#social 2016-11-17

2016-11-17 UTC
KevinMarks, jasnell, KevinMarks2, timbl, tantek and jasnell__ joined the channel
#
@schjlatah I wonder how @JSONMOON, @Socialcast, et.al feel about the #ActivityStreams2 spec. https://medium.com/@jasnell/activity-streams-2-0-70881f866935%23.ryb6aejf8 https://www.w3.org/TR/activitystreams-core/ (twitter.com/_/status/799122879103107072)
KevinMarks, KevinMarks2, tantek, shepazu, timbl, swwg_laptop and swwg_laptop_ joined the channel
#
tantek Good morning #social!
#
cwebber2 hi
#
aaronpk https://talky.io/socialwg
julien and sandro_ joined the channel
#
tantek cwebber2: hey can you try talky ^^^ ?
mattl joined the channel
#
rhiaro ohai I found a CR https://www.w3.org/TR/activitypub/
#
Loqi [Christopher Allan Webber] ActivityPub
#
aaronpk wow good timing
#
cwebber2 rhiaro: YAY
#
Loqi :D
#
cwebber2 hm, can't find my webcam... talky.io doesn't seem to want to let me in with just microphone...
#
aaronpk oh gosh
#
aaronpk k i can run some other thing here
#
aaronpk will try appear.in, one sec
#
aaronpk https://appear.in/socialwg
#
tantek trackbot, start meeting
#
RRSAgent logging to http://www.w3.org/2016/11/17-social-irc
RRSAgent joined the channel
#
trackbot is preparing a teleconference.
#
trackbot RRSAgent, make logs public
Zakim joined the channel
#
RRSAgent I have made the request, trackbot
#
trackbot Zakim, this will be SOCL
#
Zakim ok, trackbot
#
trackbot Meeting: Social Web Working Group Teleconference
#
trackbot Date: 17 November 2016
#
ben_thatmustbeme scribenick: ben_thatmustbeme
#
tantek present+
#
aaronpk present+
#
sandro present+
#
rhiaro present+
#
ben_thatmustbeme present+
#
julien present+
#
ben_thatmustbeme chair:tantek
#
ben_thatmustbeme chair: tantek
#
cwebber2 present+
#
sandro present+ evanp
#
cwebber2 (but text only currently, my own fault)
#
sandro https://www.w3.org/wiki/Socialwg/2016-11-17
#
Loqi Social Web WG Face to Face Meeting at MIT (F2F8)
#
ben_thatmustbeme tantek: we have 5 clusters of topics to discuss, PR transitions, CR transitions, WD updates or note transitions, group continuity or transition to CG, or other business
#
csarven present+
#
ben_thatmustbeme ... we have one request form csarven to discuss LDN tomorrow, that seems fine since he is only here tomorrow
#
csarven Not present completely. Will watch out for keyword highlights.,
#
ben_thatmustbeme evan: if its okay i'd like to discuss AS2 tomorrow as well so i can handle some issues first
#
csarven Yes, I'd appreciate if LDN is tomorrow.
#
ben_thatmustbeme tantek: are there any other specific scheduling concerns?
#
cwebber2 I have to drive my wife to an event tomorrow, but let me check the time
#
ben_thatmustbeme ... i think we should sort by priorty, but if any preferences
#
ben_thatmustbeme eprodrom: i think we should discuss contintuity to inform our other decisions on what we are doing with these in the future
#
ben_thatmustbeme tantek: that sounds good, lets put that down for 10 today
#
cwebber2 the thing is at 5pm tomorrow, so it should be fine
#
aaronpk cwebber2, I opened an appear.in URL (see above) if you want to try that
#
ben_thatmustbeme ... anotherway to look at things is to tackler harder things in the morning since we are all fresh
#
ben_thatmustbeme ... the one obvious candidate is pubsub
#
ben_thatmustbeme julien: there is one issue that is a bit complicated, but it would be good for group feedback
#
ben_thatmustbeme ... the correct solution might be to do nothing
eprodrom joined the channel
#
eprodrom present+
#
ben_thatmustbeme sandro: Is cwebber2 on audio, wondering how much stuff we have on activitypub
#
cwebber2 I'm not on audio unfortunately, I can't seem to get my setup working
#
ben_thatmustbeme tantek: i'm going to suggest after continuity, we do pubsub next
#
cwebber2 my fault for running a fringe GNU/Linux distribution using modified browsers and missing my webcam :P
#
ben_thatmustbeme ... and then activitypub and micropub after that
#
ben_thatmustbeme ... so i guess all the pubs first
#
cwebber2 I will watch irc closely and participate here, sorry for the non-ideal participation :(
#
mattl cwebber2: try your phone with talky? assuming you have a camera there
#
cwebber2 mattl, my phone's microphone broke! but I'll try my wife's
#
cwebber2 everything is breaking!
#
ben_thatmustbeme cwebber2 make sure you use the appear.in link
#
ben_thatmustbeme we switched to that since you don't have a camera
#
ben_thatmustbeme cwebber we can hear you
#
ben_thatmustbeme \o/
#
ben_thatmustbeme tantek: we had some comments from mozilla (publicly) on webmention
#
ben_thatmustbeme ... not officially yet but on their internal messaging
#
ben_thatmustbeme https://appear.in/socialwg
#
ben_thatmustbeme eprodrom: for those of us not as familliar with the process, whats the process from here?
#
ben_thatmustbeme tantek: the voting period is open, its closes on the 30th and it goes by one formal objection can slow it or potentially kill it
#
ben_thatmustbeme ... usually its pretty bad form to have problems raised at that point unless its more beurocratic
#
ben_thatmustbeme ... or possible "good, but please fix X"
#
ben_thatmustbeme ... if you do know any w3c members, encourage them to take a look
#
sandro https://www.w3.org/2002/09/wbs/33280/webmention/
#
sandro (access controlled -- only for W3C AC reps)
#
ben_thatmustbeme tantek: how long for continuity?
#
aaronpk swwg_laptop_: https://chat.indieweb.org/social
#
ben_thatmustbeme eprodrom: 30 minutes should be good
#
ben_thatmustbeme tantek: julien, how long for pubsub?
#
ben_thatmustbeme julien: i think 30 minutes
#
ben_thatmustbeme ooh look picutres
#
ben_thatmustbeme tantek: cwebber2, aaronpk, eprodrom, any preference for which we talk about first and how much time?
#
ben_thatmustbeme aaronpk: i don't care, i don't have any open issues
#
ben_thatmustbeme tantek: its also to discuss what you need to move forward
#
ben_thatmustbeme cwebber2: i'd prefer to go second
#
ben_thatmustbeme test
#
rhiaro https://www.w3.org/blog/news/archives/5976
#
rhiaro ActivityPub ^
#
sandro https://www.w3.org/wiki/Socialwg/push-name
#
ben_thatmustbeme tantek: ok, i think we have everything through lunch scheduled, lets go ahead and start with that, if we need more time on things we can take more time and movethings around
#
ben_thatmustbeme TOPIC: group continuity / SWICG
#
ben_thatmustbeme tantek: we already resolved to create the group and Ann offered to do that, and consolidate all the other community groups
#
ben_thatmustbeme ... there are several of them
#
rhiaro https://www.w3.org/wiki/Socialwg/push-name#Hubbub
#
ben_thatmustbeme ... first question, where are we with that group, is it created yet?
#
ben_thatmustbeme aaronpk: cwebber2 and I offered to chair the group. I am happy to do the actual submission, write up the group description
#
ben_thatmustbeme ... we need a short name
#
ben_thatmustbeme tantek: SWICG?
#
ben_thatmustbeme aaronpk: CG probably shouldn't be in there, its like ATM Machine
#
ben_thatmustbeme tantek: some other groups do that already
#
ben_thatmustbeme ... web platform incubater community group. look at them for an example, look at existing groups and try to incorporate them
jasnell and timbl joined the channel
#
tantek FYI: https://wicg.io/
#
tantek (still up)
#
ben_thatmustbeme eprodrom: there is ostatus group, activitypub, others
#
ben_thatmustbeme ... the activitypub one should probably be closed. the activity streams one could still be open since we have work to do
#
ben_thatmustbeme ... well these are at CR, but if there are things we think should be included and incubated, those would be good for the community group.
#
cwebber2 the laptop on the table has disconnected apparently
jasnell_ joined the channel
#
ben_thatmustbeme ... the incubator group can continue to add extensions and add features to the specs we've defined
#
cwebber2 I can't hear anything, though I see the other webcam visually moving still
#
ben_thatmustbeme eprodrom: with AS, when we talked about extensibility, we talked about adding it to the namespace, which means there is some document maintinance
#
ben_thatmustbeme tantek: so part of it should probably be messaging all those other groups to tell them there is a community group that was not active and they may want to look at this group
#
ben_thatmustbeme sandro: I can imagine ppl being annoyed by that because they only want to follow one technology
#
ben_thatmustbeme tantek: i don't think anyone will really care since these groups are pretty much dead
#
ben_thatmustbeme sandro: if someone complains i think it would be good to keep the group open and maybe just have some major updates
#
ben_thatmustbeme tantek: i think that makes it worse as it looks like the discussion is there, but it isn't
#
ben_thatmustbeme ... i think we should include that the description
#
ben_thatmustbeme tantek: in this group most of the discussion takes place on github, is that something we want to keep for the CG?
#
ben_thatmustbeme .. how does cwebber2 feel about that?
#
rhiaro scribenick: rhiaro
#
cwebber2 I'm fine with it
#
cwebber2 but, the laptop disconnected
#
cwebber2 so I can't hear/speak
#
rhiaro tantek: THe web platform incubator group is not using the email list for the CG as well. That's clearly an option for us
#
cwebber2 I'm talking, not sure I'm heard, but I'm not saying anything other than trying to be heard
#
rhiaro ... We also had tension in this group over use or non-use of email, so we should be explicit rather than ambiguous about it
#
tantek we are not hearing you cwebber2
#
aaronpk one sec
#
tantek apparently both talky and appear in didn't work for us for different reasons
#
ben_thatmustbeme scribenick: ben_thatmustbeme
#
cwebber2 I see a "mute" icon on both participants
#
ben_thatmustbeme cwebber2 can you hear us?
#
cwebber2 nope
#
cwebber2 is the microphone enabled on yours?
#
aaronpk it's saying it's not able to send audio
#
aaronpk cwebber2, does hangouts work for you? or even a phone number?
#
cwebber2 I can call in
#
cwebber2 how about I call in for activitypub and then closely track irc otherwise
#
aaronpk call me directly, i'll PM you my number
#
ben_thatmustbeme tantek: i think that gives you some next steps for the incubator group?
