not all of the text
#
aaronpk also my media query doesn't seem to work in that preview mode but works fine in normal mode
#
Zegnat It’s not that you just have a wrong viewport setting for mobile?
#
aaronpk I have <meta name="viewport" content="width=device-width, initial-scale=1">
#
aaronpk oh wait lol, no I don't 😂
#
Zegnat There you go ;)
#
aaronpk forgot this wasn't including my wrapper HTML template yet
#
aaronpk thx :D
#
Zegnat One of those things where it isn’t enough to do just some HTML with CSS, because then browsers get all weird again :P
#
Zegnat meta viewport sometimes feels like the HTML strict of today to me
#
aaronpk ahh now this is working like I expected, thanks haha
#
Loqi nice
#
Zegnat 👍
KartikPrabhu and [eddie] joined the channel
#
[eddie] Hmmm, any ideas why xray would give me: {“error”:“timeout”,“error_description”:“Resolving timed out after 2511 milliseconds”,“url”:“https://eddiehinkle.com/“,”code”:0} My browser seems to visit my site okay and I just checked uptimerobot.com and it seems to be getting a 200 from eddiehinkle.com
#
[eddie] Oh
#
Loqi Eddie Hinkle
#
[eddie] Well slack got a 404
#
[eddie] lol
#
[eddie] I guess that is definitely an indicator
#
KartikPrabhu this is awesome article https://www.b-list.org/weblog/2018/feb/11/usernames/
#
KartikPrabhu talks about DJango and Python but useful elsewhere too
#
KartikPrabhu aah already mentioned in main channel
#
Loqi letsencrypt wildcard certs are available! https://letsencrypt.org/2017/07/06/wildcard-certificates-coming-jan-2018.html
#
Loqi Countdown set by aaronpk on 2018-02-04 at 8:39am PST
#
KartikPrabhu https://community.letsencrypt.org/t/acmev2-and-wildcard-launch-delay/53654 "No r"elease date to announce yet.
#
aaronpk womp womp
#
Zegnat Ugh, letsencrypt also starts their page with a huga fatwigoo
#
Zegnat And of course they also use that lovely js;dr Discourse forum.
#
Zegnat Non-js;dr link: https://community.letsencrypt.org/t/acmev2-and-wildcard-launch-delay/53654?_escaped_fragment_
#
Loqi 🎉
#
Loqi Countdown set by schmarty on 2018-02-04 at 11:46am EST
#
KartikPrabhu premature partying!
#
martymcgui.re edited /Planning (+147) "/* NYC */ brainstorming some dates" (view diff)
#
schmarty haha, i don't know what that was for!
#
Loqi hehe
#
KartikPrabhu schmarty: possibly letsencrypt wild card certs
snarfed joined the channel
#
schmarty KartikPrabhu: i think so, ha! completely forgot that i set that. womp womp.
tantek and gobengo joined the channel
#
aaronpk I just built a super minimal microsub client and launched it at monocle.p3k.io!
#
aaronpk it's not pretty right now but it does render posts!
#
snarfed aaronpk++ !
#
Loqi aaronpk has 120 karma in this channel (1573 overall)
#
aaronpk it's also no-js so it's *fast*
#
snarfed does it ask for 'create' and 'update' indieauth scopes for posting responses?
#
aaronpk it does. that's my next step
#
snarfed ok
#
aaronpk that part will use JS to avoid page reloads on those actions, but I like that it renders the timelines as html
#
aaronpk I really enjoy how much I don't have to think about where this data is coming from in order to make this UI work
#
snarfed microsub++
#
Loqi microsub has 1 karma in this channel (2 overall)
[eddie] joined the channel
#
[eddie] Hmmm, anyone have any ideas? It seems like https://eddiehinkle.com is accessible from my computer and from aaron’s servers (I’m able to log in to Monocle and ping from xray.p3k.io), but sites hosted on my server are unable to connect since last night. So my local instance of Aperture and Xray
#
Loqi Eddie Hinkle
#
[eddie] So it’s like the server can’t reconnect to itself round trip?
#
KartikPrabhu my FF cna't find that site either
#
aaronpk can you tell if it's a DNS issue or HTTPS issue?
