IRC log of social on 2017-05-19

Timestamps are in UTC.

15:51:40 [RRSAgent]
RRSAgent has joined #social
15:51:40 [RRSAgent]
logging to http://www.w3.org/2017/05/19-social-irc
15:51:43 [Zakim]
Zakim has joined #social
15:51:48 [sandro]
RRSAgent, make logs public
15:53:04 [astronouth7303]
Sorry, first time on Mumble
15:53:23 [tantek]
tantek has joined #social
15:54:06 [geppy]
geppy has joined #social
15:55:53 [DenSchub]
i am /that guy/
15:55:54 [Loqi]
tantek: strugee left you a message 6 hours, 29 minutes ago: I seem to recall you mentioning a while back that Google still parses mf2 even though they've replaced their proprietary markup like 3 times. do you remember where that was from? not sure if it was on a web page or in this IRC channel. context: https://github.com/brentsimmons/JSONFeed/issues/20#issuecomment-302654477
15:55:54 [Loqi]
tantek: strugee left you a message 6 hours, 23 minutes ago: ignore ^^^ that; I was thinking of something aaronpk wrote :)
15:59:03 [MMN-work]
MMN-work has joined #social
16:00:01 [DenSchub]
http://wiki.mumble.info/wiki/Main_Page#Download_Mumble
16:00:06 [twryst]
twryst has joined #social
16:00:40 [tantek]
!tell strugee looks like you found your answer re: Google and microformats? They definitely still do parse microformats, question is where they are with parsing mf2, since they have unofficially made positive remarks about it for a few years, and may just be waiting for some measure of critical mass (which has accelerated in the past 2 years)
16:00:40 [Loqi]
Ok, I'll tell them that when I see them next
16:00:48 [tantek]
DenSchub++
16:00:48 [Loqi]
denschub has 1 karma
16:01:46 [knutsoned]
knutsoned has joined #social
16:01:59 [albino]
sandro: voice overs? what do you mean?
16:02:32 [sandro]
the app is always saying people are joining/leaving server and channel. on desktop you can turn it off, but not android, it seems.
16:03:09 [sandro]
RRSAgent, pointer?
16:03:09 [RRSAgent]
See http://www.w3.org/2017/05/19-social-irc#T16-03-09
16:03:44 [sandro]
scribenick: sandro
16:03:51 [MMN-work]
OSM:ing in parallell
16:04:09 [sandro]
chair: cwebber
16:04:15 [sandro]
topic: Introductions
16:04:20 [tantek]
This config screen reminds me of PPP
16:04:52 [tantek]
hey what's the Username
16:05:14 [aaronpk]
aaronpk: Aaron Parecki
16:05:16 [sandro]
cwebber2: Please join IRC
16:05:19 [MMN-work]
irc://irc.w3.org:6665/social
16:05:41 [tantek]
"Unable to validate server certificate".
16:05:57 [sandro]
aaronpk: co-chair of group, editor of some W3C specs in this space, MicroPub, Webmention, and co-editor of WebSub (aka PuSH)
16:06:02 [tantek]
whoa voice!
16:06:32 [evan]
evan has joined #social
16:06:47 [albino]
Hi, I'm albino and my mic isn't working :(
16:06:55 [aaronpk]
https://aaronpk.com
16:06:55 [saranix]
saranix has joined #social
16:06:56 [Loqi]
Aaron Parecki h
16:07:00 [albino]
I'll talk in ~15 minutes if we're lucky
16:07:10 [astronouth7303]
(no quiet spot) Jamie, independent, interested person.
16:07:15 [astronouth7303]
Good enough
16:07:45 [sandro]
Ben Roberts (Ben that must be me)
16:08:03 [ben_thatmustbeme]
ben_thatmustbeme: Ben Roberts, ben.thatmustbe.me
16:08:21 [sandro]
cwebber2: swwg, working on ActivityPub, a client-to-server and server-to-server, using AS2 as vocab
16:08:35 [DenSchub]
DenSchub: Dennis Schubert, http://schub.io, working on diaspora*
16:08:36 [tantek]
yay another Mozilla person! (nice not to be the only one :) )
16:08:42 [sandro]
denschub: at mozilla, but here in private role
16:09:01 [sandro]
evan: At InternetArchive, but here in private capacity as well
16:09:09 [geppy]
geppy (legal name Brian Geppert)
16:09:13 [knutsoned]
Ed Knutson
16:09:40 [sandro]
MMN-work: AS1.0 and GnuSocial
16:10:01 [sandro]
Rushyo: end-to-end encryption
16:10:08 [cwebber2]
scribenick: cwebber2
16:10:19 [DenSchub]
sandro hawk, works at the w3c, one of the group contacts
16:10:26 [DenSchub]
(scribing for him so he can talk ;))
16:10:32 [cwebber2]
sandro: hi i'm Sandro Hawke, I work at the w3c, and am one of the two staff contacts for the socialwg, and am excited about this work
16:10:35 [cwebber2]
scribenick: sandro
16:11:20 [sandro]
tantek: first time using mumble :-) also works at mozilla, co-chair of SWWG, and on W3C AB and CSS WG, cofounder of indieweb
16:11:28 [sandro]
... own personal CMS
16:11:45 [sandro]
... editor of some microformat specs
16:12:00 [sandro]
twryst?
