#dev 2022-04-07
2022-04-07 UTC
nertzy, sebbu, jacky, [timothy_chambe], trig[d], jjuran, [denschub]1, [fluffy]1, [KevinMarks]1, gRegor and mro joined the channel
# [tantek]1 tl;dr of BlueSky's "Self-Authenticated Social Protocol": trust stuff users sign with their private key per "Using public keys and content-addresses, we can sign content by the user's key to prove they created it." — so yeah, first, assume everyone has public/private keys and tools/infra to use them seamlessly, presto "Self-Authenticated Social Protocol" 🙄
# [tantek]1 Am I missing something [snarfed]?
# capjamesg[d] Continued from #indieweb...
# capjamesg[d] A web crawler could easily find a lot of those h-cards -- something like Google could find most.
# [tantek]1 Thanks capjamesg[d], much more productive discussion than my above question 😂
# [tantek]1 capjamesg[d] while at Technorati I helped build an h-card search engine that did that
# capjamesg[d] I was thinking about this after talking with a friend who isn't an active developer about the IndieWeb.
# capjamesg[d] People freely give away their information to social platforms. But large-scale aggregation is the kind of thing that might not be perceived well in the news.
# capjamesg[d] Of course, one can still be pseudonymous.
# [tantek]1 s/h-card search/hCard search
# [tantek]1 it was opt in
# [tantek]1 ooh here's the front page of the contacts search UI: https://web.archive.org/web/20070703043636/http://kitchen.technorati.com/contact/search
# [tantek]1 also hCalendar events search: https://web.archive.org/web/20070704010424/http://kitchen.technorati.com/event/search/
# [tantek]1 agreed sknebel. primarily about the content, markup is secondary
# capjamesg[d] I agree sknebel.
# capjamesg[d] That was my thought too because there is an entire discipline related to identifying information in documents.
# capjamesg[d] For me at least, posting something on Instagram feels different than it does on the web.
# capjamesg[d] Does anyone else feel like this?
# capjamesg[d] Strangely, I feel I have more control on Instagram than I do on the web. I don't really know why.
# capjamesg[d] Part of me thinks this is because I know there are so many web crawlers out there scanning and indexing the web but then again that also includes Instagram.
# capjamesg[d] The idea of a "private" website appeals to me quite a lot.
# capjamesg[d] But my website is not dynamic and I am not in the mood for a rewrite 😂
Caesar[m] and gRegor joined the channel
# petermolnar there are solutions for authorization/authentication that work as transparent proxy in front of your content, the simplest being basic http authentication (eg https://httpd.apache.org/docs/2.4/mod/mod_auth_basic.html or https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/).
mro joined the channel
# [KevinMarks]1 one of the things danah found was that people feel the web is less exposed than facebook, because facebook instantly tells your entire family what you posted, instagram will recommend your new alt account to everyone who knows you
tetov-irc and mro joined the channel
# petermolnar > instagram will recommend your new alt account to everyone who knows you - oh, that is very nice of them.
# petermolnar Zuckerberg being a somewhat functioning sociopath should really read www.roughtype.com/?p=8724 <http://www.roughtype.com/?p=8724>
# petermolnar it would help him understand humans
jacky joined the channel
# @billywhizz1970 ↩️ does anybody use indieauth these days? i played around with it a while back and liked the idea a lot. seems like it would be pretty easy to integrate with something like tailscale, but haven't thought much about possible failure modes/attack vectors.
https://en.wikipedia.org/wiki/IndieAuth (twitter.com/_/status/1512029247384301568)
# capjamesg[d] I am going to experiment with having a private section on my website. Let's see what happens 🙂
mro and jacky joined the channel
# @mauricerenck Finally the #kirbycms IndieConnector plugin allows you to cycle through the webmention stats:
https://github.com/mauricerenck/indieConnector (twitter.com/_/status/1512038478485282820)
mro and Asaf_Agranat[d] joined the channel
# [timothy_chambe] #Bluesky issues it’s first description of what it’s building….https://t.co/qOe3f2TaAF
# [KevinMarks]1 if mastodon has supported account migration by using 301 redirects like we told them to originally, that example wouldn't work
# [tantek]1 aaronpk++ exactly
walkah joined the channel
# Loqi [kevinmarks] The way to connect accounts is XFN - rel information on links. You use [rel=me](http://microformats.org/wiki/rel-me) to say "this is also me" and if both urls do that to each other it's confirmed.
rel="friend" will do for following (there are other...
mro joined the channel
gRegor joined the channel
# [tantek]1 !meme historyguy: So, "Public Key Cryptography"
# jeremycherfas Anyone here into OSMap? They are re-starting meetings near me https://osmcal.org/event/1287/ and I would like to know what to tell them to add to the event markup so that my IndieWeb RSVP shows up?
