#social 2015-03-13

2015-03-13 UTC
the_frey, bblfish, SimonTennant, Augier, jaywink and elf-pavlik joined the channel
#
elf-pavlik bblfish, melvster can you please help fkooman with IndieCert <-> WebID compatibility? https://github.com/fkooman/indiecert/issues/6
#
elf-pavlik s/WebID/WebID+TLS/
#
elf-pavlik doesn't want to propagate confusion on WebID = WebID+TLS
danbri and RRSAgent joined the channel
#
RRSAgent logging to http://www.w3.org/2015/03/13-social-irc
#
tantek IRC sucks in many ways... for example very week identity as we see here
#
Loqi tantek: elf-pavlik left you a message on 3/11 at 4:50am: re: https://www.w3.org/Social/track/actions/35 I left you a note there long time ago (> a month) + just added it to F2F agenda
#
Loqi tantek: elf-pavlik left you a message 1 day, 11 hours ago: I added note about HTTP 404 for http://microformats.org/profile/h-adr etc. in https://www.w3.org/Social/track/actions/41 http://socialwg.indiewebcamp.com/irc/social/2015-03-11/line/1426113087794
#
tantek also someone else can pick you messages and you don't see them :S
#
elf-pavlik enough! ;)
#
elf-pavlik !tell tantek re: https://www.w3.org/Social/track/actions/35 I left you a note there long time ago (> a month) + just added it to F2F agenda
#
Loqi Ok, I'll tell him that when I see him next
#
elf-pavlik rrsagent, draft minutes
#
RRSAgent I have made the request to generate http://www.w3.org/2015/03/13-social-minutes.html elf-pavlik
#
ben_thatmustbeme Elf-pavlik. Its also HIGHLY offensive and quite disruptive top do what you just did
#
elf-pavlik rrsagent, make records public
#
RRSAgent I have made the request, elf-pavlik
#
elf-pavlik rrsagent, bye
#
RRSAgent I see no action items
#
elf-pavlik ben_thatmustbeme, i logged that and of course will share with tantek and others
#
elf-pavlik just making point that as in email i sign all the messages IRC doesn't allow it :(
#
ben_thatmustbeme The point can be made without doing it though
#
ben_thatmustbeme Could have left messages for a fake account. Etc
#
ben_thatmustbeme Also your case should then be with w3c to include a nickname auth service
#
elf-pavlik sure, i think showing how easy one can mess with IRC identity here makes stronger pint
#
elf-pavlik and as you see we have it logged both - by RRSagent and Loqi
#
ben_thatmustbeme Rooms can be configured not allow a person to talk unless they have authenticated to nickserv
#
elf-pavlik ben_thatmustbeme, how do you tell if someone authenticated with irc.w3.org?
#
elf-pavlik issue-19
#
trackbot is looking up issue-19.
#
trackbot issue-19 -- WG communication channel explosion -- raised
#
trackbot http://www.w3.org/Social/track/issues/19
#
elf-pavlik i'll add links to logs of this 'incident' in that issue
#
elf-pavlik done!
#
elf-pavlik !tell tantek I added to issue-19 logs showing where i impose your identity on this channel - just for the sake of showing the issue! https://www.w3.org/Social/track/issues/19
#
Loqi Ok, I'll tell him that when I see him next
#
elf-pavlik ben_thatmustbeme, AFAIK also logs don't show if someone authenticated nickname or not
#
elf-pavlik BTW have you taken a look at Linked Data Signatures? https://www.youtube.com/watch?v=QdUZaYeQblY
#
elf-pavlik to #selfdogfood i'll start signing my social data as soon as i start publishing it on my independent webspace https://github.com/digitalbazaar/jsonld-signatures
#
elf-pavlik yesterday i moved to new VM and now i can start deploying there
RRSAgent joined the channel
#
RRSAgent logging to http://www.w3.org/2015/03/13-social-irc
#
elf-pavlik RRSAgent, draft minutes
#
RRSAgent I have made the request to generate http://www.w3.org/2015/03/13-social-minutes.html elf-pavlik
#
elf-pavlik RRSAgent, bye
#
RRSAgent I'm staying, elf-pavlik; no access has been specified for the meeting record
#
elf-pavlik RRSAgent, make records public
#
RRSAgent I have made the request, elf-pavlik
#
elf-pavlik RRSAgent, bye
#
RRSAgent I see no action items
#
elf-pavlik now log includes <ben_thatmustbeme> Elf-pavlik. Its also HIGHLY offensive and quite disruptive top do what you just did
#
elf-pavlik ben_thatmustbeme++
#
Loqi ben_thatmustbeme has 51 karma
SimonTennant joined the channel
#
ben_thatmustbeme elf-pavlik++ for moving toward selfdogfood
#
Loqi elf-pavlik has 10 karma
#
ben_thatmustbeme no, i haven't watched them yet, I saw your list of video links
#
ben_thatmustbeme when I have time I'll paruse them.
#
ben_thatmustbeme I actually want to work with some people at IWC to get private posts going server to server securely. Anyone with HTTPS basically already has a public key signature on their posts
#
ben_thatmustbeme but our previous attempts to do server to server open a security issue in server-server comms
#
ben_thatmustbeme also re: changing your name to another person in IRC, You can do a similar something in email and have been able to for a very long time. Many email servers go through a lot of testing to say that a person is probably an imposter based on headers, but its really not perfect
#
ben_thatmustbeme and really depends on the setup of the spoofed sender's domain to secure it in ways that many people don't do
#
elf-pavlik ben_thatmustbeme, agreed but notice that I sign my emails, also harry and few other people do so!