16:12:13 [sandro]
(silence)
16:12:22 [sandro]
Zakim, who is here?
16:12:22 [Zakim]
Present: (no one)
16:12:24 [Zakim]
On IRC I see saranix, evan, knutsoned, twryst, MMN-work, geppy, tantek, Zakim, RRSAgent, albino, Rushyo, thrrgilag, KevinMarks_, ajordan, timbl, JanKusanagi, tcit,
16:12:24 [Zakim]
... ben_thatmustbeme, MMN-o, astronouth7303, cwebber2, bwn, sandro, Gargron, mattl, wilkie, DenSchub, trackbot, csarven, nightpool, raucao, jet, bigbluehat, KjetilK, dwhly,
16:12:24 [Zakim]
... bitbear, aaronpk, lambadalambda, Loqi
16:12:29 [tantek]
present+
16:12:33 [cwebber2]
https://www.w3.org/wiki/SocialCG/2017-05-19#Topics
16:12:33 [sandro]
present+
16:12:40 [geppy]
present+
16:12:40 [DenSchub]
present+
16:12:42 [evan]
present+
16:12:43 [albino]
present+
16:12:43 [cwebber2]
present+
16:12:44 [Rushyo]
present+
16:12:44 [MMN-work]
present+
16:12:44 [knutsoned]
present+
16:12:46 [aaronpk]
present+
16:12:53 [astronouth7303]
Present+
16:12:56 [ben_thatmustbeme]
present+
16:13:13 [sandro]
topic: Social Web WG Updates
16:13:56 [sandro]
aaronpk: websub test suite finished! websub.rocks. you can go test your implementations. it'll act as fake server, subscriber, hub, so you can see how your implementation is doing
16:14:15 [sandro]
... W3C lifecycle: Working Draft, Candidate Recommendation, Proposed Recommendation, Recommendation
16:14:36 [sandro]
... We need to show people are implementing and interoperating, to move past CR
16:14:51 [sandro]
... one of the goals was to make very few functional changes to PubSubHubbub
16:15:18 [sandro]
... so if you've implemented that, we'd GREATLY APPRECIATE you trying your impl against the test suite
16:15:22 [sandro]
... and submitting implementation report
16:15:30 [tantek]
Note to self, submit a WebSub (publisher) implementation report for @Falcon!
16:15:34 [sandro]
... USEFUL even if you only pass half the tests
16:16:14 [sandro]
q+
16:16:16 [MMN-work]
aaronpk: I should submit reports for GNU social (nightly branch has recently renamed PuSH to WebSub in most documentation). .)
16:16:21 [aaronpk]
please do!
16:16:37 [cwebber2]
ack sandro
16:16:41 [cwebber2]
scribenick: cwebber2
16:17:00 [cwebber2]
sandro: is it reasonable to run the test suite on pubsubhubbub implementations we use and know of and submit them as third party specs?
16:17:10 [cwebber2]
sandro: and I say absolutely yes as long as you identify that in your implementation report
16:17:17 [cwebber2]
scribenick: sandro
16:17:29 [cwebber2]
q?
16:17:32 [tantek]
when do we need these impl reports by?
16:17:51 [astronouth7303]
cwebber2: ^^
16:17:53 [cwebber2]
https://www.w3.org/TR/activitypub/#Overview
16:17:53 [sandro]
topic: ActivityPub
16:17:57 [tantek]
\o/ new AP CR
16:18:23 [sandro]
cwebber2: Includes nice tutorial, and changes you can see in change log
16:18:35 [sandro]
... still working on test suite, sorry it's not done yet
16:18:57 [aaronpk]
haha
16:18:58 [sandro]
cwebber2: When do we need impl reports by
16:19:00 [ben_thatmustbeme]
hah
16:19:06 [Loqi]
nice
16:19:30 [cwebber2]
scribenick: cwebber2
16:19:36 [cwebber2]
sandro: two to 3 weeks is the estimation
16:19:52 [sandro]
aaronpk: Very helpful if you're building it, too
16:19:55 [cwebber2]
aaronpk: I'll also point out if you're implementing, your test suite will is a great way to debug
16:19:59 [cwebber2]
scribenick: sandro
16:20:12 [sandro]
tantek: So do it sooner, in case it exposes bugs in your code
16:20:23 [sandro]
aaronpk: Or bugs in spec!
16:20:44 [sandro]
topic: Social Web Charter Extension
16:21:01 [sandro]
cwebber2: We're asking for an extension
16:21:12 [ben_thatmustbeme]
q+ to mention other test suites for WG specs
16:21:19 [sandro]
... strong indicator at last meeting here that people want to explore it
16:21:29 [tantek]
q+
16:21:29 [sandro]
... so if we don't get extension, maybe we'll keep working on it any way
16:21:32 [cwebber2]
q?