#
ben_thatmustbeme cwebber2: we were asking if cwebber2 was okay with using github and no mailing list
#
mattl use GitLab ;)
#
ben_thatmustbeme s/cwebber2:/aaronpk:/
#
ben_thatmustbeme cwebber2: i'm okay with it, but its a little ironic
#
ben_thatmustbeme tantek: we are just saying we are specifically NOT using the mailing list
#
sandro existing CG that look related to me: activitypub, fed soc web, pubsubhubbub, ostatus, microposts, social business
#
ben_thatmustbeme ... i think the community group gets to specify an IRC channel
#
ben_thatmustbeme aaronpk: i think we should continue to use #social
#
ben_thatmustbeme ... it does mean the logs are shared though, if thats good or bad i don't know
#
ben_thatmustbeme tantek: since its a continuation of us, i think thats fine
#
ben_thatmustbeme ... i think that gives you enough time to write everything up and we can take a look tomorrow possibly
#
ben_thatmustbeme ... or later today maybe
#
ben_thatmustbeme tantek: that takes care of the community group portion. now for continuity
#
ben_thatmustbeme sandro: one thing is that when we took on pubsub, we are legally required to extend the group
#
ben_thatmustbeme ... the waiting period requirements makes it required
#
ben_thatmustbeme ... we don't actually have to do anything other than the mechanical things (assuming no issues come up)
#
ben_thatmustbeme ... that makes it pretty easy to continue some things if we need to
#
ben_thatmustbeme ... the administartion is ok with extending the charter for that reason
#
ben_thatmustbeme aaronpk: the winter break also messes things up as well
#
ben_thatmustbeme sandro: i think as long as we got to PR before christmas we were going to be fine
#
ben_thatmustbeme tantek: the publication morritorium starts the 18th, which means the last day ........ etc etc
#
ben_thatmustbeme sandro: yeah, letting that slide to january makes a lot of sense
#
ben_thatmustbeme tantek: you need at least a week before to schedule transition calls, plus the CRs don't end until the 13th for LDN and AP
#
ben_thatmustbeme rhiaro: we could make it happen but its a lot less stressful to do it in january
#
ben_thatmustbeme tantek: so we have to request an extension, do we have to specify additional things?
#
cwebber2 q+
#
Zakim sees cwebber on the speaker queue
#
ben_thatmustbeme sandro: we can probably find out more about what exactly we need for that in the next day or two
#
ben_thatmustbeme ... mostly its for us, do we want to be at a point where we need telcons?
#
ben_thatmustbeme rhiaro: also that will overlap with the CG, is that okay or do we want wait?
#
ben_thatmustbeme tantek: i think its good to have some overlap
#
ben_thatmustbeme sandro: do we want to try to do a webinar. tutorials on what exists already, "this is what webmention is, heres how to use it" etc for each of our specs?
#
ben_thatmustbeme ... its a lot of energy
#
ben_thatmustbeme tantek: i'd say we wait until after PR
#
ben_thatmustbeme aaronpk: this sounds like my talk at open source bridge, i went through a brief overview of the group
#
cwebber2 q-
#
Zakim sees no one on the speaker queue
#
ben_thatmustbeme tantek: i think for the rest of the agenda, we talkabout how much we want to go past the end of the year
#
tantek q?
#
Zakim sees no one on the speaker queue
#
ben_thatmustbeme eprodrom: so we are expecting to go to at least april with our group, and we expect to have a CG that will continue indefinitely
#
ben_thatmustbeme tantek: i think we should be clear that everything else should be finished up by january, and the rest is really just for pubsub mainly. its not like we are trying to cram a bunch of other things in there
#
ben_thatmustbeme tantek: and we're not expecting to be doing an F2F after now, right?
#
ben_thatmustbeme sandro: I don't think so, the big question, what happens if someone points out a BIG issue with one of our specs that has to go through the whole cycle again
#
ben_thatmustbeme eprodrom: for us as a group, would it be fair to say, after jan 1, we have telcons as needed
#
ben_thatmustbeme tantek: i'm going to guess we'll want to do them at least monthly?
#
ben_thatmustbeme rhiaro: monthly 4am phone calls will be preferable to weekly 4am phone calls for me
#
ben_thatmustbeme tantek: presumably we can still get staff contact time for the extension? and the chairs will be able to commit to having time?
#
ben_thatmustbeme eprodrom: yes, i can commit to being around for that
#
cwebber2 q+
#
Zakim sees cwebber on the speaker queue
#
ben_thatmustbeme sandro: staff contact time will be fine
#
ben_thatmustbeme cwebber2: we can ge tto this in the AP time, but as AP has the most amount of work to do, i don't want to completely discount work on AP after Jan1
#
ben_thatmustbeme tantek: thats certainly something we need to talk about, and making that kind of request is important, we'll go over that schedule when we get to AP
#
ben_thatmustbeme ... anything else on group continuity / incubation group?
#
ben_thatmustbeme ... as we discussed, any impact on continuity is something the editor should bring up when we discuss them
#
ben_thatmustbeme TOPIC: 10 minute break
#
csarven [16:22:41] <ben_thatmustbeme> eprodrom: so we are expecting to go to at least april with our group, and we expect to have a CG that will continue indefinitely --- Is this agreed? April is the extension?
#
aaronpk we still have to request it
#
csarven What will be requested?
#
aaronpk it's not just up to us
#
tantek csarven: we will be requesting a charter extension for PubSub in particular
#
csarven "We'd like request to extent until May 31?"
#
tantek until April-ish
#
csarven Ok
#
tantek per IP requirements for PubSub FPWD + CR disclosure periods
#
tantek given that, we need to be specific about how much time (if any) any of our other specs need to complete CR & PR
#
tantek and we will be discussing that, per spec, while we are discussing next steps for each spec during its slot on the agenda
#
tantek there was a vague discussion about trying to get everything else (not yet in PR) into PR in January
#
tantek but we'll figure out the specifics for each spec in depth during today & tomorrow
#
csarven ok, so all specs need to wrapup by April or wahtever
#
csarven and that it is PubSub that needs the most time.. hence the extension being that long..
#
csarven otherwise it is maybe another month or so.. did I understand that correctly?
#
csarven Sorry I'm not on the call.
#
tantek csarven, no problem.
#
tantek that's roughly correct. there's a strong preference to wrap up our other specs in January, however we will discuss each spec in particular and figure out its particular needs.
#
ben_thatmustbeme <ben_thatmustbeme> its not like the arbitrarily chose April, we have to give a certain amount of time for IP exclusions, since that period is still going on for pubsub, we need to extend
#
ben_thatmustbeme <ben_thatmustbeme> that gives us the opportunity to finish dotting i's and crossing t's on other specs, but we want to be clear that we are not just trying to cram a bunch of other new stuff in by extending
#
cwebber2 btw, I assume #social is a pretty welcome place in general to invite people hoping to implement socialwg specs?
#
cwebber2 or should I encourage people to join another channel
#
ben_thatmustbeme scribenick: none
#
ben_thatmustbeme that will make things a bit easier on me
#
ben_thatmustbeme cwebber2, i would say thats fine, especially if we are going to suggest this as the IRC for the CG
#
ben_thatmustbeme and you will be co-chair
#
cwebber2 ben_thatmustbeme, cool, thx for your input
jasnell joined the channel
#
rhiaro scribenick: rhiaro
#
rhiaro TOPIC: PubSub
#
rhiaro tantek: Most complicated issue?
#
rhiaro julien: the signature one
#
aaronpk https://github.com/w3c/pubsub/issues/36 and https://github.com/w3c/pubsub/issues/43
#
rhiaro ... How do we ensure that requests coming from the hub to the subscribers (that are not content) are actually coming from the hub
#
rhiaro ... It was suggested that we use a signature mechanism, except we don't have a body, so nothing tos ign
#
rhiaro ... I think (and aaronpk agrees) is to not provide a signature mechanism but strongly incentivise subscribers to use complex urls that are not guessable
#
rhiaro sandro: capability urls
#
rhiaro julien: if we go in that direction, which I think is safe in terms of security, is why do we even need to sign notifications? If we have https and complex urls, that should be secure enough
#
rhiaro sandro: https protects the url?
#
rhiaro julien: yes
#
rhiaro tantek: no
#
rhiaro julien: it exposes only the domain
#
rhiaro sandro: only the ip address
#
rhiaro aaronpk: you iknow the domain because of SNI
#
rhiaro julien: you don't even know the method
#
rhiaro tantek: so you want to make https a MUST?
#
rhiaro julien: I still think we should allow for non-https, that adds complexity, and I think we need the signature for the case where you could have a man in the middle thing where someone could alter the content and you would not know that they had
#
rhiaro sandro: there's nothing to sign because..?
#
rhiaro aaronpk: two things
#
rhiaro ... The confirmation that the hub sends is a GET request, here is: 'yes the subscrption has been activated'
#
rhiaro ... For that it's using a complex URL, because there's no body you can't sign the payload
#
rhiaro ... Some alternatives could be come up with a signature method based on query strings.. sounds like oauth1, or sign the headers... whatever..
#
rhiaro ... But a much simpler solution is use a 128 bit capability url
#
rhiaro ... That's probably fine over https
#
rhiaro ... That url is never exposed because it's sent in the POST body over https to the hub
#
rhiaro ... With that in mind, totally separate issue: why do we even have signature son the body?
#
rhiaro ... If you assume the URL is secret and nobody can send forged requests to it, why does the hub need to sign the payload?
#
rhiaro ... One reason to continue using signatures is it does allow subscribers to not support https if they are willing to take the risk of forged confirmations
#
eprodrom https://www.w3.org/TR/capability-urls/
#
Loqi [Jeni Tennison] Good Practices for Capability URLs
#
rhiaro ... but when they get the delivery they know the payload was not forged so they can check the signatures
#
cwebber2 I guess if you don't trust certificate authorities too :)
#
cwebber2 yeah
#
rhiaro ... Second, it secures against mitm over https, which is a thing in corporate network environments
jasnell joined the channel
#
rhiaro sandro: how do you know the public key..?
#
rhiaro aaronpk: the subscriber sent the secret to the hub during subscription over https
#
rhiaro julien: since it's async it's harder to mitm
#
cwebber2 ooh nice document, thanks eprodrom
#
rhiaro aaronpk: it's not pgp level safe, but it's..
#
rhiaro tantek: the other reason even in https is the general concept of defense in depth
#
rhiaro ... Multiple levels of things to use as defenses
#
rhiaro ... One more thing to break through
#
rhiaro ... Good security architecture
#
rhiaro julien: technically the payload is more important than the confirmation
#
tantek FYI: https://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29
#
rhiaro aaronpk: if you intercept a confirmation the worst thing that happens is the system thinks it is subscribed and it's not
#
rhiaro ... whereas the payload could have real consequuences
#
eprodrom q?
#
rhiaro julien: so the right thing is to not change the spec at this point, but to use capability urls
#
eprodrom q+
#
Zakim sees cwebber on the speaker queue
#
Zakim sees cwebber, eprodrom on the speaker queue
#
rhiaro aaronpk: it's essentially a bearer token in a URL
#
rhiaro ... Not change the normative spec, but the suggestion in security considerations would be to put a strong recommendation to use these URLs
#
rhiaro ... It doesn't affect interop, but for your own good you sholuld be doing this
#
rhiaro sandro: are people doing that now?