# [tantek]1 use Meetable?
# jeremycherfas That might be a stretch as they already have a system in place, but worth a try.
# [tantek]1 half-joking, my initial guess is that they’re using a wiki-like backend for this which is kinda sorta what we used to do
# jeremycherfas There is some ld+json in the source, so they're doing that much. No sign of an endpoint thought.
# jeremycherfas If I am able to go, I will float the idea of doing something. And yes, it does look a lot like a wiki thing of some sort.
mro joined the channel
# jeremycherfas It is quite fun, and also quite difficult because it is complicated. I like checking entries when I am somewhere and have a few minutes.
# [tantek]1 [jeremycherfas]++ the folks that contribute to OSM are amazing
# jeremycherfas I don't deserve kudos for the little I do. Though I did update a street near me that went one-way overnight.
# jeremycherfas is trying to remember why I copied rather than cloned Compass and whether I can fix that easily after the event.
# [KevinMarks]1 OSM is great. There's an app called Street Complete that asks you about places you pass to correct their signage and road type etc. I've also added various footpaths and so on to it
# jeremycherfas I use the ios app Go Map
# jeremycherfas Yeah. I haven't actually added myself as I cannot see a Maybe.
# [aciccarello] Or you just get _really_ active so there's so much editing you can't tell where someone's house is 😉
mro joined the channel
# [aciccarello] jacky, just saw the "now" link on your site header. Very engaging!
# [aciccarello] I haven't bothered with a /now page yet as I don't think I'd update it often enough.
# [tantek]1 yeah, seemed like work
# [snarfed] [KevinMarks] just fyi, looks like kevinmarks.com is now serving a Heroku wildcard SSL cert, which doesn't match your domain. that will cause problems, eg Bridgy webmentions are no longer going through: https://brid.gy/twitter/kevinmarks
# [tantek]1 jacky++ for https://jacky.wtf/thoughts-bluesky-social-protocol
# [tantek]1 That needs to be IndieNewsed
# [tantek]1 lol just noticing that BlueSky messed up their date slug with a 3 instead of a 4
# [tantek]1 the 3-6-2022 here (though actual article was written 4-6-2022) https://blueskyweb.xyz/blog/3-6-2022-a-self-authenticating-social-protocol
# [tantek]1 what is DRY
# Loqi DRY is an acroynm for Don't Repeat Yourself https://indieweb.org/DRY
# [tantek]1 aaronpk, I believe it is "lazy American date format"
# jamietanna If you do a /now page and get it on the official site, they tweet out your page regularly, so it's a good reminder to update it :)
# [tantek]1 made an example of that BlueSky post permalink: https://indieweb.org/URL_design#DRY_violation
# [KevinMarks]1 [snarfed] I don't have https setup because too many subdomains from different servers, but somehow people link to https anyway
gRegorLove_ joined the channel
# [KevinMarks]1 I should shave the https yak somehow, but it is a faff
# sknebel (assuming you use paid heroku it seems like they added it by default for setups created after a certain date, but old ones need to update? https://devcenter.heroku.com/articles/automated-certificate-management )
mro and ShinyCyril joined the channel
# [KevinMarks]1 i use aws for route53, but would need separate certs for subdomains. I can serve my site as www to get around that
Ruxton, Jeremiah[d], tracydurnell[d], indieweb-irc-bri, hoenir, balupton[d], capjamesg[d], Nan[d], shaunix[d], wackycity[d], corenominal[d], jacky and laker[d] joined the channel
# [fluffy]1 I’ve been chatting with some folks from the Resonate music streaming cooperative as one of their goals is to have a music streaming platform as a federated/distributed thing. This thread started out as a critique of Funkwhale (yet another “fediverse” attempt at doing this sort of thing) but then quickly drifted over to IndieWeb-adjacent things: https://community.resonate.is/t/funkwhale/2874
mro joined the channel
# [tantek]1 huh? never heard of "Co-op Credentials"
# [tantek]1 and jacky, which "WebID" lol
# [fluffy]1 This post in particular talks about that stuff with some handy links: https://community.resonate.is/t/funkwhale/2874/7?u=fluffy
# jacky https://github.com/w3c-ccg/w3c-ccg.github.io is what I'm following
# [tantek]1 ah, CCG I'm familiar with. never heard it called "Co-op"
# jacky https://coopcreds.com/ looks nice
# jacky some interesting points made at https://coopcreds.com/the-problems/
balupton[d], hoenir, Jeremiah[d] and tracydurnell[d] joined the channel