16:21:34 [cwebber2]
ack ben_thatmustbeme
16:21:34 [Zakim]
ben_thatmustbeme, you wanted to mention other test suites for WG specs
16:21:53 [cwebber2]
q?
16:22:03 [sandro]
ben_thatmustbeme: Most SWWG have .rocks for test suite, webmention, activitystreams, etc
16:22:11 [cwebber2]
ack tantek
16:22:16 [sandro]
q+
16:22:44 [cwebber2]
q+
16:23:26 [sandro]
tantek: What are editor's preferences for AP on whether ...
16:24:06 [sandro]
cwebber2: My feelings have shifted since last meeting. I previously imagined I'd feel like I failed if we didnt get AP to Rec before the group ended
16:24:24 [sandro]
... but since there are a bunch of people saying they want to implement, and 2-3 weeks are not a lot of time
16:24:37 [sandro]
... (and there's a lot of value to having implementations)
16:24:45 [sandro]
... what about y'all?
16:24:55 [evan]
q+
16:24:56 [astronouth7303]
I probably won't be done in 3 weeks
16:25:02 [sandro]
... how do you feel about getting Gold Foil Stamp of W3C, if we have to cut off iterations to get it
16:25:29 [sandro]
geppy: I'll need more than three weeks
16:25:33 [sandro]
evan: Me, too
16:25:58 [cwebber2]
scribenick: cwebber2
16:27:06 [cwebber2]
sandro: w3c has maturity process of proposed recommendation and recommendation, some people take that very seriously and won't build things without a w3c spec. we can't make changes beyond the group charter, and that means freezing the spec, which has risks if there are problems. In that case, shoudl we just not freeze it in stone, and keep it in a living document in the community group? we don't have to decide that immediately
16:27:15 [sandro]
-> https://www.w3.org/2002/09/wbs/33280/socialweb-exnt/ (For W3C Advisory Committee Representative Only) Vote on whether to extend group
16:27:18 [astronouth7303]
q+
16:27:47 [cwebber2]
sandro: what I was going to say, if you happy to be involved with a w3c member org, then by all means point them at the link I just pasted. that link is access controlled and won't work for anyone who aren't advisory members, but part of the problem is getting peoples' attention so I am urging people there
16:27:57 [cwebber2]
ack sandro
16:28:01 [sandro]
scribenick: sandro
16:28:39 [cwebber2]
ack cwebber
16:28:41 [cwebber2]
ack evan
16:29:11 [cwebber2]
ack astronouth
16:29:16 [astronouth7303]
Is the living document route work for other specs?
16:29:40 [astronouth7303]
Can we move back to cr?
16:29:52 [sandro]
cwebber2: There are some proponents of living documents
16:29:58 [tantek]
aaronpk go ahead
16:30:29 [sandro]
aaronpk: Living specs have worked well for other things.
16:30:35 [sandro]
sandro: They wouldn't be at W3C
16:31:07 [sandro]
cwebber2: Community groups don't have authority to publish Candidate Recommendations, etc.
16:31:09 [tantek]
q+ to answer as requested
16:31:17 [sandro]
... only Community Group documents
16:31:32 [sandro]
cwebber2: Maybe not a lot of interest from W3C paying members.
16:31:34 [sandro]
q+
16:31:41 [cwebber2]
ack tantek
16:31:41 [Zakim]
tantek, you wanted to answer as requested
16:31:51 [cwebber2]
q+ evan
16:32:04 [sandro]
tantek: good summary, living specs can work well, eg WHAT-WG, microformats.org, indieweb.org
16:32:15 [sandro]
... and then submitted to W3C
16:32:30 [evan]
I actually do have thoughts on this current topic now
16:32:38 [sandro]
tantek: Challenge if it's already at w3c, like AP, but it doesn't mean there's no option
16:33:32 [sandro]
.. we can have the last CR say where you go instead, eg pointing to github for spec. Implementors have learned to look for stuff like that. So it's not the gold seal of approval, but there is a path forward.
16:33:51 [sandro]
.. in spirit that's what a standard is about. SO I tend to be for that sort of thing.
16:33:57 [sandro]
.. personal opinion
16:33:59 [sandro]
q?
16:34:06 [sandro]
q- later
16:34:21 [cwebber2]
ack evan
16:35:02 [DenSchub]
evan++
16:35:02 [Loqi]
evan has 2 karma
16:35:11 [sandro]
evan: I feel like Mastodon, recent popularity, seems to indicate this space is going to be much more driven by what's out there. Which leads me to living document. People will use what's in use.
