#social 2017-07-21

2017-07-21 UTC
#
Loqi
[strugee] #250 Add DoS notes to Security Considerations
#
ajordan
ben_thatmustbeme: you're cc'd to make sure I got the wording on this right :)
#
saranix
it might be more clear to first-timers if it says "denial-of-service/spam"
#
saranix
lol a quote from the hubzilla support channel "We keep this stuff hidden behind a curtain because a lot of folks can't handle this level of control and run away screaming that they aren't smart enough to use this software. But once you've peeked behind the curtain you'll realise that anything is possible."
xmpp-social and timbl joined the channel
#
puckipedia
okay so my testing implementation of JSON-LD compacting isn't quite optimal
#
puckipedia
somehow it's translating published into as:published, and then can't find the type for it in the data
#
saranix
I don't think the doc served from https://www.w3.org/ns/activitystreams is properly formed namespace doc
#
Loqi
[Amy Guy] ActivityStreams 2.0 Terms
#
puckipedia
it is, you need to add accept: application/ld+json
#
saranix
I mean it doesn't look like other json ns docs
#
saranix
it seems like it's half-missing stuff
#
puckipedia
it's valid JSON-LD context
#
puckipedia
okay, I fixed the JSON-LD compacting!
#
saranix
how?
#
puckipedia
well, there were a few bugs
#
puckipedia
like it not compacting ID values properly etc
#
Loqi
[msporny] > It seems like something that users will bump into independently though, and perhaps we should have a way to advise them. Hey @cwebber, thanks for logging the issue. You're right, we should track this somewhere. I'm a bit pressed for time, so thi...
#
cwebber2
two interesting comments on there from Manu
#
saranix
versioning of objects in AP, a whole other can of worms we haven't really dealt with yet
#
cwebber2
but I don't think the current version of AP is really built for it
#
puckipedia
cwebber2: I guess if you add a 'pointer' to Create/Update/Delete it would work
#
puckipedia
and add a Pointer type, which just has an 'object' property?
#
cwebber2
puckipedia: yes, if we had a Pointer type it could be done.
#
cwebber2
puckipedia: but... I think we don't have expectations in AP that a pointer is dereferenced
#
puckipedia
well, I mean, it won't work natively with current ActivityPub, of course...
#
puckipedia
but it wouldn't be too hard to add an extension
#
cwebber2
right, though a lot of AP implementations might not know what to do with that Pointer
#
cwebber2
I suppose that's true with any added object
#
cwebber2
I haven't spent enough time thinking about it though
#
cwebber2
it's a rabbit hole I'd love to go down, but alas, not enough time yet
#
cwebber2
anyway, on that note, I think we're going to within the time frame we have left in the group be happy with getting http signatures working interoperably between servers, but LDS will remain an exploration space
#
cwebber2
http signatures is simple enough and it already seems to be rolling out, but advising people on database storage approaches to retain signed objects is trickier
#
cwebber2
I guess it would be a challenge Linked Data or not, just having signatures on objects that are broken apart and reconstructed, especially when they may mutate
#
cwebber2
may be a challenge
#
cwebber2
I need to read it
#
cwebber2
there's conversation happening in #json-ld about this very issue on freenode, independent of our conversation it turns out :)
#
puckipedia
I think framing might work
#
puckipedia
and it can even do specific properties (like saranix wants :P)
#
jaywink
cwebber2, wasn't there cases http signs doesn't solve? Why include something in spec if it leaves some gaps?
#
cwebber2
jaywink: the author being on different "domains" than the content they produce case
#
cwebber2
and the forwarding case
#
jaywink
also it does cause lots of verify lookups
#
jaywink
Which is ineffective really
#
cwebber2
so we could frame things maybe
#
jaywink
What forwarding case?
#
cwebber2
jaywink: the ol' I reply to a comment you made to your followers, and you forward it to your followers list (that I can't access) one
#
jaywink
The followers just verify it from source?
#
cwebber2
jaywink: that's what I'm saying, they can't and that's where LDS does fill a gap
#
jaywink
If forwarding doesn't work, AP will be as broken as OStatus
#
cwebber2
it won't work in a private case
#
jaywink
But I don't see how http signs doesn't work for forwarding
#
jaywink
Oh hmm
#
puckipedia
who would it be forwarded for?
#
cwebber2
in public cases, you'll still get it
#
jaywink
That would sucker a lot. OStatus creates broken discussions.