corenominal[d], capjamesg[d], Nan[d], shaunix[d], wackycity[d] and indieweb-irc-bri joined the channel
samhenrigold[d] and hepphepp[d] joined the channel
gRegor joined the channel
# gRegor Was just playing with the FB Share Debugger. It falls back to `meta name=description`, so I don't think we need this bit on https://indieweb.org/The-Open-Graph-protocol#How_to_set_description
# [tantek]1 key phrase there: "just for Facebook in particular"
laker[d] joined the channel
# [KevinMarks]1 it's the partialsilos trick
# jacky 100% going down https://github.com/indieweb/microsub/issues and replying to what makes sense as well as updating my list of things to implement when it makes sense to
mro and ShinyCyril joined the channel
# [schmarty] jacky++
# [KevinMarks]1 A fix for twitter embed fail https://twitter.com/markjaquith/status/1512156984774213639?s=20&t=2QRUYpgwiOCrmx0BGO7K-g
# @markjaquith @kevinmarks @film_girl Yep! Unfortunately they use CORS so I had to proxy that check through a Cloudflare Worker. Here's a proof of concept of a Tweet Saver script that only renders tweets that still exist. 404 ones will keep the blockquote. https://codepen.io/markjaquith/pen/gOovNPR?editors=1010 (twitter.com/_/status/1512156984774213639)
dovedozen[d] and jacky joined the channel
Asaf_Agranat[d], jacky, cygnoir[d] and aspenmayer[d] joined the channel
# Caesar[m] Hey all, hope this is the right place to ask… can anyone tell me what the `p-` and `u-` prefixes on h-card properties are? Doesn't seem to be documented anywhere. I'm guessing a data type because most of the `u-` seem to be URLs, and I also see `dt-bday` which is obviously a date. But I can't think what data type `p-` could be…
# [tantek]1 they are parsing directives, not data types. see https://microformats.org/wiki/microformats2-prefixes
tetov-irc joined the channel
# [tantek]1 u-key means parse the property as a URL. either way the result is a string
adstew joined the channel
# [tantek]1 the author is the one choosing to put "u-propertyname" vs "p-propertyname" so the author is choosing how they want it parsed and thus what they are supposed to do
# Caesar[m] Oh, so the list at https://microformats.org/wiki/h-card#Properties is not exhaustive?
# [tantek]1 the list of properties is exhaustive for that vocabulary. which parsing prefix an author uses is up to the author, the ones shown are typical uses, others may have other uses
# jacky yup! and this reminds me to update https://jacky.wtf/contact
# Loqi OpenPGP (Pretty Good Privacy) is a message exchange format that uses public key cryptography to enable people to exchange encrypted and/or signed data; on the IndieWeb, you can use PGP to setup your IndieAuth without depending on any silos https://indieweb.org/pgp
# Caesar[m] I didn't see anything specific to PGP at https://microformats.org/wiki/h-card
# jacky okay so the linking I got from https://indieweb.org/OpenPGP#Link_to_your_public_key for sure
# [tantek]1 there is "key" from the h-card (originally vCard) vocabulary but we haven't seen a lot of uptake of consuming code and thus people publishing it
# [tantek]1 everything else is experimentation at best
# [tantek]1 https://microformats.org/wiki/h-card notes u-key for linking to a separate standalone public key file "cryptographic public key e.g. SSH or GPG" — I could mention "PGP" there explicitly as well
# [tantek]1 need to fix the h-entry on microformats specs at least to be about the spec, not the editor
# [tantek]1 and property name is the wrong place to put type information like "pgp"
# [tantek]1 this is why it's a u-key, to point to a file that can be returned with the right mime type for pgp
# [tantek]1 or for p-key, the text value should be properly "armored" (I believe that's the term) to contain discoverable type information for PGP
# [tantek]1 either way, in no case does it make sense to have "p-pgp-fingerprint" as a standard property. please don't use that
# [KevinMarks]1 https://github.com/markjaquith/stabletweet/
gRegor joined the channel
jacky joined the channel