16:35:13 [sandro]
q-
16:35:17 [cwebber2]
ack sandro
16:35:21 [Rushyo]
q+
16:35:25 [tantek]
I also agree, W3C works best when it documents emerging interoperability
16:35:30 [cwebber2]
ack Rushyo
16:35:31 [tantek]
rather than legislating
16:35:55 [sandro]
Rushyo: In terms of deadline, that was created before Mastodon movement,
16:35:57 [sandro]
q+
16:37:51 [cwebber2]
sandro: that's exactly the argument I made, a few years ago there was business intro in open social and that died down, but I'm trying to make the argument that there's reason to see excitement and the Mastodon stuff shows interest / value
16:37:57 [cwebber2]
q?
16:38:01 [sandro]
q-
16:38:07 [astronouth7303]
sandro: +1 business discussion
16:38:55 [sandro]
q?
16:39:31 [sandro]
topic: Disclosure
16:39:56 [sandro]
cwebber2: I'm part of Verifiable Claims work, representing spec-ops, but I'm actinging independly here
16:39:58 [ben_thatmustbeme]
random aside, i released a new version of the microformats-ruby gem, includes a console based fetch and parse to json of any mf2 page, which includes most of the social sites here
16:40:07 [sandro]
topic: Meetings
16:40:14 [cwebber2]
https://doodle.com/poll/rnnsf2y2fgmiq8zb
16:40:40 [sandro]
cwebber2: Please fill this out! For weekly meeting times!
16:40:56 [sandro]
q+
16:41:36 [cwebber2]
https://github.com/swicg/general/issues/2
16:41:36 [Loqi]
[sandhawke] #2 Meetings (perma-issue)
16:41:43 [cwebber2]
ack sandro
16:41:55 [tantek]
githubissue++
16:41:55 [Loqi]
githubissue has 1 karma
16:42:15 [ben_thatmustbeme]
githubissue++
16:42:15 [Loqi]
githubissue has 2 karma
16:42:34 [geppy]
(nota bene, that issue is how I remembered today's call)
16:42:48 [albino]
can we not just announce these things in irc topic?
16:42:55 [aaronpk]
all of the above!
16:42:56 [MMN-work]
I thought it worked well with cwebber2 reminding via XMPP :]
16:43:46 [sandro]
aaronpk: issue/2 is where the discussion happens, NOT an issue of where the discussion should happen
16:43:50 [wilkie]
I definitely need these reminders heh
16:43:53 [cwebber2]
q?
16:43:58 [sandro]
topic: Discussion of ActivityPub
16:44:08 [sandro]
evan: Nice new stuff in draft
16:44:22 [sandro]
... as an implementor what's giving me a headache is authn/authz
16:44:40 [sandro]
... is there something we can do to make sure folks are doing the same thing, and it's secure?
16:45:11 [sandro]
cwebber2: Spec goes in two directions at once for auth
16:45:34 [sandro]
... there was a discussion a few weeks ago. I'm still a bit lost about oath2 mechanisms
16:45:50 [sandro]
... minimal is bearer tokens, ....
16:46:07 [sandro]
... we have stuff in spec, but what are implementors comfortable with?
16:46:19 [sandro]
... some people are allergic to signatures, and some people want to see signatures
16:47:05 [sandro]
evan: I've been playing around with HTTP signatures and Linked-Data Signatures. This is not my area of expertise. But once I figured it out, it was fairly straightforward. Unlike OAuth which has a lot of questionmarks.
16:47:10 [sandro]
... few areas to diverge.
16:47:15 [sandro]
... which is good
16:47:27 [sandro]
cwebber2: I agree, but I know there are disagreements
16:47:51 [sandro]
.. maybe we can try interop
16:48:06 [sandro]
.. I don't think we'll be able to make this as 'authy' as we'd like in the timeframe we have
16:48:13 [sandro]
+1 getting interop working
16:48:24 [aaronpk]
q+
16:48:28 [cwebber2]
q?
16:48:36 [DenSchub]
q+ to add some notes about signing
16:48:41 [cwebber2]
ack aaronpk
16:49:12 [sandro]
aaronpk: Not to derail, but there is an alternative to auth, which is how WebMention solves it, with just using dialback
16:49:46 [sandro]
aaronpk: Avoids need for authentication
16:49:54 [sandro]
.. is there a way to do that with AP?
16:49:59 [cwebber2]
q+
16:50:03 [sandro]
q+ to say no, because there's private content in AP
16:50:24 [sandro]
evan: I was already doing those round trips in my impl
16:50:33 [sandro]
cwebber2: Unless you don't have permission
16:50:59 [sandro]
aaronpk: Private WebMention solves this!
16:51:08 [KevinMarks]
KevinMarks has joined #social
16:51:31 [sandro]
aaronpk: Does not solve all auth, just makes private dialback work
16:52:03 [aaronpk]
https://indieweb.org/private-webmention
16:52:04 [DenSchub]
q-, aaronpk basically answered my question, will have to read on that
16:52:05 [sandro]
cwebber2: Is this similar to EvanP's two-legged dialback?
