#social 2017-07-20
2017-07-20 UTC
# saranix seeing those actual example jsons really helps. I started writing up a followup example that adds to the issue... have to take a food break though
timbl and xmpp-social joined the channel
# @angusscown @michaelneale Hopefully better when the work to pull in the w3c standards is finished https://www.w3.org/TR/social-web-protocols/ (twitter.com/_/status/887958420187369474)
KjetilK joined the channel
tantek joined the channel
# saranix jaywink: the most desirable advantage of ldsig is the embed capability, so that sigs can be verified without fetch
dlongley joined the channel
# ben_thatmustbeme looks at conversation backlog, blinks, and walks away
# tantek saranix: we've discussed the use and (non)-requirement of tools at W3C in the past, and I wanted to bring back some work on that for your review and further input. Here's an ongoing wiki page listing various tools in use at W3C in various degrees: https://www.w3.org/wiki/AB/Tooling
# tantek just added: https://www.w3.org/wiki/AB/Tooling#CG_tools
timbl joined the channel
# saranix tantek: thx I'll check it out
# xmpp-social [ajordan] tantek: in theory everyone has access but I believe a number of people have run into problems similar to the ones I had a couple months ago
# saranix is the create account thing fixed yet?
# tantek regarding the previous "Follow" button conversation, there's a bunch of documented research here: https://indieweb.org/follow
# xmpp-social [ajordan] tantek: yeah it's unclear as to whether it's a problem with ACLs or just the wiki not handling "interesting" passwords. I've suggested a couple things to them, including asking in #sysreq if the rest doesn't work, but I don't know if they ever followed up
# xmpp-social [ajordan] Lol yeah I started with 128 characters with special characters, and kept trying to see if I could reduce it just a *bit*
# xmpp-social [ajordan] But ended up with 16, no special chars :P
# xmpp-social [ajordan] Hahahaha
# xmpp-social [ajordan] Re: Facebook, yeah they're different
# xmpp-social [ajordan] I've never really understood it
tantek joined the channel
# saranix many systems have discrete permissions for each.
# saranix I would go so far as to even say it's common.
# xmpp-social [ajordan] cwebber2: I also don't think we have time to iterate if we went with what Evan suggested
# xmpp-social [ajordan] When I looked at that part of the spec it looked more like a framework for modeling stuff to me tbh
# xmpp-social [ajordan] So I think we'd need to add a bunch of normative text for exactly how to do this and I don't think we'd get it right
# xmpp-social [ajordan] Yeah me too
# xmpp-social [ajordan] Plus there's the problem with having two separate mechanisms as you mentioned on GitHub
# saranix 2 mechanisms?
# xmpp-social [ajordan] Define "this"?
# xmpp-social [ajordan] The accept/reject route?
# xmpp-social [ajordan] Right
# xmpp-social [ajordan] Brb, rebooting my phone
# saranix under security I explained why it can't be *required* it forces an insecure mode
# saranix it's a reflective attack. I explained in the etherpad
# saranix more importantly, it's not a big deal for the UI to show that an accept/reject was never received. it's a UX issue and should definitely not be normative in the spec
# saranix yeah 245 addresses
# saranix probably is general
# xmpp-social [ajordan] cwebber2: I can plan on PR'ing that soon
# saranix \o/ test suite!
# saranix I read it once, I probably forgot 90% of it ;-)
# xmpp-social [ajordan] https://github.com/w3c/activitypub/issues/245#issuecomment-316755274 thoughts?
# xmpp-social [ajordan] I'm about to get on a plane too
# xmpp-social [ajordan] ?
# xmpp-social [ajordan] Good luck with the test suite btw!
# xmpp-social [ajordan] Sure thing!
# ben_thatmustbeme i think thing that is really a DoS issue at all for those
# ben_thatmustbeme oh i see, if attacker sends a friend request pretending to be another server
# ben_thatmustbeme i mean, it is an issue, but at least it doesn't fan out
# ben_thatmustbeme for what?
# ben_thatmustbeme faked source?
# saranix technically I think nearly every software currently deployed is susceptible to the client overload thing... i.e. no one rate limits
# xmpp-social [ajordan] ben_thatmustbeme: it's a confused deputy attack
# xmpp-social [ajordan] In this case the "deputy" is the malicious user's server and it's a problem because said user can get the "deputy" blacklisted on other instances
# xmpp-social [ajordan] So it's a DoS problem _for the deputy_
# ben_thatmustbeme ah, so its really a C2S rate limit issue, basically
# xmpp-social [ajordan] cwebber2: yes, that's what I'm saying
# ben_thatmustbeme but thats also not necessarily a bad thing, just a super busy user, look at all the twitter bots that automatically tweet, etc
# xmpp-social [ajordan] Right but I mean if you're generating thousands per second
# ben_thatmustbeme yeah, its more likley going to be a problem for the server they are connecting too
# ben_thatmustbeme more than a problem for the other server
# xmpp-social [ajordan] Lol yes that's my point
# ben_thatmustbeme so its entirely just "rate limit C2S"
# ben_thatmustbeme confused deputy (which is about privledge escalation, not this) has nothing to do with it
# xmpp-social [ajordan] You need C2S rate limiting to a) avoid being overloaded yourself and b) to avoid overloading others so much that you trigger their S2S DoS protection
# xmpp-social [ajordan] When I said "confused deputy" I meant b) although you're right that it's not a perfect description