#
cwebber2
puckipedia: I post a comment to my list about some flowers, jaywink says "nice flowers" but can't access my followers, so my server forwards jaywink's reply to my followers
#
cwebber2
flowers and followers, I should have used less similar-looking words in that sentence :)
#
cwebber2
jaywink: how does diaspora deal with this problem btw?
#
cwebber2
specifically
#
puckipedia
isn't every message signed?
#
cwebber2
puckipedia: yes, I'm asking how they do the storage and reconstruction part
#
cwebber2
also if the object mutates
#
ben_thatmustbeme
oh cwebber2, btw, mattl said he sent you a PR for what he does for work now
#
ben_thatmustbeme
for mediagoblin that is
#
cwebber2
(... is this going to be about the monkey movie?)
#
ben_thatmustbeme
i don't know, i didn't see it
#
ben_thatmustbeme
he did say it was like 5-6 years out of date
#
jaywink
It's going to be sad if we can't make this functional. AP should last for a long time and fix problems. I mean this all works in Diaspora protocol without problems. I still don't see all the problems with lds but I must admit I haven't hacked on AP yet. If it was only used to sign an object and remotes always verified from the remote - I don't see what problems there would be?
#
cwebber2
jaywink: I'm specifically asking what diaspora does about the reconstructing a signed object, where the object mutated since the signature, question
#
cwebber2
does the object, when reconstructed from the database, simply have a broken signature?
#
jaywink
Sorry on mobile
#
jaywink
So basically a local object can always be signed even without storing the signature, eight?
#
jaywink
Right?
#
cwebber2
right, a local object can
#
jaywink
A remote object you just fetch to get a fresh signature
#
cwebber2
oh I see
#
cwebber2
so you basically update the signatures of both when you get them
#
cwebber2
that makes sense.
#
cwebber2
except...
#
jaywink
Well, that is implementation details. Signing is used for delivery and when someone asks for something
#
cwebber2
jaywink: when an object changes, don't all objects that reference it now need to update their signatures?
#
cwebber2
jaywink: querying which objects now need to update their signatures on every update seems like it might take some effort; maybe it needs to be done lazily
#
cwebber2
unless local objects always regen signatures dynamically
#
cwebber2
but that seems a bit expensive
#
cwebber2
you could cache it though
#
jaywink
Why would they need to update them? They already have the object. If the author delivers a new version, it will be signed again
#
cwebber2
jaywink: this may be related to the json approach of nesting
#
jaywink
Each update is verified on receive. If you want an object you don't have, you fetch it
#
cwebber2
{local-Like {remote-Note}} right?
#
cwebber2
and now you get {remote-Update {remote-Note}}
#
cwebber2
the signature on your {local-Like {remote-Note}} is broken now unless it's done again
#
cwebber2
that's all I'm saying.
#
jaywink
Well, nesting is what makes things tricky for AP. But if you only sign the objects you own, wouldn't that make it clearer?
#
puckipedia
so not signing embedded objects?
#
jaywink
That seems to be the problem
#
cwebber2
puckipedia: though as Manu points out, not signing the embedded object creates its own challenges
#
puckipedia
like, if user A likes an object B, and user B updates object B, that like is still valid?
#
cwebber2
it depends on whether or not you want to verify that you saw it
#
jaywink
Tbh, as a reader, why should I trust a remote object embedded in your content you signed anyway?
#
puckipedia
good point
#
cwebber2
jaywink: because the remote object is signed by the remote? :)
#
puckipedia
but it's about verifying that that like was for a specific version
#
jaywink
So you verify two signatures anyway?
#
cwebber2
right, you're verifying that you liked a specific revision I guess
#
cwebber2
I think we can make it work anyway
#
cwebber2
and we can even recommend LDS
#
jaywink
Versioning is tricky. Is it under requirement of AP?
#
cwebber2
jaywink: I'm not saying we actualy store different revisions
#
cwebber2
I don't think that's what puckipedia meant either
#
jaywink
Seems like a. In or case in social media, but only speaking for cases I know of
#
puckipedia
well, a bit
#
cwebber2
just that what you signed was "this is what it looked like when I saw it"
#
jaywink
But having likes disappear due to an edit would be highly confusing 5o any user
#
cwebber2
yes that was my point :)
#
jaywink
I would think it's a bug
#
cwebber2
look, all I'm saying
#
puckipedia
so. how about this
#
cwebber2
is that I'm confident that we can get AP implementations interoperably using HTTP Signatures by the time we hit Rec
#
puckipedia
objects are signed by themselves, and delivery is done with a signature over the entire thing
#
cwebber2
and I'd like to think the same of LDS but I'm not totally sure it will happen
#
jaywink
But http signs won't allow better participation in private conversation than OStatus?