16:52:12 [DenSchub]
q-
16:52:17 [cwebber2]
q-
16:52:31 [sandro]
aaronpk: Very specific way to get token
16:52:51 [cwebber2]
q+ to mention https://datatracker.ietf.org/doc/draft-prodromou-dialback/
16:52:56 [sandro]
evan: Is this useful for the other places we need auth?
16:52:56 [sandro]
q-
16:53:09 [sandro]
evan: Like when a server needs ...
16:53:17 [sandro]
aaronpk: This is server-to-server only
16:53:21 [cwebber2]
ack cwebber
16:53:21 [Zakim]
cwebber, you wanted to mention https://datatracker.ietf.org/doc/draft-prodromou-dialback/
16:53:48 [sandro]
cwebber2: Link to evanp's dialback stuff that Pump.io uses currently. Maybe aaronpk you can talk to evanp ?
16:54:04 [aaronpk]
( here's the actual spec link: https://www.ietf.org/archive/id/draft-prodromou-dialback-00.txt )
16:54:28 [cwebber2]
https://github.com/w3c/activitypub/issues/221
16:54:29 [sandro]
topic: Controlling Availability To Search
16:54:29 [Loqi]
[sandhawke] #221 Controlling availability to search
16:54:53 [cwebber2]
sandro: I want to go meta for a second, is this 5 more minutes or do people want to go longer?
16:54:55 [DenSchub]
(somewhat off-the-record, but i'd like to join any discussions, aaronpk and evan. the missing/undefined/imprecise definition of signing is one of the main issues we have right now)
16:55:07 [cwebber2]
sandro: do we want to extend for 35 minutes from now or wrap up in next 5 minutes?
16:55:07 [sandro]
+1 extend 30 mins
16:55:14 [cwebber2]
+1 on extend to 15-30 mins
16:55:17 [knutsoned]
+1 extend
16:55:22 [evan]
+1 extend
16:55:22 [DenSchub]
+1
16:55:24 [MMN-work]
0
16:55:28 [ben_thatmustbeme]
0
16:55:34 [tantek]
+1 extend
16:55:36 [Rushyo]
0
16:55:41 [astronouth7303]
+1, but I'll only have 15 or so
16:55:45 [ben_thatmustbeme]
i won't be able to talk though
16:55:57 [aaronpk]
DenSchub, i'd be happy to!
16:56:28 [sandro]
thanks aaronpk
16:56:57 [cwebber2]
scribenick: sandro
16:57:02 [cwebber2]
scribenick: cwebber2
16:58:05 [DenSchub]
q+ to add some user-perspective context
16:58:30 [MMN-work]
q+ to describe GNU social stance on public posts
16:58:33 [cwebber2]
sandro: I made this because there was a big mastodon thread on mastodon a while ago... someone made a search engine that gathered stuff from public timelines and allowed search, which many of us found useful, but some people were extremely upset about. The person who brought it up took it down again because they didn't want to upset people. In the github thread you see me going back and forth with one of these people to deal with it.
16:58:33 [cwebber2]
as a programmer I like to say "if I have access to this why I can't I index it etc". But there are users who want this functionality, but is there something we can do to balance waht different parties want here
16:58:36 [cwebber2]
ack DenSchub
16:58:36 [Zakim]
DenSchub, you wanted to add some user-perspective context
16:58:59 [sandro]
DenSchub: we had the same discussion over and over again, on diaspora, public and private stuff
16:59:05 [cwebber2]
scribenick: sandro
16:59:08 [sandro]
... we worked around it by adding robots.txt
16:59:24 [sandro]
... that seemed to make most users happy
16:59:31 [tantek]
DenSchub++
16:59:51 [sandro]
sandro: that wouldn't make me, as a user who wants to search, very happy
16:59:51 [Rushyo]
q+
16:59:55 [tantek]
I appreciate the user-privacy by default design
16:59:55 [evan]
q+
17:00:19 [sandro]
DenSchub: We were marked as private social network, so this (non-google) approach seemed to make our users happy
17:00:22 [tantek]
opt-in would be nice if people really want their posts indexed
17:00:24 [cwebber2]
q?
17:00:32 [sandro]
sandro: that makes sense
17:00:36 [cwebber2]
ack MMN-work
17:00:36 [Zakim]
MMN-work, you wanted to describe GNU social stance on public posts
17:00:53 [cwebber2]
q+ cwebber2
17:00:53 [sandro]
MMN-work: gnusocial idea about this is we never say anything is private
17:01:06 [sandro]
... you can never guarantee the remote side in a federation will honor anything
17:01:17 [sandro]
... as long as the admin can read it, the remote side can publish
17:01:38 [sandro]
... we even license the content as CC-attr so there is explicit permission to replicate posts
17:01:43 [sandro]
... it's important to be clear about this
17:02:04 [sandro]
... of course Diaspora* is marketed as private, but I don't see how you can do that without explicity e2r crypto
17:02:11 [sandro]
... we're very open about this
17:02:20 [sandro]
... so transparency
17:02:28 [sandro]
q+ to ask if gnusocial has search engines
17:02:37 [tantek]
interesting, in contrast email "seems" to work for private by default (as long you don't get phished by Russians :P )
17:02:51 [sandro]
... with Mastodon introducting scoping, ... it doesn't work in Federated environment
17:02:54 [cwebber2]
ack Rushyo
17:03:20 [sandro]
Rushyo: The Mastodon ecosystem has a very wide variety of different privacy expectaitons. Some enforced by tech, some social
17:03:27 [DenSchub]
tantek: you still have to somewhat trust the mail server
17:03:34 [sandro]
... and instance might have a whitelist, with other instances that will use data responsibility
17:03:45 [sandro]
... lots of instances have users with privacy requests
17:03:47 [tantek]
DenSchub: yes, that's my point. somehow mail servers have evolved to trust each other
17:03:54 [sandro]
... with Mastodon it's all kinds of gray (colors!)
