#dev 2021-07-01

2021-07-01 UTC
Seirdy joined the channel
# 01:17 
samwilson I'm adding TOTP to my website. Makes it feel fully proper. :-P
# 01:18 
GWG samwilson: Fun
# 01:18 
GWG HWC right now, by the way.
# 01:24 
samwilson oh now? groovy i'll join
Kaja_ and shoesNsocks joined the channel
# 03:05 
GWG The discussion question in HWC was why are tickets short lived in ticket auth?
alex_, justache, chenghiz_ and alex11 joined the channel
# 03:47 
aaronpk I was pretty sure that was documented on the wiki
# 03:56 
GWG aaronpk: I don't see it
# 04:38 
aaronpk hm I can't find it either
# 04:39 
aaronpk but the reason is because you're sending something unsolicited to someone and it's safer to send something that is short lived and single use than sending the actual access token
sebbu, capjamesg, lanodan, Seirdy, hendursaga and jamietanna joined the channel
# 08:54 
jamietanna jacky https://datatracker.ietf.org/doc/html/draft-ietf-oauth-incremental-authz may be of interest for the incremental authorization
# 08:56 
jamietanna jacky I think it's a bit early in the morning but not quite sure I get what you mean re "what's the implication of having a specialized token and authorization endpoint"
# 08:57 
jamietanna aaronpk I'm currently using `resource` indicators internally and bake them into my tokens, but it's currently unenforced in any of my services (as of now)
# 08:59 
jamietanna I think it's nice with resource indicators because if a token were to be stolen / leaked, it's harder to use it against multiple services
# 09:00 
jamietanna following the way that they work with the `resource` indicator in Ticket Auth would be good, as then we've got a well defined standard telling us how to handle URI paths
samwilson joined the channel
# 12:47 
GWG I'm thinking of doing some editing on the ticket auth page
chenghiz_ joined the channel
# 13:10 
GWG I was reading the autoauth spec and the private webmention spec and there is some explanatory language that might be helpful
# 13:12 
GWG https://indieweb.org/Private-Webmention#why_is_there_an_extra_step_of_exchanging_an_auth_code_for_an_access_token
# 13:13 
GWG This explanation is good for why a ticket as same principle
# 13:16 
aaronpk aha *that’s* what i was thinking of!
# 13:25 
GWG aaronpk: I figured
# 13:25 
GWG Also the private webmention page mentions freenode, probably should search for any other freenode mentions
# 13:26 
GWG I also reread the autoauth spec about how the client makes an authenticated request to the token endpoint to get the external token
joshproehl, capjamesg and Poorchop joined the channel
# 17:39 
Poorchop has anyone ever tried to suggest that Automattic enable Webmention by default in WordPress? that seems to be how pingbacks gained any traction
# 17:39 
Poorchop although I guess there's no easy way for them to automatically mark up submissions with microformats
# 17:41 
GWG Poorchop: Yes, I did
# 17:43 
Poorchop I'm guessing they weren't receptive
# 17:46 
GWG Poorchop: More no uptake from the commiters
# 17:46 
GWG I need to try to figure out 5.X of the Webmention plugin, which is stalled
# 17:48 
Poorchop it would be huge for Webmention if Automattic would get on board
# 17:50 
GWG Correct, there are pros and cons
capjamesg joined the channel
# 17:52 
Poorchop since setting up mentions, I started noticing that most mentions on other sites were just likes and retweets or whatever from Twitter/Mastodon/micro.blog/Facebook/etc.
# 17:52 
Poorchop kind of a bummer for those of us not on social media
# 18:07 
GWG Poorchop: We need to get more people on Indieweb readers that can reply in the same app as the reader...it would help with that
# 18:10 
GWG For example, people using Microsub are much more likely to respond with their site because it's one click
# 18:11 
Poorchop I'm not too familiar with that stuff but even I wouldn't mind if sending a mention wasn't so cumbersome
# 18:12 
Poorchop even with scripts to autogenerate things like likes and bookmarks, it's still a few steps to like something, push to my site, then go back and forth between browser and command line to paste links for sending the mention
# 18:12 
GWG That's a good place to start iterating
# 18:15 
GWG If you work to make something easier to do, people will do it
capjamesg, [tantek], [snarfed], KartikPrabhu, gRegor and [schmarty] joined the channel
# 21:02 
[schmarty] pretty jazzed about https://www.manton.org/2021/06/30/opensourcing-the-microblog.html manton++
# 21:02 
Loqi manton has 18 karma in this channel over the last year (25 in all channels)
# 21:03 
Loqi [Manton Reece] Open-sourcing the Micro.blog apps
# 21:08 
[snarfed] wow, that’s big indeed, manton++
# 21:08 
Loqi manton has 19 karma in this channel over the last year (26 in all channels)
[jacky] joined the channel
# 21:33 
[jacky] wait wait woah
# 21:33 
[jacky] wow even making it MIT too
# 21:34 
[jacky] congrats (to that launch) [manton]++
# 21:34 
Loqi [manton] has 20 karma in this channel over the last year (27 in all channels)
[KevinMarks] joined the channel
# 22:18 
[KevinMarks] https://twitter.com/philipvollet/status/1410150982621843460?s=20
# 22:18 
@philipvollet A clone version of Github Copilot.  Instead of using AI, this extension send your search query to google, retrive stackoverflow answers and autocomplete them for you. @harishkgarg https://github.com/hieunc229/copilot-clone https://www.producthunt.com/posts/captain-stack https://pbs.twimg.com/tweet_video_thumb/E5HcvmfWEAEOzeg.jpg (twitter.com/_/status/1410150982621843460)
# 22:21 
[jacky] lmfaoo
# 22:30 
[tantek] [manton]++ wow! Congrats. Now who's going to update all the articles about the micro.blog apps to note that they're now OSS? 🙂 citation: https://www.manton.org/2021/06/30/opensourcing-the-microblog.html
# 22:30 
Loqi [manton] has 21 karma in this channel over the last year (28 in all channels)
# 22:30 
Loqi [Manton Reece] Open-sourcing the Micro.blog apps
samwilson, [Murray], [aciccarello] and gRegor joined the channel; Poorchop left the channel