#
rhiaro aaronpk & julien: I think so
#
rhiaro aaronpk: subscribers
#
rhiaro julien: hub is blind to everything
#
rhiaro aaronpk: woodwind does and my switchbaord does
#
rhiaro tantek: strong enough that you can make it a must?
#
rhiaro aaronpk: it doesn't affect interop
#
rhiaro tantek: if you can make it a MUST it's good for the future
#
rhiaro aaronpk: you don't want to put a specific length.. how do you define what's strong enough?
#
rhiaro sandro: you could say it has to be unique for every subscription?
#
rhiaro julien: should we enforce it at the hub?
#
rhiaro aaronpk: the hub could deny a request if it's seen the URL before
#
tantek q?
#
Zakim sees cwebber, eprodrom on the speaker queue
#
aaronpk https://www.w3.org/TR/capability-urls/
#
Loqi [Jeni Tennison] Good Practices for Capability URLs
#
rhiaro eprodrom: W3C note on capability URLs that is very thorough
#
eprodrom https://w3ctag.github.io/capability-urls/
#
rhiaro ... WD from 2014, so maybe not quite... oh now I found Jan 7 2015
#
rhiaro ... Can't be normative, we can use as informative reference
#
rhiaro aaronpk: So then the issue is do we require unique URLs for subscription, which would be a testable implementation change
#
rhiaro julien: it would break things
#
rhiaro aaronpk: It's a strong change
#
rhiaro tantek: you could make it a SHOULD
#
rhiaro julien: I think it should be a SHOULD
#
rhiaro ... These are things that protect you, do them, if you don't you're the one who is going to suffer
#
rhiaro tantek: for new implementations and new subscribers it is a MUST
#
rhiaro aaronpk: I have a hard tiem justifying it as a MUST
#
rhiaro ... It doesn't change the protocol
#
rhiaro ... It works just as well with all the peices together whether or not subscribers do this
#
rhiaro ... I have a hard time saying it's a MUST because of that
#
rhiaro ... but if someone is implementing this.. I opened this issue because I was writing the test subscriber, and I was like 'wait a second what is stopping someone else from making this request?' there wasn't something in the spec to tell me how to protect myself
#
rhiaro ... I think just at that point the implementer will go to the spec and see the recommendation to make it a unique URL
#
rhiaro aaronpk: I can make the test suite measure that too
#
rhiaro ... whether that different
#
rhiaro ... could check the entropy as well
#
rhiaro tantek: if it becomes common practice we can chane it to a MUST and tighten the security of the whole system
#
eprodrom q?
#
Zakim sees cwebber, eprodrom on the speaker queue
#
rhiaro ... What about signatures?
#
rhiaro aaronpk: Right now signatures are a optional for the subscriber
#
rhiaro julien: the subscriber can take the risk to receive forged content
#
rhiaro aaronpk: or they can ignore the payload and go fetch the content themselves
#
rhiaro julien: very few implementations actually check the signatures
#
rhiaro ... so in practice even though the signature is safer, people will use the URL
#
rhiaro ... as a way to cover their base
#
tantek (mitigate)
#
rhiaro ... the reason is because the signature mechanism I felt people have had trouble coding
#
rhiaro ... People will not sue the right encoding
#
rhiaro ... It's harder to debug
#
rhiaro ... THe hub will compute the signature at the byte level, the subscriber will use a different encoding and compute the siganture on the string version of this, and get a different result
#
rhiaro aaronpk: shouldn't hte hub compute it on the string level then?
#
rhiaro julien: the hub doesn't know th eencoding
#
rhiaro eprodrom: the issue is signatures are hard.
#
rhiaro julien: PHP doesn't help
#
rhiaro sandro: In JS you oculdn't do it until recently
#
rhiaro aaronpk & julien: something about gzip
#
rhiaro ... good test case
#
rhiaro julien: the hub is the party signing the content, not th epublisher
#
rhiaro ... it would be more secure for the publisher to sign and the hub just transmit it, and be agnostic of the content
#
rhiaro ben_thatmustbeme: but then you're starting to define the publishing
#
rhiaro julien: right htat's a completely different thing
#
rhiaro sandro: In the current model the hub has to sign it differently for each user (per secret)
#
rhiaro eprodrom: one of the problems iwth capability urls is as soon as you publish anything across security boundaries you've started yoru clock ticking. Somebody is going to get to it at some piont, whether it's 100 years from now or next week
#
rhiaro ... Once yo've published it, ...
#
rhiaro julien: We should have a requirement, when the subscription expires, don't reuse your callbacks
#
rhiaro ... So you are exposed for the duration of your lease, when the lease is over you can start fresh
#
rhiaro eprodrom: and if you do a large enough key
#
rhiaro julien: start with 20, then 50, then 200, then 2000...
#
rhiaro eprodrom: if you can do it in a way that your window is small enough then you have enough time
#
rhiaro julien: someone has asked about unbound leases before, I think no this is wrong. You need to provide a maximum period
#
rhiaro ... the hub MUST have a period
#
rhiaro sandro: how does the hub reply?
#
rhiaro aaronpk: it's part of the confirmation
#
rhiaro sandro: does the spec now say 'we know it's ugly?'
#
rhiaro julien: no
#
rhiaro sandro: I would like it to say that it recognises that it's in violation of web arch
#
rhiaro aaronpk: it's important to put that in there because other people will think that and raise issues or try to reinvent
#
rhiaro julien: I think it's elegant to have a different verb for the handshake thing and the notification
#
rhiaro ... On the implementer level it's easier to just say it's a GET, or a POST
#
rhiaro aaronpk: It is easier. And for the payload, the post body is the document, it's not a wrapper
#
rhiaro ... If it was one of the form params it would be much easier on implementer level to use the hub.mode to swithc on that
#
cwebber2 pushes up https://activitypub.rocks/news/activitypub-reaches-cr.html blogpost :)
#
rhiaro ... but as an implementor if I have to handel reading the raw POST body to understand what type of ..
#
rhiaro sandro: and it's the same URL?
#
rhiaro aaronpk: it has to be
#
rhiaro sandro: if they were both POST I'd use two URLs ors omething
#
rhiaro aaronpk: that would be even crazier
#
rhiaro julien: SO I understand it's not the nice way of doing http things, but it makes implementers job much asier
#
rhiaro sandro: how do you tell whether you're getting a diff or full content
#
rhiaro aaronpk: different issue
#
rhiaro sandro: I'd use http PATCH verbs
#
rhiaro ... and Accept-Patch
#
rhiaro ... Not a custom header
#
rhiaro ... You can have that in the subscription request
#
rhiaro ... For instance when you do the confirmation, on that GET the return header could be Accept-Patch
#
rhiaro julien: Oh I see
#
rhiaro sandro: could be an extension
#
rhiaro ... You could also, the hub could just send a patch and see what status code it gets back
#
rhiaro ... A server is not going to give a 200 on a patch unless it's handling it
#
rhiaro julien: I was hoping to be using a content type header
#
rhiaro sandro: or you could do it after the first post to a subscriber
#
rhiaro ... they can say they accept patch for future reference
#
rhiaro julien: there's a continue http code, 100 or something, the subscriber can say hey send me the patch
#
rhiaro sandro: I think continue is in response to a get
#
rhiaro julien: I dunno
#
rhiaro aaronpk: All these things are nice to do, but nobody has implemented any of them
#
rhiaro sandro: It can cleanly go in as an extension
#
rhiaro julien: when we went with fat ping we talked about ability to have extensions
#
rhiaro aaronpk: Okay so
#
rhiaro ... Recommend SHOULD use capability URLs
#
rhiaro ... SHOULD not reuse capability URLs
#
rhiaro ... Hubs MUST NOT issue unlimited subscriptions?
#
rhiaro ... MUST enforce lease
#
rhiaro julien: if the subscriber does not submit one the hub will tell you what it is
#
rhiaro sandro: but we're okay with 20 year leases?
#
rhiaro aaronpk: I don't think the hub should decide the limit
#
rhiaro sandro: in security considerations
#
rhiaro julien: Should be short
#
rhiaro tantek: how muc hof this can you test?
#
rhiaro aaronpk: All testable
#
rhiaro ... Can test that a subscriber is using unique urls, that the hub is returning lease seconds
#
rhiaro sandro: if it's more than a year you can give a warning
#
rhiaro aaronpk: That's basically going to resolve these two issues
#
rhiaro ... 43 and 36
#
rhiaro ... And then signatures on the notification not changing, because it is implemented some people are doing things with it, if you don't want to use it you don't have to, and you can always go fetch the original content if you don't trust the hub's payload
#
ben_thatmustbeme julien, aaronpk, i think i found an issue, but i'm not sure, i feel like i might be missing something
#
rhiaro tantek: are any of these SHOULDs currently unimplemented
#
ben_thatmustbeme but we can discuss offline
#
rhiaro aaronpk: we don't know about renewal
#
rhiaro julien: we dont' check that you're using a differnet URL
#
rhiaro aaronpk: there's no survey of all of them
#
rhiaro ... but I know that mine does use a unique one
#
rhiaro ... We don't know how widely, but we can test it
#
rhiaro tantek: that sounds like we can make a SHOULD and see what happens
#
rhiaro ... if everyone is doing it, we can make it a MUST
#
rhiaro ... without discussing again
#
rhiaro julien: I don't think everyone does it
#
rhiaro aaronpk: could you check that on superfeedr's end?
#
rhiaro julien: wordpress and google doesn't do it either
#
rhiaro tantek: we should gather data
#
rhiaro ... and raise it with them as a security concern
#
rhiaro q?
#
Zakim sees cwebber, eprodrom on the speaker queue
#
eprodrom q-
#
Zakim sees cwebber on the speaker queue
#
tantek q?
#
Zakim sees cwebber on the speaker queue
#
cwebber2 hi
#
tantek ack cwebber2
#
Zakim sees cwebber on the speaker queue
#
cwebber2 q-
#
Zakim sees no one on the speaker queue
#
tantek ack cwebber
#
Zakim sees no one on the speaker queue
#
cwebber2 not sure why I was on the queu
#
cwebber2 e
#
cwebber2 I think that was from way before
#
rhiaro julien: I have a process question
#
rhiaro ... People open issues, I close them, what should I do?
#
rhiaro tantek: what we've been doing so far is to try to reach a conclusion that the person who opened the issue has been happy with, and ask them to close it
#
rhiaro sandro: We don't want to have the situation where someone feels like they haven't been heard
#
rhiaro ... If you do exactly what they ask for it should be fine to close
#
rhiaro julien: Same with PRs, I just merge them myself
#
tantek FYI julien: https://www.w3.org/wiki/Socialwg/Github_Process
#
rhiaro tantek: You said you're opening PRs. If you get PRs from people who are outside of the WG we actually need to get them to agree to the contributor's agreement before we merge them
#
rhiaro julien: okay I think I merge da couple of things..