17:03:59 [tantek]
though I agree end to end encryption is preferable :)
17:04:24 [sandro]
... posts sent to an instance, but ... only some interface ... some instance rules, ... unless enforced by some kind of 'treaty', it works or doesn't if someone tries to abuse it
17:04:30 [sandro]
... it gets really complicated and messy
17:04:50 [DenSchub]
i always argue with "it's clear what server you're sending to, so if you don't trust the server, do not send your messages there" in such discussions about diaspora
17:04:51 [sandro]
... the implementations is relatively naive, but social seems to work
17:05:00 [MMN-work]
+1 rushyo
17:05:04 [DenSchub]
but that's just the user's feelings, not actual technical facts
17:05:09 [sandro]
... search engine tramples on this, race to bottom, we'll get technical blocks
17:05:13 [MMN-work]
(how did you do the karma thing?)
17:05:22 [sandro]
... one of the reasons behind 2crypt is to create minimum baseline
17:05:23 [cwebber2]
MMN-work, foo++
17:05:26 [sandro]
... person to person solution
17:05:31 [MMN-work]
rushyo++
17:05:31 [Loqi]
rushyo has 1 karma
17:05:42 [sandro]
... for groups across federation you'd need something else
17:06:03 [sandro]
... anything more than 2crypt is going to need some kind of agreement
17:06:04 [cwebber2]
q?
17:06:11 [sandro]
... maybe just don't subscribe to people who want high privacy?
17:06:33 [sandro]
evan: Mostly agree with MMN-work that nothing is private unless end-to-end encrypted
17:06:42 [astronouth7303]
q+
17:06:48 [cwebber2]
ack evan
17:06:54 [sandro]
... nothing is really private on FB and Twitter, right? But you can indicate that things are generally going to be private?
17:07:06 [sandro]
... I'm really sympathetic to desire to avoid harassment
17:07:17 [sandro]
... but systems need to acknowledge that there will be bad actors
17:07:26 [sandro]
... so unless there's access control, it is searchable.
17:07:44 [sandro]
... robots.txt is helpful as a hint, but the problem is
17:08:06 [cwebber2]
ack cwebber2
17:08:10 [sandro]
... people want a guarantee of privacy. Without e2e, private posts are the only answer
17:08:10 [DenSchub]
evan++
17:08:14 [ben_thatmustbeme]
evan:++
17:08:17 [MMN-work]
evan++
17:08:17 [Loqi]
evan has 3 karma
17:08:21 [ben_thatmustbeme]
evan++
17:08:21 [Loqi]
evan has 4 karma
17:08:28 [sandro]
cwebber2: a few things going on here
17:08:37 [tantek]
FWIW FB has "public" posts that are only "public" to logged in users. Not available to search engines or non-logged in users.
17:08:39 [sandro]
... at one end gnusocial, everything is public
17:08:48 [sandro]
... some ability to do private, but not much
17:08:53 [sandro]
... Mastodon is in between
17:09:04 [sandro]
... at the other end is end2end encryption
17:09:08 [sandro]
... but people can still break that trust
17:09:13 [Rushyo]
cwebber++
17:09:13 [Loqi]
cwebber has 20 karma
17:09:17 [ben_thatmustbeme]
indieweb tends to do that same of 'everything is public' by default and a few have experimented with access controlled posts
17:09:21 [sandro]
... in the middle we have email, esp unencrypted email
17:09:45 [sandro]
... if I send to a public mailing list
17:09:58 [sandro]
... if I send to just Tantek, I don't expect it to end up in Aaron's inbox
17:09:59 [sandro]
q-
17:10:23 [sandro]
... maybe gmail or NSA can screw with that, but there's still an expectation of privacy
17:10:27 [MMN-work]
q+ to clarify difference of social and technical problems
17:10:36 [sandro]
... maybe a DRM solution would help, but we don't really want that eiuther
17:10:49 [evan]
q+
17:10:51 [sandro]
... on this AP issue, can/should we add anything?