#
[eddie] I ran an https checker and it said everything was fine
#
[eddie] So probably DNS
#
KartikPrabhu yeah looks like DNS to me
#
[eddie] That’s a good direction to check. For some reason DNS wasn’t popping in my mind until you guys brought it up
#
[eddie] Hmmm pingdom dns check said everything was working well. Domain registrar is also my DNS provider. It points to my server which I verified is the right IP
#
[eddie] Hmmm, an unnamed hosting provider going downhill after losing cleverdevil? 😉
#
[eddie] haha
#
Loqi ahaha
#
KartikPrabhu maybe DNS records haven't propagated compeltely yet? so some words of that sort
#
[eddie] The odd thing is no DNS stuff has changed in the past 6 months
#
[eddie] Would it just have something to do with the virtual machine and internal DNS stuff with the host?
#
sknebel can stuff on your server connect to anything else?
#
sknebel (resolve anything else)
#
[eddie] Oh good question let me check
#
KartikPrabhu I can't find [eddie]'s site on my FF
#
[eddie] Yep. my xray was able to parse aaronparecki.com
#
[eddie] what error do you get KartikPrabhu?
#
KartikPrabhu [eddie]: wait looking up the response
#
KartikPrabhu [eddie]: no response headers at all
#
KartikPrabhu in fact no "Response" of any kind. FF says "We can’t connect to the server at eddiehinkle.com"
#
aaronpk now there is a "like" button \o/
#
snarfed yeah `dig @8.8.8.8 eddiehinkle.com ANY` shows no DNS
#
[eddie] hmm yeah that’s definitely odd KartikPrabhu
#
aaronpk huh I get a response from 8.8.8.8
#
snarfed ?!
#
snarfed you get an ANSWER section?!
#
aaronpk yeah eddiehinkle.com. 3600 IN A 64.111.99.65
#
[eddie] Yep, and that’s the right server IP
#
KartikPrabhu [eddie]: from command line python requests lib I get "Temporary failure in name resolution" error
#
KartikPrabhu so definitely not finding the DNS records
#
snarfed aaronpk: sure you're talking to 8.8.8.8 directly, not seeing cached results from a downstream DNS server?
#
snarfed if so, wow, disappointing inconsistency from google dns
#
aaronpk I did @8.8.8.8
#
aaronpk I mean it's not like 8.8.8.8 is just one server so that doesn't really surprise me too much
#
sknebel yeah
#
snarfed no but it's one coherent system
#
snarfed ie should be one logical server from the DNS protocol perspective
#
snarfed anyway
#
sknebel should it?
#
KartikPrabhu like snarfed said dig gives me an answer but it says "status: SERVFAIL"
#
snarfed sknebel: given that if anyone can do distributed systems well and maintain consistency, google can...yes i vote it should :P
#
snarfed maybe just a bug or outage
#
[eddie] Hmm, I’ve never seen something like this before. Does it seem like a domain registrar/DNS or a hosting provider issue?
#
KartikPrabhu [eddie]: try turning the internet off and on again ;)
#
[eddie] 😆
#
sknebel I don't want 8.8.8.8 in Germany giving me the same IPs that it gives to you in the US if there is a closer option available ;)
#
GWG Did you try 9.9.9.9?
#
snarfed sknebel: maybe, but that's different
#
sknebel maybe. I've never seen any claim that 8.8.8.8 is globally consistent, and not sure why they'd go through the trouble of that
#
sknebel eddie's upstream nameservers seem fine
#
loqi.me edited /GDPR (+72) "sknebel added "https://www.smashingmagazine.com/2017/07/privacy-by-design-framework/" to "See Also"" (view diff)
[cleverdevil] joined the channel
#
[cleverdevil] Great job [aaronpk]++ on Monocle 🙂
#
[cleverdevil] microsub++
#
Loqi microsub has 2 karma in this channel (3 overall)
#
aaronpk hah thanks! Did you try it?
#
[cleverdevil] I am in it now, checking it out.
#
[cleverdevil] Its a nice complement to Together and Indigenous.
#
[cleverdevil] Together is React-based, so its fairly heavy and a little slower than I'd like.
#
[eddie] http://hoverstatus.com
#
[eddie] 🤦
#
[eddie] Thanks for your help everyone
#
KartikPrabhu aah
jonnybarnes joined the channel
#
aaronpk [cleverdevil]: sweet! It's still super rough, and doesn't handle all kinds of posts yet. but I wanted to get it functional enough to use it today
#
KartikPrabhu more on third-party CSS https://jakearchibald.com/2018/third-party-css-is-not-safe/
#
KartikPrabhu is Loqi's summary maker broken?