#
rhiaro sandro: there's the patent and copyright question
#
rhiaro ... if it's editorial it could be a copyright issue
#
rhiaro aaronpk: you can put a contributor.md
#
rhiaro ... people generally agree to that
#
rhiaro tantek: can we put the IE agreement there?
#
rhiaro ... if the person belongs to a W3C member company that's okay too
#
rhiaro julien: and when they're not?
#
rhiaro sandro: the peopel who have already contributed, we can get them to confirm it
#
rhiaro ... It's part of the IE agreement, but not the whole IE sign up
#
rhiaro tantek: We should put the IE agreement into the contributions.md
#
rhiaro ... rhiaro can find the links to the agreements
#
rhiaro ... You need to ask tony to check he's agreed to the following
#
rhiaro ... If it's not okay you'll have to remove his changes. Hopefully won't coem to that
#
aaronpk https://github.com/w3c/pubsub/issues/40
#
rhiaro aaronpk: Host meta thing
#
rhiaro ... I opened this one as I was writing the subscriber
#
tantek https://github.com/w3c/pubsub/issues in general
#
rhiaro ... Right now the discovery steps in the specs say check the http headers and then if it's xml or html then look for the link tag, and then lastly check host-meta
#
rhiaro ... The spec doesn't say much about how that part works
#
rhiaro ... IT's sort of left as go read about host meta and figure it out
#
rhiaro ... I supsect there's not much implementation of it
#
rhiaro ... I suggest to drop it if there's no known implementations
#
rhiaro julien: I initially agreed and then changed my mind. There's a use case that's very useful - github pages
#
rhiaro aaronpk: a hosting environment that doens't le tyou set http headers, for document types that don't support embedded links
#
rhiaro sandro: eg. json data on github
#
rhiaro aaronpk: host meta turns out to be a weird rabbithole
#
rhiaro ... hostmeta is actually an xml document
#
rhiaro ... hostmeta is a specific part under .well-known
#
rhiaro ... In my opinion, the best way to do it for pubsub (and possibly webmention) is to define a pubsub .well-known
#
rhiaro ... where the pubsub spec defines the document inside there
#
rhiaro tantek: that's not unique to pubsub, adding one more step to discovery
jasnell joined the channel
#
rhiaro aaronpk: we solved for webmention with not supporting wellknown, and whole domain delegation, at an http header level
#
rhiaro ... We don't support per-document discovery on non-xml content types, but the assumption was the majority of the use cases for that could be solved with headers
#
cwebber2 that requires that you control the web server, so it wouldn't work with something like github pages right? which is probably fine
#
cwebber2 oh there we go :)
#
rhiaro eprodrom: What we're trying to do is do discovery on name.example/something.jpg
#
rhiaro ... Can we say that if you can'tn do any discovery on something.jpg you can do it at the host name leveL?
#
rhiaro ... Is that a fair way to do it?
#
rhiaro ... If you can't do discovery on name.example/something.jpg try doing discovery on name.example/
#
rhiaro aaronpk: you wouldn't find the self url
#
rhiaro ... and doesn't solve it for github
#
rhiaro ... oh right subdomains on github
#
rhiaro sandro: you don't seperate subscribing to root from subscribing to everything else
#
rhiaro eprodrom: good point
#
rhiaro julien: why do we have to define discovery, why isn't there a discovery spec?
#
rhiaro aaronpk: that is kind of host meta...
#
rhiaro tantek: we did roughly define our own discovery guidelines in this group, across all the different approaches
#
rhiaro aaronpk: that doesn't solve this particular use case
#
rhiaro tantek: I think that was considered, this isn't a new use case
#
rhiaro ... There's not enough new information to bring it up from two years ago
#
rhiaro eprodrom: Link header and then link tag is going to discover somewhere north of 95% of cases
#
rhiaro ... So it might not be worth doing anything more than punting and saying go look around the web and see what other discovery mechanisms there are
#
rhiaro aaronpk: Here's my concern. It makes writing subscribers harder. As a subscriber it's nice ot know when you've checked all the possible ways to find a thing
#
rhiaro julien: a long time ago, the discovery mechanism itself can be extracted into a custom service. Can just be a library that people can reuse
#
rhiaro ... I wrote a service a couple of years ago called feed discovery..
#
rhiaro ... It's harder to implement, but it's a matter of just using a library that does it
#
rhiaro aaronpk: the reason that we have to talk about it is because it is in the spec already
#
rhiaro ... We're not talking about adding it
#
rhiaro ... hostmeta has been in the spec since the beginning
#
rhiaro julien: a lot of peopel who host a jekyll site on github have asked about it
#
rhiaro sandro: one other discoveyr technqiue, used in csv on the web recs, is
#
rhiaro ... if you have a cvs file you're suppose dto look for -metadata.json
#
rhiaro ... and also csv-metadata.json
#
rhiaro tantek: wat
#
rhiaro various: wat?
#
rhiaro ... *descends into silliness*
#
rhiaro tantek: So who implements hostmeta discovery for pubsub?
#
rhiaro julien: no-one
#
rhiaro ... I have email of people asking me how I do this on github with jekyll
#
rhiaro ... I say you can't. it's excluding them, and then saying oh well nobody is doing it
#
rhiaro ben_thatmustbeme: It's the subscribers we need to know if they do it
#
rhiaro ... With webmention we don't want to add it cos every single implementation would have to update
#
rhiaro ... But with pubsub if it's been in the spec since the beginning that's not the case
#
rhiaro aaronpk: My issue is as an implementor I look at this sentence I don't immediately see how to implement it
#
rhiaro ... I want to see the URL I request, the response body taht I get, and then I'll understand the question
#
rhiaro tantek: I'm asking are there any implementations of subscribers that do discovery this way
#
rhiaro ... We knew for webmention was 0 so we could easily make a decision
#
rhiaro julien: I don't know.
#
rhiaro tantek: are there any publishers that implement this?
#
rhiaro julien: We don't know
#
rhiaro aaronpk: hard to know, we'd have to survey the whole web..
#
rhiaro tantek: follow up is that are these publishers depending on it
#
rhiaro julien: people are asking me about it because it's the only option for them
#
rhiaro sandro: it's a thing that's in the spec but there's not enough guidence
#
rhiaro julien: we can definitely put it as at risk
#
rhiaro aaronpk: looks like hostmeta was added in 0.4
#
rhiaro ... The other thing is that it doesn't link to the hostmeta spec, it links to the wellknown spec
#
rhiaro julien: that's not right
#
rhiaro aaronpk: So I suspect there are few imlpementations because of that
#
rhiaro tantek: so it's underspecified. Implementation status is unknown. We can specify it in more detail and put it at riks.
#
rhiaro s/riks/risk
#
rhiaro tantek: that's an exception from the prior resolution of FYN
#
rhiaro aaronpk: It's an exception becasue it was already in the spec
#
rhiaro ... It's not being added
#
cwebber2 of course, At Risk, it's not very at risky, because it has implementations :)
#
cwebber2 is not objecting, just observing :)
#
rhiaro ... Putting it at risk is bringing it closer to our earlier resolution
#
rhiaro ... and I'll check in the test suite if people ar eusing it
#
ben_thatmustbeme cwebber2, do you have examples of where it has implementations?
#
cwebber2 oh
#
cwebber2 nm maybe I'm wrong
#
cwebber2 shuts up :)
#
tantek cwebber2: in the room we have no knowledge of any PuSH publishers or subscribers that implement host meta discovery
#
tantek if you know of one, definitely say something!
#
cwebber2 I misunderstood, sorry!
#
eprodrom I need to step away at noon for 15 minutes
wilkie, jasnell and KevinMarks joined the channel
#
rhiaro aaronpk: My problem with hostmeta is the spec gives you 5 different ways to find the hostmeta
#
rhiaro ... Conneg, there may be a .json version fo the file
#
rhiaro ... I don't feel comfortable recommending that to people using pubsub
#
rhiaro ... pubsub right now does not recommend that
#
rhiaro ... there are so many way sit can work, makes discovery very difficult
#
rhiaro ... I think there are much better ways to solve the use case the hostmeta is tryign to do
timbl joined the channel
#
rhiaro ... One of those is to define our own pubsub .well-known
#
rhiaro ... It's much clearer
#
rhiaro ... BUT
#
rhiaro ... that is a big change to the spec
#
rhiaro ... We know nobody is doing it
#
rhiaro ... Adding that is a big deal
#
rhiaro ... That breaks every existing subscriber
#
rhiaro ... But that is a better solution to the technical problem
#
rhiaro ... However completely delegating to the hostmeta spec is also a terrible solution
#
rhiaro ... and will also break subscribers
#
rhiaro ... The only solution that doesn't break *possible* implementations that we haven't confirmed, is to harden the aspect of hostmeta that the spec does *already* refer to
#
rhiaro ... Only looking for the xml format in the hostmeta file
#
rhiaro ... If there are implementations they did it that way, cos that's all the spec hinted at
#
rhiaro tantek: or we drop it right now.
#
rhiaro aaronpk: Or because we don't know any implementations we drop it from the spec
#
rhiaro sandro: Sounds like the right solution is a .well-know extra headers
#
rhiaro ... as a workaround for these stupid things that don't let you provide headers
#
rhiaro aaronpk: where you can put in literal text of http headers
#
rhiaro various: lol
#
cwebber2 wonders, will we be breaking for lunch soon?
#
rhiaro aaronpk: I would rather drop it, but am okay with restricting to xml, to support the use case that has technically been supported before this group adopted it
#
rhiaro julien: I want the mechanism to exist for these people
#
rhiaro ... Opposed to dropping
#
rhiaro ben_thatmustbeme: I'm okay with any of them
#
rhiaro rhiaro: I agree with julien
#
cwebber2 no objections
#
rhiaro tantek: cwebber2 do you have an objection to either way?
#
rhiaro ... I'm going to declare consensus on aaronpk's proposal, of restricting the scope to what it seems the pubsubhubbub spec intended, and marking it as at risk
#
rhiaro ... And indicate in the spec that we know of no known implementations, and if you have an implementation the group stronglyr equests your input on this issue in particular
#
rhiaro ben_thatmustbeme: I think the most important feedback is from subscribers to know that they're all checking for it
#
rhiaro ... If nobody is checking for it, what's the point of specifying it?
#
rhiaro ... In this version
#
rhiaro aaronpk: we can solve it a better way in a future version
#
rhiaro tantek: we're asking for an extension for this spec in particular, so if anyone decides to look through with a fine tooth comb, one they will look for is narrowing scope, not adding new features
#
sandro https://twitter.com/sandhawke/status/799297395519582208
#
Loqi [@sandhawke] Any workaround for sites (@github) which don't let you set HTTP Link headers? I find myself sadly wanting .well-known/extra-http-headers.txt
#
rhiaro ... So.. what do we need to get to CR? Have we covered all issues?
#
rhiaro julien: yes
#
rhiaro tantek: Continue with taking pubsub to CR discussion after lunch
#
rhiaro TOPIC: Lunch
#
cwebber2 yup
#
cwebber2 aaronpk, I'll dial back in then
#
aaronpk k
#
cwebber2 ty
#
aaronpk ?