# ben_thatmustbeme well, no, b) is false
# xmpp-social [ajordan] ?
# ben_thatmustbeme i mean, yes, you want to rate limit S2S recieiving
# ben_thatmustbeme but saying you have to watch S2S sending is rediculous
# ben_thatmustbeme since you should be limiting at c2s
# ben_thatmustbeme and if you are sending that much, you should be blocked, as you are not rate limiting c2s
# ben_thatmustbeme if you rate limit s2s sending, you are going to have really bad UI, sorry, i can't send your friend request now, as i am talking to (other popular server) too much right now
# saranix just throwing this out there: one way to do UX this is like cloud providers do with email-- you can only send x/hr as a new user unless you explain usecase to admin
# xmpp-social [ajordan] ben_thatmustbeme: we're in agreement
# xmpp-social [ajordan] C2S rate limiting solves b)
# xmpp-social [ajordan] And that's what I was proposing
# xmpp-social [ajordan] C2S only
# xmpp-social [ajordan] I was only pointing out the problem
# ben_thatmustbeme the two parts are rate limit c2s (receiving) in case of bad clients, and rate limit s2s (receiving) in case of bad servers
# xmpp-social [ajordan] Yes
# xmpp-social [ajordan] Agreed
# ben_thatmustbeme arguably someone could just create thousands upon thousands of accounts on on system and then use multiple accounts to do the same, but thats also sort of outside of the spec of the scope
# ben_thatmustbeme scope of the spec *
# xmpp-social [ajordan] Lol
# ben_thatmustbeme saranix, thats sort of tangental though, spec shouldn't define UX
# saranix no, just throwing it out there
# ben_thatmustbeme that is certainly a possibility though
tantek joined the channel
# jaywink saranix: "the most desirable advantage of ldsig is the embed capability, so that sigs can be verified without fetch" <--- I would say the most desirable feature is verifying content :) But anyway, the point was, to bring something difficult into the spec, we might have to stop at some point. Simple is better than complex. I just feel the whole signatures discussion is taken on a way too complex path. Or
# saranix jaywink: "the most desirable feature is verifying content" <-- yes but ld-sigs allows embedding foreign objects, that's the advantage over say http-sigs
# saranix but it is starting to look a little bit like verifying foreign content is a fairytale of sorts
# saranix I'm doing work on both fronts-- writing up the issues involved, and also a possible breakage scenario that I thought up, but I have to work through the json to see if it's true
# saranix you'd really be blown away by zot connection perms then :-P
# saranix hubzilla can handle every combination mentioned so far, and 1000's more, you should really check it out
# saranix some say
# saranix I don't think so
# saranix depends if you're a "nerd" I guess
# saranix yeah... mac users will not be happy, linux users love it :-)
# tantek cwebber2: I dunno either (from a which UX is more desirable perspective), hence I'm trying to document (and ask for help documenting) the various existing models which have clearly been through some user-feedback/iteration and thus are worth seriously considering supporting with any protocol
# jaywink for Socialhome I'm anyway going to implement contact lists which can be used for targeting private posts. Similar to aspects, but without the requirement of following the person you want to post to. In this case, in AP, it wouldn't be the followers list at all, but just a list of people. I think it makes more sense because sometimes you might want to post only to for example colleagues, sometimes friends,
# saranix
{type: Follow, object: { type:Collection, name:PrivateCollection } }
--- Reject/Accept# saranix jaywink: I think that's what it says too
# saranix I don't think it's an issue
# saranix different implementations will be detectable from what's present in their requests
# saranix jaywink: agreed
# tantek cwebber2: attempts at documenting a few "private account" variants here: https://indieweb.org/private_account
# saranix only helpful if you document ALL variants and make sure you don't miss any
# jaywink cwebber2: I don't see a need for accept/Reject on a follow at all for my use cases, but I understand if someone does. Though currently I'm unsure how this would be different from a Friend request in AP. A friend request (in FB for example) is a special symmetrical relationship that grants special rights for both parties when accepted. A follow, even if accepted, to me just makes the other person follow
# saranix and really, I think the expansive example in the AS2 spec is plenty
# saranix I've already made several changes in my app i'm building based on these discussions (well not the follow one, but others in the channel)
# saranix but I've spent about 10 times as much time on IRC as I have coding :(
# saranix tantek: not if you replace a standard that works for some uses cases that is then left out after you make changes because you missed it in your research
tantek, timbl and MMN-o joined the channel