#
aaronpk there's no mf2 on the page
#
KartikPrabhu aah I thought Loqi did some sort of fallback like <title> or something but that's fine
#
[eddie] So does anyone do DNS fallback with a second DNS provider?
#
[eddie] It looks like my DNS provider (hover) has had 4 outages since September. Not crazy and it seems like I haven’t really been majorly impacted by any of them until now. But this one is pretty disruptive. Because of the way Micropub and tokens work, my token server is basically unavailable to half the services that try to verify it
#
[eddie] Thus no micropub or microsub until my DNS provider fixes the issue
#
[eddie] lol
#
KartikPrabhu so your site became a SPOF?
#
[eddie] Yep
#
[eddie] or specifically the DNS of my site
#
KartikPrabhu right, but also because everything else is tied to your site instead of mulitple "identities"
#
[eddie] Yep
#
KartikPrabhu does this count as a criticism of indieweb approach?
#
[eddie] I don’t know if it would reach criticism. But definitely warning.
#
[eddie] If my token endpoint wasn’t on my server I’d probably be okay
#
KartikPrabhu right
gobengo joined the channel
#
[eddie] In fact, I bet that’s why this is the first time I’ve noticed my DNS providers issues
[kevinmarks] joined the channel
#
[kevinmarks] Anyone looking for an interesting node job (in London, could be remote)? https://docs.google.com/document/d/1FNMNhmw3iVT-6omANyXWHExTRwB3vfO0qfEsyajd6XU/edit?usp=drivesdk
#
[eddie] because several months ago I was using IndieAuth.com
#
[eddie] so my tokens continued working regardless of what my website was doing
#
[eddie] I’m thinking if I set up a duplicate DNS on amazon route53 and put that as my 3rd and 4th name servers, I wonder if that would provide enough redudancy
#
[eddie] The issue appears to be my DNS provider’s nameservers went down over night. However it’s been 12 hours and their data seems to be cached as non-existent across Google and half the intenret
#
KartikPrabhu I'm sure this is solved by.....
#
KartikPrabhu .....
#
KartikPrabhu .....
#
KartikPrabhu BLOCKCHAIN
#
[eddie] 😆
tantek joined the channel
#
KartikPrabhu lol! did tantek pop up because of "blockchain" joke :P
#
Zegnat [eddie], maybe you can set a longer TTL on the DNS records? You aren’t planning to move your site, right?
#
[eddie] Ohhh no, I think that’s when it was moved to this server that I did that
#
[eddie] Is the idea there that the TTL would (potentially) prevent the DNS from being checked so frequently so during the outage it might make it through okay?
#
sknebel yes
#
sknebel namecheap also has a free dns service you could setup for a secondary set of servers, but they don't automatically sync those so you'd have to update both with every change
#
[eddie] 💥
#
j12t snarfed: add your latest to https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/Apps.md ?
#
[eddie] Added Amazon Route53 nameserver as my 3-6 nameservers and it instantly works
#
[eddie] Well …. some of it
#
[eddie] lol
#
KartikPrabhu yup your site is back on
[jjdelc] joined the channel
#
[jjdelc] It happened on my webmention endpoint
#
[jjdelc] sorry, that's the log from /token but also got it on webmention
jeremycherfas, renem_ and eli_oat joined the channel; eli_oat left the channel
#
www.boffosocko.com uploaded /Special:Log/upload "uploaded "[[File:Amazon purchase on Twitter.PNG]]" https://indieweb.org/File:Amazon purchase on Twitter.PNG"
#
www.boffosocko.com uploaded /Special:Log/upload "uploaded "[[File:Amazon purchase on Facebook.PNG]]" https://indieweb.org/File:Amazon purchase on Facebook.PNG"
#
www.boffosocko.com edited /acquisition (+924) "/* Amazon */ syndicated purchase posts from Amazon to Facebook and Twitter" (view diff)
renem joined the channel
#
www.boffosocko.com edited /acquisition (+354) "more example acquisition posts" (view diff)
[cleverdevil] joined the channel
#
[cleverdevil] [eddie] DNS is a PITA.