KevinMarks2 and KevinMarks joined the channel
#
tantek aside: Snowden advocated federation: http://werd.io/2016/i-missed-this-snowden-advocated-federation-as-an-antidote-to
#
Loqi [Ben Werdmüller] I missed this: Snowden advocated federation as an antidote to filter bubbles. http://www.scribblrs.com/snowden-stop-relying-facebook-news/ #indieweb #decentralize...
jasnell and jasnell_ joined the channel
#
cwebber2 tantek, nice to see
KevinMarks joined the channel
#
rhiaro hey cwebber2 we're doing the group photo, any chance we can get you on video?
#
rhiaro otherwise we'll hold a laptop with a blank screen and shop you in later :)
#
cwebber2 rhiaro: shop me in later!
#
cwebber2 no viable webcam option right now, so if yer gonna fake it, post-production is just as good
#
cwebber2 rhiaro: or, hilariously, you could load this image:
#
cwebber2 http://dustycloud.org/gfx/goodies/gavroche-wip15.jpg
#
cwebber2 just as good, looks just like me
#
wilkie you're looking a bit untextured
#
tantek wilkie are you joining us remotely?
#
tantek we are about to resume
#
tantek cwebber2 can you reconnect?
#
tantek call aaronpk
#
cwebber2 yep
#
cwebber2 wilkie: yeah it was for a 3d print from the mediagoblin campaign rewards
#
cwebber2 never got around to texturing
#
wilkie looks good
#
tantek cwebber2: focus :)
#
rhiaro scribenick: rhiaro
#
rhiaro julien: what to do to get to CR
#
rhiaro tantek: A test suite, or plan, or start, which we have
#
rhiaro aaronpk: yeah the publisher and subscriber tests are done, the hub is in progress
#
rhiaro tantek: Plan?
#
rhiaro aaronpk: yep
#
rhiaro tantek: where?
#
rhiaro aaronpk: github issues on tests repo
#
rhiaro tantek: Implementation report template?
#
rhiaro aaronpk: It is part of the test plan
#
rhiaro tantek: You can use the CR to go to implementors and say you need ti either implement this to the spec or say why you can't
#
rhiaro ... The implementation report template is a requirement to enter CR in other specs
#
rhiaro ... So that as soon as we ask for impleemntations they have a way to provide reports
#
rhiaro aaronpk: It is better to have it that way
#
ben_thatmustbeme wonders what is making that sound
#
rhiaro tantek: Do we have conformance criteria?
#
rhiaro aaronpk: I don't think so
#
rhiaro sandro: Do we have the three conformance classes of publishers, subscriber and hub?
#
rhiaro aaronpk: yep
#
rhiaro sandro: different kinds of hubs?
#
rhiaro aaronpk: Not in this spec
#
rhiaro ... It's actually pretty small. Not a lot of options for each of them. Conformance criteria is not much more than the spec itself
#
rhiaro sandro: *explains conformance criteria*
#
Zakim excuses himself; his presence no longer seems to be needed
#
rhiaro tantek: should be a summary of features
#
Loqi good riddance
#
rhiaro aaronpk: sometimes it's more obvious that some parts of the spec are optional or only apply to certain roles
#
rhiaro Zakim, you were never needed. Best wishes.
Zakim joined the channel
#
rhiaro We missed you Zakim
#
rhiaro tantek: Is there CR exit criteria in the spec?
#
rhiaro sandro: Our standard boilerplate is two implementations of every feature passing the tests
#
rhiaro tantek: interoperable implementations
#
rhiaro sandro: the higher bar we could go for is two implementation with all the features
#
rhiaro ... 2 hubs that do everything a hub is supposed to do
#
rhiaro aaronpk: a great example of criteria for the hub is that it must support signatures, whereas the subscribers doesn't
#
rhiaro tantek: file issue for CR exit criteria in the spec
#
rhiaro aaronpk: example of feature is hostmeta discovery
#
rhiaro ... we might not get two implementations of that
#
rhiaro ... i actually do have the feature list
#
rhiaro ... 4 discovery methods, headers xml tags html tag, hostmeta
#
rhiaro ... Let's set the bar of two implementations of each feature
#
ben_thatmustbeme rhiaro where did you get those gloves?
#
rhiaro ben_thatmustbeme: cwebber2 gave them to me in Lisbon :)
#
ben_thatmustbeme cwebber2 where did you getthose?
#
cwebber2 ben_thatmustbeme: softflex gloves from the ergoguys store; you can also get them on amazon
#
rhiaro varoius: *discussion about publication process*
#
cwebber2 oops
#
cwebber2 ben_thatmustbeme, very useful if you have wrist / typing pain
#
cwebber2 or are trying to mitigate it
#
rhiaro various: *discussion of github's partial implementation of pubsub*
#
rhiaro tantek: it's almost like a different class of conformance that's beyond the scope of the spec
#
rhiaro ... authenticated subscriptions
#
rhiaro ... a future version of pubsub could specify if you want to only allow authenticated subscribers, here are some mechanisms
#
rhiaro ... sounds like their use case is different from what we're speccing
#
rhiaro julien: requiring authentication makes a lot of the things we do irrelevant
#
rhiaro ... facebook do the verification step even though they know you did it with your credentials
#
rhiaro ... In the past, it works to say this will make their thing work with other apis
#
rhiaro ... Github could let you subscribe to a repo by html without authentication
#
rhiaro ... But currently the API is behind authentication
#
rhiaro sandro: for github pages, they could provide a link header to their own hub
#
rhiaro aaronpk, julien: that would be great
#
rhiaro julien: medium has its own hub for all of the feeds (superfeedr)
#
rhiaro ... We don't have an API for reading, we just have feeds
#
rhiaro ... I can see where we might eventually have some things not available as feeds to be available through pubsub. I'm fighting hard against auth for that
#
rhiaro q+ to say evidence of wide review
#
Zakim sees rhiaro on the speaker queue
#
rhiaro aaronpk: There was text modified to make it clear to send the full page as the notification payload. Are will leaving it open to send diffs?
#
rhiaro julien: diffs are the widest thing implemented
#
rhiaro aaronpk: you still send an atom feed, it just only has one item in it
#
rhiaro ... you send a wrapped feed
#
rhiaro ... So the actual diffing mechanism is not in the spec
#
rhiaro julien: I think we should remove it from the spec, but I still want a trace in here because people will ask about it
#
tantek q?
#
Zakim sees rhiaro on the speaker queue
#
rhiaro aaronpk: Add it to the test tool to check if it's being done, so we can keep track of it
#
rhiaro ... If the actual diffing mechanism is not in the spec, how do people know what to do and what to expect from the payload
#
rhiaro ... Can we say here is where to go to learn about what to expect?
#
rhiaro sandro: in practice, when people get the new version of an rss feed, they don't actually get it, they get a stripped down verson that only has the new stuff?
#
rhiaro julien: yes, only the new entries
#
rhiaro aaronpk: 0.3 specified diffing for rss and atom
#
rhiaro ... it said send the feed with only new items
#
rhiaro eprodrom: people tend to mess that up
#
rhiaro aaronpk: it was written in 0.3
#
rhiaro ... it got explicitly taken out in 0.4
#
rhiaro ... so now there's no clue what to expect about a diffd payload
#
rhiaro ... Where do we point people to?
#
rhiaro ... if it's a MAY be a diff
#
rhiaro julien: ..define a diff. It's a subset
#
rhiaro ... I thikn it's still fine
#
rhiaro aaronpk: Right now as the spec is written it's not clear what implementors should expect
#
rhiaro ... to receive or send
#
rhiaro sandro: sounds like it's not in conformance to the spec
#
rhiaro ... I imagine it says the fat ping is the content that is being published
#
rhiaro ... It sholud say it's either the content being published, or the subset appropriate for that media type
julien joined the channel
#
julien <p>A content distribution request is an HTTP [[!RFC7231]] POST request from hub to the subscriber's callback URL. The HTTP body of the POST request MUST include the payload of the notification. This request MUST have a <samp>Content-Type</samp> Header corresponding to the <samp>Content-Type</samp> of the topic, and SHOULD contain the full contents of the topic URL. The hub MAY reduce the payload to a diff between two consecutive versions if its format al[CUT]
#
aaronpk if its format allows it
#
rhiaro sandro: I'd use the word subset not difff
#
rhiaro aaronpk: the point is that the actual, now you can't even tell what the payload is going to be
#
rhiaro ... "subset or diff" are not actual spec words (not defined)
#
wilkie RSS/Atom is fairly straightforward, too. if you know what RSS is, then you can tell when an entry is an entry you've never seen before. So you just always treat the incoming data from PuSH as a subset and just take what you need.
#
rhiaro sandro: so, for formats that are a set of items, this may be reduced to only the changed items
#
rhiaro aaronpk: to better define the 'diffing mechanism' in generic terms?
#
rhiaro eprodrom: what about defining the diff for... it's such a common use case that we've got, using rss items and atom entries, it seems worthwhile to.. it would take two sentences to define it
#
rhiaro aaronpk: the problem is that for the content types that aren't those, what is expected?
#
rhiaro eprodrom: figure something out
#
rhiaro tantek: the answer is not implemented
#
rhiaro eprodrom: it could be a diff
#
rhiaro julien: a subset
#
rhiaro eprodrom: it could be a subset. For rss it's an item, for atom it's an entry, for AS2 it could be a single activity
#
wilkie if you let people know that a subset that is based on the content type is how it is expected to work, I don't think people will be confused to that purpose
#
wilkie if you understand the content type (RSS or AS2) you won't find a subset surprising or hard to deal with, basically
#
rhiaro sandro: if the topic is a json document and the top level si an object and one key value has changed can you just send that key value?
#
rhiaro julien: no
#
rhiaro ... we're back to diffing
#
eprodrom q+
#
rhiaro aaronpk: what I would like to see from the spec and as an implementor, I want to see exactly what to do and I don't want any wriggle room
#
Zakim sees rhiaro, eprodrom on the speaker queue
#
ben_thatmustbeme scribenick: ben_thatmustbeme
#
ben_thatmustbeme rhiaro: i was queued to continue answering what is needed for CR
#
tantek q?
#
Zakim sees rhiaro, eprodrom on the speaker queue
#
tantek ack eprod
#
Zakim sees rhiaro on the speaker queue
#
rhiaro scribenick: rhiaro
#
rhiaro eprodrom: RSS, Atom and undefined would get us pretty far
#
tantek q+ to mention implementations of specific subset items vs at-risk for anything else
#
Zakim sees rhiaro, tantek on the speaker queue
#
rhiaro aaronpk: I would say RSS, Atom and "don't do it" is a better option
#
rhiaro eprodrom: I'm fine with that
#
rhiaro julien: Do we even want to open the door for RSS/Atom?