17:11:03 [sandro]
... right now, it's a lot like email, with also a Public destination
17:11:14 [sandro]
... some risks
17:11:28 [sandro]
... if you say 'do not index' that's kind of a flag that'll get you attention
17:11:44 [sandro]
... my feeling is we should say it's email like
17:11:55 [MMN-work]
q-
17:11:56 [sandro]
... we can add other flags, but let's be careful
17:12:05 [cwebber2]
q?
17:12:07 [cwebber2]
ack astronouth7303
17:12:08 [sandro]
+1 modeling it like email
17:12:11 [astronouth7303]
(sorry, phone) I have two thoughts on this topic:
17:12:52 [astronouth7303]
1. I think that there should be room for different providers to compete while maintaining interop
17:13:16 [astronouth7303]
2. S2s auth has a role in this
17:13:37 [sandro]
q+
17:13:40 [cwebber2]
astronouth7303: ACK when done :)
17:13:54 [cwebber2]
ack astronouth7303
17:13:58 [cwebber2]
ack astronouth
17:13:58 [astronouth7303]
Verifying the provider making the request means you can enforce some level of acl
17:14:02 [wilkie]
it just needs to be clear that any extension that adds a form of e2e crypto or privacy creates messages that are ignored by implementations that do not understand them, which can be done by an extension that creates a new inbox for encrypted private messages
17:14:11 [wilkie]
I look forward to seeing such extensions
17:14:13 [astronouth7303]
Ack astronouth7303
17:14:49 [Rushyo]
(which is how TootCrypt works, extensions be damned ;])
17:14:56 [cwebber2]
ack evan
17:14:59 [sandro]
cwebber2: EvanP suggested a public-no-indexing inbox maybe
17:15:05 [tantek]
q+ just to give a personal user anecdote example using robots.txt to block bots from my blog for its first two years felt "good enough" and then afterwards I changed how/what I posted. would like per-post robots.txt controls. might just implement this in my own CMS.
17:15:14 [tantek]
q- just
17:15:27 [tantek]
q+ to give a personal user anecdote example using robots.txt to block bots from my blog for its first two years felt "good enough" and then afterwards I changed how/what I posted. would like per-post robots.txt controls. might just implement this in my own CMS.
17:15:55 [sandro]
evan: astronouth7303 made a good point. We could consider, maybe in an extension, rather than auth'ing as user, when fetching an outbox, a search engine could have to provide some proof that it's the user it says it is. So a bad actor
17:15:59 [cwebber2]
q+ to discuss abuse briefly
17:16:08 [sandro]
... a harassment-centric search engine, you could black-list it.
17:16:16 [cwebber2]
ack sandro
17:16:57 [evan]
q+
17:17:41 [sandro]
scribenick: sandro
17:17:59 [sandro]
cwebber2: diaspora, because of "own your data", and Mastodon fear of harassment
17:18:00 [cwebber2]
ack tantek
17:18:00 [Zakim]
tantek, you wanted to give a personal user anecdote example using robots.txt to block bots from my blog for its first two years felt "good enough" and then afterwards I changed
17:18:02 [cwebber2]
q?
17:18:03 [Zakim]
... how/what I posted. would like per-post robots.txt controls. might just implement this in my own CMS.
17:18:07 [DenSchub]
q+
17:18:14 [sandro]
tantek: I'm personally really interested in seeing this solved
17:18:21 [sandro]
... use cases like privacy and avoiding abuse
17:18:29 [Rushyo]
tantek++
17:18:29 [Loqi]
tantek has 55 karma in this channel (342 overall)
17:18:30 [sandro]
... are pretty important to making a different with federation
17:18:35 [sandro]
... very happy to see this much work
17:18:48 [sandro]
... micro.blog has "safe-replies"
17:19:07 [MMN-work]
+q to discuss technical and social problems
17:19:07 [sandro]
... when I started my blog, I used robots.txt, because I didn't want results from search engine folks
17:19:25 [sandro]
... I wanted to blog freely, and mostly be seen only by people who knew me
17:19:34 [sandro]
... but then I wanted my CSS stuff to be found
17:19:42 [sandro]
... maybe I want per-post robots.txt
17:20:08 [sandro]
... I worked for technorati, blog search engine, before twitter had search
17:20:13 [sandro]
... and we had this challenge as well
17:20:35 [sandro]
... google sucked for indexing blogs, but we were really good at it, they pinged us
17:20:46 [sandro]
... we ignored robots.txt because we were being requested to crawl
17:21:03 [sandro]
... sometimes people complained, and when someone complained, we took them out of the index
17:21:11 [sandro]
... and generally people found that acceptable.
17:21:15 [geppy]
Does anyone respect <meta name="robots"...> or whatever it is?
17:21:18 [sandro]
... so I think there is a social evolution aspect here
17:21:52 [sandro]
... good social engine actors, respecting people's requests, that will be self-reinfocing I think
17:21:56 [cwebber2]
q?
17:22:01 [sandro]
... but then there are bad actors I have to block from my site
17:22:13 [sandro]
cwebber2: I think part of this is an expression of intent.