#
[cleverdevil] Even relatively sizable providers (like DH, when I was there) were susceptible to DDoS of DNS.
#
[cleverdevil] Its a common attack vector these days, sadly.
#
bear yea, even small dns environments should have two different nameserver providors now
#
bear route53 + one other is what I recommend
#
[cleverdevil] Same. Its your best bet if you want reliability.
#
bear and if you don't have AWS then namecheap + dnsimple
#
bear as they both have good free tiers
#
[cleverdevil] DYN is pretty solid, too.
#
bear :nods:
#
[cleverdevil] But, between the two, I'd pick Route 53.
#
bear yes, Route53 is *very* robust - but it is behind a paywall in a way
#
[cleverdevil] Google Cloud DNS is awesome, too.
#
bear for some reason I still have a blindspot for that - cannot get used to the fact that Google does domains now
[kevinmarks] joined the channel
#
[kevinmarks] Google's done domains for years, they used to outsource the registry though
KartikPrabhu joined the channel
#
[cleverdevil] My biggest issue with using Google for DNS is that they're a business driven by advertising, which means I can't trust them with that data.
#
gRegorLove what is dnsimple?
#
Loqi https://dnsimple.com is a DNS provider and domain registrar https://indieweb.org/DNSimple
#
gregorlove.com edited /DNSimple (+11) "name in dfn, link /domain_registrar" (view diff)
#
gregorlove.com edited /domain_name_registrar (+15) "/* Registrars */ +DNSimple" (view diff)
#
gRegorLove what is route53?
#
Loqi https://indieweb.org/Route53
#
gregorlove.com edited /Route53 (+43) "period, links" (view diff)
#
gRegorLove what is route53?
#
Loqi Route53 is a DNS hosting service provided by Amazon https://indieweb.org/Route53
#
gRegorLove what is dnsimple?
#
Loqi DNSimple is a DNS provider and domain registrar https://indieweb.org/DNSimple
#
www.svenknebel.de edited /mf2py (-34) "new repo location" (view diff)
#
aaronpk same
#
[cleverdevil] Good plan.
#
[cleverdevil] Saves money 🙂
[eddie] joined the channel
#
[eddie] Awesome [cleverdevil] good to hear. I’m using my Domain Registrar’s DNS and then Route 53 for backup now
#
[eddie] It was nice though because even though my domain registrar is still having issues today (although they are saying it should resolve shortly), I’m back up and running because of Route 53 🙌
#
aaronpk I keep thinking about doing that but don't have a good way to keep them in sync
#
aaronpk dont at me
#
[eddie] Yeah, if they change a lot that’s tough. I pretty much never change my DNS
#
[cleverdevil] I still just use DreamHost, because I've generally had a good experience, and don't really have any pressing need to move at the moment.
#
[cleverdevil] (At least, for personal stuff).
#
[cleverdevil] I may move to Route 53 later this year, but I'm in no hurry.
eli_oat joined the channel; eli_oat left the channel
#
aaronpk wooo now I have a quick reply box in monocle!
#
[cleverdevil] 🎉
#
aaronpk it's so easy to build this now that all the pieces are in place
snarfed joined the channel
#
[cleverdevil] In other news, I've got together running on my personal website server now 🙂
#
[cleverdevil] Once [grantcodes] gets back from his travels, I'd also like to move the current hosted version to our new domain
snarfed joined the channel
#
[eddie] The building blocks are really working well together 😉
#
bear that's why I chose to work with dnsimple and route53 - both have a good api that I target my sync commands at
[tantek] joined the channel
#
aaronpk snarfed: feature request for granary.io, can you make it skip retweets in the search?
#
GWG Grrr!!!!! https://github.com/Automattic/_s/issues/1268
#
Loqi [davidakennedy] #1268 Remove Microformat Classes from CSS
#
GWG Silently screaming
#
GWG Someone please tell me why this is good?
#
KartikPrabhu because coupling styles to microformats is very fragile
#
KartikPrabhu speaking from personal experience
#
KartikPrabhu if you move around the "semantics" of microformats markup, your styles break
#
GWG KartikPrabhu: I get thart
#
GWG But they've decided to remove any mf2 because of that and recommend JSON-LD instead
#
KartikPrabhu that is not a solution
#
GWG KartikPrabhu: Hence the frustration on my part
#
KartikPrabhu well you can feel free to comment and explain to them