#
rhiaro eprodrom: yeah. Subscribers SHOULD be able to the whole content, or a subset
#
rhiaro sandro: but the subscriber doesn't get to pick, and can't tell what it's getting
#
aaronpk https://github.com/w3c/pubsub/issues/27
#
wilkie yeah, a general diff may just be too complicated to get right. noting that a formalized subset defined elsewhere is to be expected seems to be a good note in the spec, giving RSS/Atom as an example.
#
rhiaro julien: you havea feed with ten entries, all new you get ten. You have a feed with 100, 10 new, you get 10. The subscriber doesn't know
#
rhiaro eprodrom: I think we always did exactly one
#
rhiaro julien: superfeedr as well
#
rhiaro tantek: sounded like consensus forming about what to specify for rss/atom vs other formats
#
rhiaro aaronpk: I want clarity on th enotification payload when it's not the full contents
#
rhiaro ... We can describe what to do for RSS/Atom
#
rhiaro ... We know that we have implementations of hubs that send individual entries within an RSS/Atom feed
#
rhiaro ... We don't know and I doubt there are implementations of other diffing mechanisms
#
rhiaro ... I think it would be very reasonable to put in a setnece or two for RSS/Atom
#
rhiaro ... Subscriber MUST be able to handle that
#
rhiaro ... But the hub doesn't have to
#
rhiaro julien: practically it doesn't change anything for the subscriber
#
rhiaro sandro: they ahve to not delete what they've already got and replace it
#
wilkie brand new subscriptions only got the latest 3 entries for my implementation as their initial data, and then just the new ones.
#
rhiaro julien: depends what they're doing
#
rhiaro ... sometimes it's a mirror or an archive
#
rhiaro aaronpk: very application specific
#
rhiaro sandro: I could have a completely broken implementation without realising it. I might think th ehub is broken because it's sending only soe of it
#
rhiaro ... Every consumer has to be written with this awareness, that if it's RSS/Atom it might not be getting the full content
#
rhiaro aaronpk: the alternate is that you assume you're getting the complete feed and don't dedup
#
rhiaro sandro: I could be building a subsystem, a fetch module, you give it a url and it gives you back the content, and I want to add pubsub discovery rather than a polling mechanism
#
rhiaro ... not rss/atom. A web mirroring system. It turns out that pubsubhubbub on two media types do somethign different than pure mirroring
#
rhiaro ... I have to know that
#
rhiaro tantek: if you're looking to mirror you have to go get the actual resource
#
rhiaro sandro: the point of fat pings in pubsub is I don't have to do that
#
rhiaro tantek: but the point of fat pings is not to support mirrors
#
cwebber2 q+
#
Zakim sees rhiaro, tantek, cwebber on the speaker queue
#
rhiaro julien: you're never able to guarantee you get the full mirror of a feed
#
rhiaro sandro: as someone writing a consumer I just have to know that for rss/atom the hub is not bit true
#
rhiaro tantek: the fat pings are not bit true
#
rhiaro sandro: there are no bits if it's not fat pings
#
rhiaro ... fat pings for feed formats, the hub messes with you (in a good way)
#
tantek q?
#
Zakim sees rhiaro, tantek, cwebber on the speaker queue
#
rhiaro julien: if you ask for a feed then you sholuld expect a window in a stream
#
rhiaro ... whether one or ten is not something you can control
#
cwebber2 I forget, can pubsubhubbub be reasonably used for delivering private data? it needs salmon for that to work, right?
#
rhiaro ... It's hard to build a mirror of an infinite stream
#
rhiaro .. you can only get mirrors as windows
#
wilkie this has nothing to do with the protocol itself, either. my implementations may only choose to publish a max number of entries to a hub.
#
cwebber2 it's pretty much only for public info right?
#
rhiaro tantek: sounds like an informative note in the section on fat pings could address this
#
tantek ack cwebber2
#
Zakim sees rhiaro, tantek, cwebber on the speaker queue
#
tantek ack cwebb
#
Zakim sees rhiaro, tantek on the speaker queue
#
rhiaro cwebber2: can pubsubhubbub be reasonably used for delivering private data?
#
rhiaro aaronpk: implementaitons so far have only used it for public feeds
#
rhiaro julien: no, there's a lot of private stuff
#
rhiaro tantek: this is a new topic
#
rhiaro cwebber2: if there's an expectation that you have to jump back to very correctly get the content if it's somethign that was private I guess it has to be both private and transient for that to be an issue
#
rhiaro ... But if that's an issue there's not any guarantee you can fetch it again
#
rhiaro ... But maybe that's not a pubsub issue
#
rhiaro ... It's an issue we have in AP, but I don't htink pubsub is bein gused for this
#
rhiaro julien: there is a lot of private data, obfuscated not behind authn
#
rhiaro ... you had an rss feed in your gmail inbox, that was a public url, a capability url
#
rhiaro ... peopel plugged that into services like superfeedr
#
rhiaro ... we were technically accessing thousands of people's emails as rss
#
rhiaro ... it's private because of the content, but not behind authentication
#
rhiaro tantek: facebook, foursquare, still have stuff like this
#
tantek q?
#
Zakim sees rhiaro, tantek on the speaker queue
#
cwebber2 so, the reason I raised this was we realized if you had private *and* transient data flying across the wire, you won't be able to fetch it again... which is possible in activitypub
#
rhiaro aaronpk: Summary
#
cwebber2 which means that a partial update would have to be sure how it worked
#
cwebber2 which, we dropped partial updates for federation so its no problem
#
rhiaro ... We will add to notification payload section describing how to send changes in the feed for RSS and Atom specifically
#
ben_thatmustbeme cwebber2, thats what i was going to say, but i figured you were getting to understand that as well
#
rhiaro ... For any other content type you must send the full original content
#
cwebber2 but just saying to the "if you're mirroring you should go back and fetch"
#
rhiaro tantek: I heard a different suggestion from eprodrom
#
ben_thatmustbeme correct, you cannot re-fetch the content other than going to the source
#
rhiaro ... In addition to those content types, to consider putitng in at risk how to also do it for AS2
#
rhiaro ... And frankly any other format that pubsub consumers are consuming right now
#
rhiaro ... eg. h-feed
#
rhiaro ... You might get a subest h-feed with only h-entries
#
rhiaro ... but at risk
#
rhiaro aaronpk: the way sandro described it was a generic term for all of these things
#
rhiaro ... If the URL is a collection of items
#
rhiaro ... but it's very clear for implementors what to do for their content type
#
rhiaro ... If you are an ical feed of a bunch of events
#
rhiaro ... it's very obvious that you can send only the feed with the new events
#
rhiaro ... if you're an RSS feed it's very obvious that the items are the individual things to send
#
rhiaro tantek: i half agree with that
#
rhiaro ... ical there is the implicit assumption that if an event is not there it's not in your calendar
#
rhiaro ... it would just delete the event, it wouldn't treat it as an update mechanism
#
rhiaro aaronpk: that was a bad example
#
rhiaro ... The concrete example of rss/atom would be useful, and then the generic text about items in collections
#
rhiaro tantek: again I'm going to say that generic ttext is a bad idea
#
rhiaro julien: If peopel go away from RSS/Atom we can remove it from the spec?
#
rhiaro sandro: It'll be hard for peopel to go away from that
#
rhiaro julien: it was implemented becasue it was in the spec
#
rhiaro tantek: the could have always provided the full feed, they didn't need to do the subset thing
#
rhiaro julien: My point is in the end it's the same amount of processing for the subscriber whether it's a diff or the full feed
#
sandro "If the content type represents a 'feed' of items, such as RSS, Atom, and AS2, then the hub MAY trim pre-existing items from the feed."
#
rhiaro ... Except that it introduces uncertainty as sandro said
#
rhiaro ... The subscriber doesn't know if it's the content of the resource at this point
#
rhiaro tantek: that warning is useful
#
rhiaro ... that's where the generic terminology might be good
#
sandro tantek: unchanged
#
rhiaro sandro: If the content type represents a 'feed' of items, such as RSS, Atom, and AS2, then the hub MAY trim pre-existing items from the feed.
#
rhiaro s/pre-existing/unchanged
#
rhiaro aaronpk: I would still like to see the concrete description of RSS and Atom since they have been implemented
#
rhiaro tantek: for anything else we include we list as at risk
#
rhiaro aaronpk: we won't describe the specific mechanism for any other formats
#
Loqi Scapadis made 2 edits to [[Socialwg/2016-11-17]] https://www.w3.org/wiki/index.php?diff=100738&oldid=100727
#
Loqi Tantekelik made 7 edits to [[Socialwg/2016-11-17]] https://www.w3.org/wiki/index.php?diff=100754&oldid=100738
#
Loqi Tantekelik made 1 edit to [[Socialwg/DocumentStatus]] https://www.w3.org/wiki/index.php?diff=100753&oldid=98359
#
Loqi Abasset made 1 edit to [[Socialwg/2016-11-17]] https://www.w3.org/wiki/index.php?diff=100743&oldid=100739
#
Loqi Rhiaro made 1 edit to [[Socialwg/push-name]] https://www.w3.org/wiki/index.php?diff=100746&oldid=100709
#
rhiaro julien: we're adding more uncertainty
#
rhiaro sandro: we have the uncertainty of all feeds, or only rss and atom
#
sandro eprodrom: Nah, don't trim AS2.
#
rhiaro eprodrom: one possibility is that people do implement it with one Activity in a feed, at which point we document it
#
rhiaro julien: there are things where the size of the feed is not fixed
#
rhiaro ... It's hard to know what the 'full feed' is
#
rhiaro ... I wish for RSS and Atom we consider it a subset of the global stream no matter what
#
rhiaro eprodrom: If I get 5 entries, i check each of their ids against what I already have, if I don't have it if it's new, if I do see if it changed
#
rhiaro julien: the subscriber can't rely on jus tgetting the new version from the hub
#
rhiaro tantek: I would agree with syndication feeds and search results
#
rhiaro ... I would disagree with calendar events
#
sandro tantek: syndication feeds and search results, not calendar events
#
rhiaro sandro: a flag would be great
#
rhiaro tantek: now we're talking new features
#
rhiaro julien: you can have very large requests that need trimming
#
rhiaro tantek: I think the assumptions you have for rss and atom consumers for pubsub
#
rhiaro ... probably the same for h-feed
#
rhiaro aaronpk: more challenging with h-feed because consumers of h-feed are usuallyd ealing with the parsed result of the page, not the html itself
#
rhiaro ... however it's challenging for the hub to reduce the html minus specific items, can't do it at the json level
#
rhiaro tantek: it could
#
rhiaro aaronpk: no
#
rhiaro ... it has to send html if the topic is that
#
rhiaro ... It's a lot more work
#
rhiaro ben_thatmustbeme: extensions for how to handle certain content types in smarter ways
#
wilkie the publisher would do that, not a hub?
#
rhiaro tantek, julien: subscriber has the same code no matter what
#
rhiaro aaronpk: maybe that's the way to word it
#
rhiaro ... If the hub is going to manipulate the contents, it must do so in a way that the subscriber does not have to change its behaviour
#
rhiaro sandro: if the subscriber in the subscriptionr equest could say trim feeds yes/no/don't care
#
rhiaro ... Can we add that?