17:22:19 [sandro]
... important but tricky
17:22:24 [sandro]
... ongoing
17:22:41 [sandro]
... from Mastodon side, seems to be about abuse-mitigation, which is in-scope for this group
17:22:50 [sandro]
... we don't have tooling as good as we'd like
17:22:59 [sandro]
... anti-abuse stuff has come up a few times
17:23:08 [ben_thatmustbeme]
anti-spam interesting bit for webmention http://indieweb.org/vouch
17:23:10 [sandro]
... blocking search engines might be enough, might not
17:23:51 [cwebber2]
ack cwebber
17:23:51 [Zakim]
cwebber, you wanted to discuss abuse briefly
17:23:52 [cwebber2]
ack evan
17:23:53 [sandro]
... sandro mentioned possibility that someone could still implement a search used by abusers, might be most desired by them, could be flag in opposite direction. I think we have to do a lot of work on anti-abuse tooling.
17:24:48 [sandro]
evan: In terms of how there wasn't a race to the bottom in Diaspora, the problem isn't just technical. I think Mastodon is probably more lgbt / social justice aligned, which indicates to me it would be much more likely for a group of tech-savvy harassers to WANT to break in,
17:24:58 [sandro]
... because of the dynamics of that sort of culture war
17:25:21 [cwebber2]
ack DenSchub
17:25:26 [sandro]
... "nobody has built a harrassers search engine yet" might attract bad actors
17:25:53 [sandro]
DenSchub: The problems we had weren't really technical, because we always claimed public posts are public and visible to anyone, but there were
17:26:03 [sandro]
... still a lot of misconceptions about what Public means.
17:26:18 [sandro]
... not a technical problem, psychological problem. Not a lot one can do in spec.
17:26:36 [sandro]
.. clear from technical side, but user's feelings are sometimes a little bit tricky to understand.
17:26:43 [cwebber2]
ack MMN-work
17:26:43 [Zakim]
MMN-work, you wanted to discuss technical and social problems
17:26:57 [sandro]
MMN-work: most has been said, but re race-to-bottom
17:27:06 [sandro]
... I don't know if I've given up on technical
17:27:15 [sandro]
... but the idea behind quitter.se
17:27:33 [sandro]
... if there's some way to encourage people to create nodes that are not huge mega-nodes
17:28:02 [sandro]
... it's much better. Small, community/friend instances, that kind of size is much better, because then admin/community solves moderation issues
17:28:03 [Rushyo]
MMN-work++
17:28:03 [Loqi]
mmn-work has 1 karma
17:28:23 [sandro]
... if the network is properly federated it wont be possible to keep white/black list without very good community moderation
17:28:30 [sandro]
... probably not in scope for AP
17:28:53 [sandro]
... Community for moderately sized instance, vs mega-nodes
17:29:11 [sandro]
cwebber2: People would probably agree smaller instances makes moderation easier
17:29:12 [cwebber2]
q?
17:30:01 [tantek]
sandro++ for minuting
17:30:01 [Loqi]
sandro has 37 karma in this channel (44 overall)
17:30:02 [sandro]
cwebber2: Let's wrap up, postpone anything else to next week
17:30:05 [tantek]
cwebber++ for chairing!
17:30:05 [Loqi]
cwebber has 21 karma
17:30:38 [cwebber2]
and thanks sandro for scribing :)
17:30:40 [cwebber2]
sandro++
17:30:40 [Loqi]
sandro has 38 karma in this channel (45 overall)
17:30:43 [astronouth7303]
Yay! My plane has not taken off yet!
17:30:46 [sandro]
cwebber2, I don't actually know what we do with minutes for the CG
17:30:47 [Loqi]
😃
17:30:48 [cwebber2]
astronouth7303: :)
17:30:50 [tantek]
also
17:30:52 [tantek]
Mumble++
17:30:52 [Loqi]
slow down!
17:30:57 [tantek]
lol
17:31:06 [DenSchub]
karma overflow
17:31:32 [cwebber2]
sandro, last week we posted to https://www.w3.org/wiki/SocialCG/2017-05-05/minutes
17:31:36 [DenSchub]
oh, holdon. next week will be on the same time, right?
17:31:46 [astronouth7303]
I have Opinions and would like to be part of several future discussions
17:31:53 [cwebber2]
trackbot, end meeting
17:31:53 [trackbot]
Zakim, list attendees
17:31:53 [Zakim]
As of this point the attendees have been tantek, sandro, geppy, DenSchub, evan, albino, cwebber, Rushyo, MMN-work, knutsoned, aaronpk, astronouth, ben_thatmustbeme
17:32:01 [trackbot]
RRSAgent, please draft minutes
17:32:01 [RRSAgent]
I have made the request to generate http://www.w3.org/2017/05/19-social-minutes.html trackbot
17:32:02 [trackbot]
RRSAgent, bye
17:32:02 [RRSAgent]
I see no action items
17:32:04 [cwebber2]
DenSchub, not necessarily