#
cwebber2
jaywink: not for the forwards, it will for non-forwards
#
puckipedia
jaywink: the better private conversations is the audience
#
cwebber2
jaywink: look, I'm agreeing with you that I want it
#
cwebber2
I'm just saying I'm not totally sure it'll be sorted by then... but maybe it will, I dunno :)
#
cwebber2
I also need to get back to the test suite ;)
#
jaywink
Not that I care about private conversations, I just think it's a huge use case ?
#
cwebber2
I care about private conversations
#
cwebber2
and private conversations that don't use collections
#
cwebber2
will work great
#
puckipedia
. o O ( what if Twitter suddenly implemented ActivityPub? )
#
cwebber2
puckipedia: that would be a hell of a thing, but I think they have 0 interest in breaking their monopoly probably
#
cwebber2
we're more likely to see maybe Google take interest
#
cwebber2
is anyone talking to them? not me :)
#
cwebber2
scanned through the framing document
#
cwebber2
it seems like it would be helpful for moving from quads/triples to json-ld cleanly, and even could be used (with some overhead) to "capture" the structure of the signed object being stored. but I think as Manu pointed out, you'd still want to hash the object basically...
#
cwebber2
it seems like more overhead than I'd want to solve this though for my own system
#
jaywink
everything is very complex in this channel :) more KISS :)
#
cwebber2
I'm tryin'
#
jaywink
I'm just babbling but have basically no time to give any input how it could work, except to highlight how it works, really simply, in the diaspora protocol. I don't see AP that different. The difference is that AP has no constraints, so people can think it as complex as they want.
#
jaywink
(well it has constraints, but less :))
#
jaywink
the worst thing that could happen, IMHO, is that the spec stays the same regarding s2s delivery. IMHO http sigs or preferably ldsigs MUST be recommended as the way to go. Otherwise servers will implement one or the other and then we just create more silos
#
jaywink
this is also the number one negative thing about AP I keep reading all the time - not defining how to verify content
#
jaywink
this criticism comes from d*/friendica/hubzilla sides
#
jaywink
getting http sigs as a "way to go" would surely be a great thing compared to the current situation
#
cwebber2
jaywink: well you know my feelings on the matter :)
#
cwebber2
jaywink: anyway I agree with those criticisms
#
jaywink
even though it wont support everything very well. for example, Diaspora would not be able to switch and keep their features. Which is private messages delivered to "collections" (=aspects) where the receivers don't know who is in the aspects
#
jaywink
so, that use case would jsut not work in AP
#
jaywink
(but I'm not with Diaspora and have no idea whether they're even interested - just saying from feature point of view what is out there)
#
cwebber2
jaywink: hey, at the very least, we're at the closest we've ever been to people wanting signatures :)
#
jaywink
yeah ? and that need has come from realization that doing so would solve certain problems ;)
#
cwebber2
anyway, you and I have talked about this plenty, you know how I feel about it.
#
jaywink
brb food and stuff, back later
#
cwebber2
now, back to the test suite
timbl joined the channel
#
saranix
scraps db schema and starts over
#
saranix
I was going to store the whole object because that's how my old app does things, but for funsies I'm going to try decomposing and recomposing
#
cwebber2
hell. yes.
#
cwebber2
all activitypub client to server tests implemented
#
cwebber2
and working on my instance
#
puckipedia
do you have an online copy somewhere?
#
cwebber2
puckipedia: not yet, I want to test it against your server though
#
puckipedia
well, you know where it is :P
#
cwebber2
I'm gonna test it tomorrow :)
#
puckipedia
ah ok :P
#
cwebber2
or maybe in a few hours, but I need some slacking time
#
puckipedia
eh, I'd rather be awake at the time
#
cwebber2
puckipedia: will you be around tomorrow at all?
#
cwebber2
if not, I can do it now
#
cwebber2
er wait
#
cwebber2
I won't be :P
#
puckipedia
I will be there tomorrow
#
cwebber2
sunday?
#
puckipedia
well, it's saturday now
#
puckipedia
(00:43)
#
puckipedia
I will be probably around always
#
cwebber2
sorry puckipedia, I'm kinda outta energy
#
Loqi
awesome