#
rhiaro tantek: trying to add more features?
#
rhiaro julien: adds complexity
#
rhiaro ... Doesn't matter if the hub sends a full or truncated version
#
rhiaro ... as long as it does it in a subset way
#
rhiaro sandro: if I get an html page I din't know it has hentries on it, but the hub knows that and trims it, but I don't know it has h-entry, I'm screwed
#
rhiaro julien: yeah. Subscribers SHOULD NOT care wehther the feed is truncated or full. For RSS and Atom
#
rhiaro aaronpk: subscribers should not make any assumptions about whether the feed has been truncated or not
#
rhiaro tantek: reducing the scope to two specific content types
#
sandro -1 to triming HTML h-entry
#
rhiaro aaronpk: yes
#
sandro because it would screw up HTML without me knowing it
#
tantek q?
#
Zakim sees rhiaro, tantek on the speaker queue
#
wilkie subscribers would just parse it and pull out anything it sees that's new
#
tantek sandro - sounds reasonable
#
rhiaro ... The only potential situation where we may want to reconsider the feature is with AS2 feeds because they are intended to work like RSS/Atom feeds, only json
#
rhiaro sandro: we could do an at risk thing around as2 and get some experience
#
rhiaro aaronpk: An AS2 object has the same content type as a Collection
#
rhiaro julien: don't include it
#
rhiaro ... only RSS/Atom
#
rhiaro aaronpk: just saying AS2 this is probably going to come up again
#
rhiaro julien: RSS/Atom are not a good role model, do not mimic them
#
rhiaro eprodrom: just document existing practice where people send entries, and don't recomend it for other mime types
#
rhiaro ... I think that's fine
#
rhiaro sandro: maybe a sentence about a patch based extension some day
#
rhiaro various: no
#
rhiaro sandro: to head off all the comments
#
rhiaro julien: I can see how we might have comments but it's the opposite of a good idea, it adds so much complexity
#
rhiaro eprodrom: It in no way makes up for the bandwidth
#
rhiaro sandro: where do we say we've thought about it and that it's a bad idea
#
rhiaro ben_thatmustbeme: we can say we included it for legacy reasons, but don't do it for other content types
#
rhiaro ... in a note
#
cwebber2 wonders how much time spent on diffing topic
#
rhiaro aaronpk: we're going to describe what RSS/Atom are doing for fat pings, describing actual thigns people may be receiving, and say they are there for legacy reasons and say you must not modify the topic URL for any other content types
#
rhiaro ... Hub should never modify it
#
rhiaro ... and subscriber sshould never assume it's truncated or not
#
tantek q?
#
Zakim sees rhiaro, tantek on the speaker queue
#
sandro where "should" should be "must"
#
tantek ack tantek
#
Zakim tantek, you wanted to mention implementations of specific subset items vs at-risk for anything else
#
Zakim sees rhiaro on the speaker queue
#
ben_thatmustbeme scribenick: ben_thatmustbeme
#
tantek ack rhiaro
#
Zakim rhiaro, you wanted to say evidence of wide review
#
Zakim sees no one on the speaker queue
#
ben_thatmustbeme rhiaro: one of the things for getting to CR is we need evidence of getting wide-review
#
ben_thatmustbeme ... we need to count the number of issues from outsiders
#
ben_thatmustbeme ... i've done a lot of this after the fact, and its easier to do it now
#
ben_thatmustbeme tantek: to that i would add that we should start the wiki page for that
#
tantek the CR transition wiki page for PubSub
#
ben_thatmustbeme rhiaro: activitypub has a really good wiki page for that, that might bne good to copy
#
ben_thatmustbeme ... it would be good to start capturing those now so we don't lose track of any of them
#
sandro The group is clearly RESOLVED even though Tantek doesn't want it on the record as a RESOLUTION. Aaron has now documented it at https://github.com/w3c/pubsub/issues/27
#
ben_thatmustbeme <ben_thatmustbeme> sandro++
#
sandro RRSAgent, pointer
#
RRSAgent See http://www.w3.org/2016/11/17-social-irc#T19-35-40
#
ben_thatmustbeme tantek: this means we can go to outside groups and get them looking at the groups
#
sandro For RSS and Atom, we will add a sentence like 0.3 had, describing how to deliver partial feeds with only the new items.
#
sandro For other content types, the hub MUST NOT modify the document that it retrieved from the topic URL.
#
ben_thatmustbeme rhiaro: we need to find all the review from other groups and get those links together at least
#
tantek RESOLVED: aaronpk's proposal as documented at the comment https://github.com/w3c/pubsub/issues/27#issuecomment-261345764 (and as copy/pasted above by sandro)
#
ben_thatmustbeme tantek: note that this is in the IRC, and if that comment changes, they can see it there
#
ben_thatmustbeme discussion of getting reviews from other groups
#
ben_thatmustbeme rhiaro: i asked internationalization for review of the spec, we haven't done others yet
#
ben_thatmustbeme rhiaro: i can send the emails to accessibility and security
#
ben_thatmustbeme tantek: i think that brings us to the last big issue for pubsub
#
tantek https://github.com/w3c/pubsub/issues/10
#
tantek https://www.w3.org/wiki/Socialwg/push-name
#
ben_thatmustbeme groans
#
tantek q?
#
Zakim sees no one on the speaker queue
#
ben_thatmustbeme tantek: last time we had no concensus
#
ben_thatmustbeme ... would anyone like to choose a name to advocate?
#
ben_thatmustbeme rhiaro: hubbub? it was a joke before but now i kinda like it
#
eprodrom https://gist.github.com/evanp/4b0ad60266fca915c54aa3e2310d79e4
#
ben_thatmustbeme aaronpk: what was the original problem with pubsubhubbub?
#
ben_thatmustbeme julien: it sounds like a joke, its hard to pronounce
#
ben_thatmustbeme ... it kind of was a joke
#
wilkie I like hubbub. it has grown on me immensely. or just keeping it PuSH. anything but pubsub lol
#
ben_thatmustbeme aaronpk: thats obviously totally valid criticism
#
cwebber2 I'm ok with a change but I can live with pubsubhubbub :)
#
ben_thatmustbeme julien: i can live with anything at this point
#
cwebber2 pshh
#
ben_thatmustbeme rhiaro: typing pubsubhubbub or PuSH are both horrible to minute
#
ben_thatmustbeme aaronpk: i agree with the points that have been brought up against pubsub
#
cwebber2 notes that we also have a spec named "activitystreams"
KevinMarks joined the channel
#
cwebber2 opens the bikeshed vortex
#
wilkie hi rhiaro. can you unmute the room? I'm now 99% convinced it isn't my fault. could be wrong.
#
cwebber2 wilkie, on appear.in?
#
ben_thatmustbeme aaronpk: we can drop things that are have multiple people against
#
eprodrom Unfortunately I have to step away for 1h
#
wilkie cwebber2, yeah. is it working for you? what I am doing wrong.
#
cwebber2 wilkie, I found it was muted too
#
cwebber2 wilkie I moved to calling in directly to aaronpk's phone
#
wilkie ah
#
cwebber2 wilkie good to know it wasn't just me, sad to know we don't have an answer setup then
#
cwebber2 aaronpk ^^^
#
aaronpk oh yeah sorry. i can try calling into the conference line
KevinMarks2 joined the channel
#
cwebber2 q+
#
Zakim sees cwebber on the speaker queue
#
eprodrom tantek: unfortunately I have to step away until after 4
#
aaronpk i can't find the conference number, hang on
#
aaronpk found it
#
aaronpk sorry cwebber2 sandro is starting the meeting
#
cwebber2 hm, doesn't seem to be letting me in
#
cwebber2 ah
#
aaronpk i didn't realize it wasn't always active
#
aaronpk cwebber2, i'm in now
#
ben_thatmustbeme <ben_thatmustbeme>
#
ben_thatmustbeme <ben_thatmustbeme> +1 to any item not crossed out on the board
#
cwebber2 wilkie, btw, not sure you noticed ^^^
#
cwebber2 wilkie, you can dial in
#
wilkie yeah, I'm on the call now
#
wilkie working great
#
cwebber2 just in time to hear naming bikeshedathon :)
#
wilkie thanks
#
KevinMarks2 Hm, I'm late here, but didn't as1 solve pagination of a list of items with the subset expressed?
#
aaronpk what issue is that about?
#
KevinMarks2 The discussion of feeds of items in pubsub
#
aaronpk oh, sure, but it's a new feature from the perspective of PubSub and we are trying to not add new features if possible
#
wilkie I think PuSH just needs to operate at the item level and not the feed level and that "fat pings" are just the sending of multiple yet distinct entries instead of trying to syndicate a feed which is apparently impractical/unnecessary
#
wilkie so maybe that's an extension
#
ben_thatmustbeme tantek: i've udpated the wiki page with candidates and rejected
#
cwebber2 I don't really care anymore :)
#
cwebber2 pick a name!
#
ben_thatmustbeme tantek: we are agreeing to reject all those others and we are not going to revisit those
#
wilkie I like hubbub. it sounds reasonably ambiguous and apolitical
#
wilkie anything but pubsub
#
ben_thatmustbeme ... we will choose from those 3 or any new ones
#
ben_thatmustbeme as we enter our second hour of discussion on the name
julien and KevinMarks joined the channel
#
cwebber2 is it time to bring out my dice
#
cwebber2 we can narrow this down fast with some dice rolls
#
ben_thatmustbeme PROPOSED: We reject all pre-exisitng names before today, and we will pick from between WebSub, WebSubscribe, and WebFollow barring any new better names
#
julien WebSubscribe++
#
Loqi websubscribe has 1 karma
#
tantek +1
#
julien +1
#
rhiaro +1
#
aaronpk +1
#
sandro +1
#
wilkie +1
#
cwebber2 +1
#
mattl +1
#
ben_thatmustbeme RESOLVED: We reject all pre-exisitng names before today, and we will pick from between WebSub, WebSubscribe, and WebFollow barring any new better names
#
ben_thatmustbeme PROPOSED: add aaronpk as a co-editor for PubSubHubbub / PubSub / whatever we name it
#
ben_thatmustbeme <ben_thatmustbeme> +1
#
rhiaro +1
#
aaronpk +1
#
ben_thatmustbeme RESOLVED: add aaronpk as a co-editor for PubSubHubbub / PubSub / whatever we name it
#
ben_thatmustbeme tantek: i'm not hearing any objections
#
ben_thatmustbeme ... could you prepare a new WD?
#
ben_thatmustbeme aaronpk: i think after we get through the stuff we discussed today, I publish a new WD
#
ben_thatmustbeme julien: i can probably get the changes proposed done for next tuesday which will then be available to publish a new WD
#
aaronpk http://pin13.net/echidna/
#
ben_thatmustbeme tantek: we should resolve the new name before we publish the new WD
#
ben_thatmustbeme TOPIC: break until 3:45
#
swwg_laptop_ https://docs.google.com/document/d/1gfCzLKbH8iVT1MviEU_5Mcgh-OdBtllp5bKZUcgOfuA/edit
#
cwebber2 pubsubdubstep
#
cwebber2 I said I wanted to go after micropub
#
sandro do you still?