#
elf-pavlik recalls to invite https://nitrokey.com to IndieWebCamp in Düsseldorf
#
ben_thatmustbeme most people don't ever validate signatures in email
#
ben_thatmustbeme many wouldn't even notice if it was missing
#
ben_thatmustbeme especially since people will have different signatures based on client they are using. e.g. "Sent from my iPhone"
#
ben_thatmustbeme include that at the end of an email and most people will forgive any change in signature
#
ben_thatmustbeme even forgive spelling errors or anything that looks amiss assuming instead that it is errors on mobile
#
ben_thatmustbeme oh and re authentication, the server will report it if configured for it, Freenode does. Most clients don't bother
#
ben_thatmustbeme messages from the server to the client contain a boolean for authed or not
elf-pavlik joined the channel
#
elf-pavlik ben_thatmustbeme, does Loqi keep track on those booleans?
#
ben_thatmustbeme on #indiewebcamp, don't know, in here he can't
#
ben_thatmustbeme i don't believe he does though
#
ben_thatmustbeme anyone with any options set, ops/halfops/voice needs to be authed to nickserv first though i believe
bblfish, danbri1, shepazu, AdamB, Augier, danbri and jaywink joined the channel
#
rhiaro just boarded a flight to Toronto, which is somewhat closer to Cambridge ^^
bblfish, harry, the_frey, jaywink, the_frey_ and Guest joined the channel
#
Loqi Tantekelik made 1 edit to [[Socialwg/Social API/Candidates]] https://www.w3.org/wiki/index.php?diff=82832&oldid=82703
#
Loqi Tantekelik made 1 edit to [[Socialwg/2015-03-17]] https://www.w3.org/wiki/index.php?diff=82833&oldid=82770
#
Loqi Tantekelik made 3 edits to [[Socialwg/2015-03-17]] https://www.w3.org/wiki/index.php?diff=82836&oldid=82833
tilgovi joined the channel
#
Loqi Tantekelik made 1 edit to [[Socialwg/Social API/Candidates]] https://www.w3.org/wiki/index.php?diff=82837&oldid=82832
bblfish joined the channel
#
Loqi Tantekelik made 1 edit to [[Socialwg/Social API/Candidates]] https://www.w3.org/wiki/index.php?diff=82838&oldid=82837
#
Loqi Tantekelik made 1 edit to [[Socialwg/2015-03-17]] https://www.w3.org/wiki/index.php?diff=82841&oldid=82836
the_frey joined the channel
#
Loqi Tantekelik made 2 edits to [[Socialwg/2015-03-17]] https://www.w3.org/wiki/index.php?diff=82843&oldid=82841
tantek, harry and shepazu_ joined the channel
#
Loqi Tantekelik made 2 edits to [[Socialwg/Social API/Requirements]] https://www.w3.org/wiki/index.php?diff=82845&oldid=81134
#
tantek fascinating - first time today I am joining this channel and see that there have been earlier posts masquerading as my IRC nickname "tantek"
#
Loqi tantek: elf-pavlik left you a message 11 hours, 46 minutes ago: re: https://www.w3.org/Social/track/actions/35 I left you a note there long time ago (> a month) + just added it to F2F agenda http://socialwg.indiewebcamp.com/irc/social/2015-03-13/line/1426242272076
#
Loqi tantek: elf-pavlik left you a message 11 hours, 37 minutes ago: I added to issue-19 logs showing where i impose your identity on this channel - just for the sake of showing the issue! https://www.w3.org/Social/track/issues/19 http://socialwg.indiewebcamp.com/irc/social/2015-03-13/line/1426242785978
#
tantek ah I see elf-pavlik did that ok - glad to see it was only for open demonstration purposes and nothing intentionally nefarious ;)
#
tantek perhaps this is a use-case for POSSEing to IRC!
#
tantek continues reading logs
#
Guest https://github.com/gobengo/activity-mocks
#
Loqi Bwerdmul made 1 edit to [[Socialwg/2015-03-17]] https://www.w3.org/wiki/index.php?diff=82846&oldid=82843
#
tantek !tell elf-pavlik note that SMTP provides no such authentication either, thus anyone can configure their email client to pretend to be anyone on W3C mailing lists. And sadly, that looks more "official" because email has a more "formal" UI, thus is more capable of harm.
#
Loqi Ok, I'll tell them that when I see them next
#
aaronpk heh should I demonstrate that for elf?
#
tantek he claims to sign his email messages http://socialwg.indiewebcamp.com/irc/social/2015-03-13/line/1426242335166
#
tantek haven't verified that claim
#
aaronpk I do see "signature.asc" attachments in his emails to the list
#
tantek I wonder how many people do that
#
aaronpk the more important question is how many people verify the signatures
#
tantek and pretty sure if someone pretended to be sending from his email address, *without* a signature.asc, that he would claim that it it's not him
#
aaronpk how to use PGP to verify an email is authentic: http://xkcd.com/1181/
#
tantek lol
tantek and harry joined the channel
#
Loqi Tantekelik made 1 edit to [[Socialwg/2015-03-17]] https://www.w3.org/wiki/index.php?diff=82847&oldid=82846
#
Loqi Tantekelik made 1 edit to [[Socialwg/2015-03-17]] https://www.w3.org/wiki/index.php?diff=82848&oldid=82847
harry joined the channel