#
cwebber2 I don't care really now
#
ben_thatmustbeme scribenick: ben_thatmustbeme
#
ben_thatmustbeme TOPIC: micropub
#
sandro scribenick: sandro
#
sandro tantek: test suite status?
#
aaronpk https://micropub.rocks/reports
#
sandro aaronpk: It covers every feature
#
sandro .. of servers
#
sandro .. you could test clients
#
sandro tantek: do you have a plan?
#
sandro .. for testing clients
#
sandro aaronpk: I have a rough outline, in an issue
#
sandro tantek: timeline?
#
sandro aaronpk: I've let this sit while working on pubsub
#
sandro tantek: getting to CR seems like the priority
#
sandro tantek: implementation report templates set up, etc
#
sandro aaronpk: I'd like it to be automatic
#
sandro aaronpk: but that's an additional step
#
ben_thatmustbeme q+
#
Zakim sees cwebber, ben_thatmustbeme on the speaker queue
#
sandro .. I could make a manual checklist quickly
#
sandro sandro: why get to CR quickly
#
sandro sandro: I suggest we have the test suite in nice shape before we outreach to existing imeplentations
#
tantek q?
#
Zakim sees cwebber, ben_thatmustbeme on the speaker queue
#
tantek ack cw
#
Zakim sees ben_thatmustbeme on the speaker queue
#
cwebber2 oops
#
cwebber2 q-
#
Zakim sees ben_thatmustbeme on the speaker queue
#
sandro .. make the story be "There's finally a test suite! Try it!" No need to even read the spec.
#
tantek ack ben_thatmustbeme
#
Zakim sees no one on the speaker queue
#
sandro ben_thatmustbeme: Do we have an impl report for mp that's not in the test suite?
#
sandro aaronpk: If you go to the site you can see what everyeone's done.
#
sandro ben_thatmustbeme: do we want one?
#
sandro sandro: *shrug*
#
sandro ben_thatmustbeme: if we have an offline one, a template, then people have more options
#
sandro aaronpk: I have to write it first anyway; I can publish it
#
tantek eprodrom returns
#
sandro aaronpk: I'll write pubsub impl template first, then finish test suite for pubsub, then finishih autmatic impl report submission for pubsub,
#
sandro .. THEN go backt o micropub and add client tests
#
sandro .. with impl report
#
sandro aaronpk: I'm moving soon
#
sandro .. so next week is out
#
sandro tantek: goal one - get pubsub to CR, maybe with a nice test system
#
sandro .. try by end of year
#
sandro .. so resolve CR within 19 days - by Dec 6)
#
sandro aaronpk: that's a bit of a stretch
#
sandro tantek: with publication Dec 15
#
sandro julien: Google has a hub, and WordPress has multiple hubs
#
sandro julien: AMP might be a way to show Google the value here
#
sandro julien: AMP has no distribution mechanism -- it's aggressive fetching
#
sandro tantek: google is crawling amp pages, and if they could subscribe, that could be good
#
sandro julien: because they're serving the cached content, they crawl often, like on average four times per day
#
KevinMarks Well, Google is crawling everything.
#
sandro tantek: I don't want to hold up for hub testing
#
sandro aaronpk: Yes, I'll focus on auto submission of consumer and producer tests.
#
sandro tantek: and they hub tests can be done during CR
#
sandro tantek: closer to pubsub CR in December?
#
tantek by Dec 6
#
sandro aaronpk: Yes. I can have this ready for users by Dec 15
#
sandro tantek: document edits too?
#
sandro aaronpk: yep
#
sandro tantek: pubsub to CR is priority. then micropub.
#
sandro aaronpk: then I can go back to hubs
#
sandro aaronpk: 1.5 - 2 weeks
#
sandro aaronpk: client test -- walks you through what you need to tell the client to do, and then knows on the server what's been done.
#
sandro sandro: sounds fun/compelling
#
sandro aaronpk: yes, check boxes are very motivating
#
sandro tantek: where are we on server tests?
#
sandro aaronpk: five implementation reports. four other than me.
#
sandro aaronpk: three outside wg
#
sandro aaronpk: interop : every feature has two or more implementations.
#
sandro .. everyone supports everything, except my server doesn't do alt text yet.
#
sandro tantek: any non-editorial issues raised?
#
sandro aaronpk: no
#
tantek https://github.com/w3c/Micropub/issues
#
sandro aaronpk: still waiting for response about alt-text from a11y group
#
tantek https://github.com/w3c/Micropub/issues/34
#
sandro tantek: Can you add to issue-34 what we just discussed about MP server implementations, and see if that spurs a response
#
sandro tantek: Our expectation is to exit CR on MP in January
#
sandro .. because we're there on the servers; don't yet know about the clients
#
sandro aaronpk: There are several clients, but I don't know if we have two that support editing
#
tantek q?
#
Zakim sees no one on the speaker queue
#
sandro topic: ActivityPub CR
#
sandro eprodrom: How are we on testing?
#
sandro cwebber2: I still need to write the test infrastructure
#
sandro .. or impl report template
#
sandro .. we just hit CR and I haven't done that stuff
#
sandro eprodrom: Are you planning to use activtypub.rocks/test for the testing?
#
sandro cwebber2: I might have folks download stuff and run things locally, but I like what Aaron's been doing,
#
sandro eprodrom: esp with automated implementation report
#
sandro eprodrom: so you're building that out. do you need any guidance?
#
tantek chair: eprodrom
#
sandro cwebber2: I think I just need to do it. If I need to, I'll reach out.
#
sandro .. I haven't started, so not sure
#
sandro eprodrom: test for clients and server?
#
sandro eprodrom: web based client
#
sandro aaronpk: my testing tool can't always tell if the right end result happened, so it asks the user, with a check box, like "Does the photo now appear...."
#
sandro .. the test tool becomes the consisten payload sent to the server, then have the human check the box, if you can't tell
#
sandro .. still very very helpful
#
sandro cwebber2: Okay, I'm planning to move forward, now that other things are cleared off
#
sandro eprodrom: implementation report template?
#
sandro cwebber2: yep, will do
#
sandro eprodrom: Outstanding issues?
#
sandro cwebber2: all editorial
#
cwebber2 https://github.com/w3c/activitypub/issues
KevinMarks joined the channel
#
sandro cwebber2: except for change tracking, which we said it out-of-scope, all of these are editorial
#
sandro cwebber2: I plan to handle them before CR
#
sandro s/CR/PR/
#
sandro eprodrom: Anything we can help with?
#
sandro cwebber2: could use clarification on questions from pump.io
#
sandro cwebber2: they're thinking of doing the re-write -- would that count as independent implementation?
#
sandro eprodrom: yes
#
sandro sandro: yes
#
ben_thatmustbeme thinks we should talk quietly so as not to wake tantek
#
sandro cwebber2: got a pile of things to do
#
sandro eprodrom: implementations?
#
sandro cwebber2: pubstrate is mine
#
sandro eprodrom: pump.io as a second one
#
rhiaro hackertribe
#
sandro cwebber2: someone said something, ... hackertribe
#
sandro .. dunno if they've started
#
sandro .. other than that, we also have Amy's work, and BenGo started something.
#
sandro .. those are what I know of
#
sandro .. I haven't started converting MediaGoblin
#
sandro sansdro: connection between MG and pubstrate?
#
csarven beep beep beep
#
sandro cwebber2: None. pubstrate is a clean codebase.
#
sandro sandro: what about gnusocial?
#
sandro cwebber2: I dunno
#
sandro eprodrom: Diaspora? Friendica?
#
KevinMarks Mastodon?
#
sandro cwebber2: Diaspora-- we had Jason Robinson for a while -- I think he lost some time, and was disappointed we didnt do signatures, but we did address some things, so they COULD implement them
#
sandro .. no commitment they will
#
sandro .. but I heard they were maybe doing their own stuff
#
sandro .. I got the impression they had gone a different direction
#
sandro eprodrom: one way to find out!
#
KevinMarks Mastodon.social interoperates with gnu social
#
sandro cwebber2: yes, worth a try, I'll reach out
#
KevinMarks And supports pubsubhubbub
#
sandro eprodrom: wordpress, other publication apps
#
sandro cwebber2: gitlab maybe
#
rhiaro cwebber2: mattl is in the WG and works for gitlab. He was here earlier but just left
#
sandro sandro: (mastadon.social)
#
sandro cwebber2: Great, I'll do some outreach!
#
sandro eprodrom: timing?
#
sandro eprodrom: to implementations of each feature.... pubstrate + pump.io ...
#
sandro strugee,
#
sandro cwebber2: strugee sounds energized to run with it in pump.io
#
sandro eprodrom: think we'll have the testing system up in a couple weeks?
#
KevinMarks You typoed it, sandro
#
sandro cwebber2: that would be nice. I also have some contracting work.
#
sandro what, KevinMarks ? you can s/// fix it
#
sandro cwebber2: a couple weeks is probably over optimistic, but I'll try
#
sandro cwebber2: January for AP CR-exit, not impossible, but I wouldn't give a confident commitment.
#
ben_thatmustbeme rhiaro, by the way, amy.social is available
#
sandro .. the whole gammut probably by the end of January, but probably not the beginning of January
#
sandro cwebber2: I think February is feasible
#
rhiaro amy.anti.social
#
sandro eprodrom: that's it for AP, and we're done for the day
#
sandro rhiaro: We've all been invited to an art party thing after dinner
#
wilkie but what do we call dinner?
#
aaronpk PubSubYumYum
#
KevinMarks s/mastadon/mastodon/
#
wilkie aaronpk++
#
Loqi aaronpk has 69 karma in this channel (1141 overall)
#
wilkie anything but PubSub
#
tantek time for YumYum
#
wilkie enjoy
#
sandro rhiaro: dinner at VeggieGalaxy, then people can hop on T to party or wherever
#
KevinMarks I was going to suggest "flowpast" as a pubsubhubbub name, but looks like Google expired the domain on me
#
strugee eprodrom btw, since you're here - heard recently from cwebber2 that you were intending to be part of the AP implementation in pump.io, is that still accurate? I started work on it yesterday but can hold off if you want...
#
cwebber2 strugee: eprodrom said he'd stay out of your way so it can be an independent implementation :)
#
strugee excellent. I read some of the log but must have missed that part
#
cwebber2 eprodrom might have just said it on the call :)
#
sandro strugee, eprodrom says: "please thunder forward as fast as you can!"
#
sandro (reading over my shoulder)
#
strugee hahahahaha
#
Loqi nice
#
strugee I LOVE it
#
strugee eprodrom++
#
Loqi eprodrom has 41 karma in this channel (42 overall)
jasnell and jasnell_ joined the channel