@steve@social.technoetic.com
@steve@social.technoetic.com avatar

steve

@steve@social.technoetic.com

American living in Southern France. I'm interested in #computers, #SoftwareDevelopment, #SemanticWeb, #osint, #DistributedComputing, #pkm, #HomeAutomation, #PhysicalComputing, #iot, #rpi, #esp32, #hiking, #traveling, learning #french and lots of other stuff.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

steve, to threads
@steve@social.technoetic.com avatar

If you're interested in posts, here are the existing profiles to follow.
@0xjessel
@btsavage
@christophersu
@mosseri
@rklambo
@sblackst
@shubhankar_91
@tb_99999
@wongmjane

steve, to fediverse
@steve@social.technoetic.com avatar

I often see the "Robustness Principle" invoked when discussing ways to improve interop. There's an IETF draft that discusses the negative consequences of this strategy. Instead, they suggest that "A community that takes an active role in the maintenance of protocols will no longer need to rely on the robustness principle to avoid interoperability issues." Sounds great to me.
https://intarchboard.github.io/draft-protocol-maintenance/draft-iab-protocol-maintenance.html#name-harmful-consequences-of-tol

hrefna, to fediverse
@hrefna@hachyderm.io avatar

Send help.

steve,
@steve@social.technoetic.com avatar

@hrefna Your diagram looks like it doesn't support Link* in the relevant union types. For example, Activity.object can reference either an Object or a Link. Most or all of the examples in the spec embed an anonymous Link (i.e. RDF blank node), but one could assign an "id" to a Link and use that IRI as the Activity.object value.

steve,
@steve@social.technoetic.com avatar

@jenniferplusplus @hrefna No. It's a URI/IRI referencing a Link. A URI is not a Link (or necessarily a reference to an Object if the property range is Object|Link). A Link is effectively what RDF would call a "reified" property/predicate that allows other properties to be associated with the Link's "href" (name, summary, etc.). The Link can be given an "id", dereferenced just like an Object, and the Link can be referenced by multiple Objects. Or it could be put in a Collection, for example.

steve,
@steve@social.technoetic.com avatar

@smallcircles @jenniferplusplus @hrefna The places where a property range is defined as "xsd:anyURI | Link" could be considered a spec bug. From an OWL perspective, it's invalid (can't be both a DataProperty and ObjectProperty). An AP/AS2 URI typically references an Object or Link. However "anyURI" could dereference to anything (a zip file, an image, ...). In this case, given a URI, I think the only way to disambiguate the reference is to dereference it and check the content type (???).

Goffi, to fediverse French
@Goffi@mastodon.social avatar

Excited to present at 2024:

🗓️ Sat, 11:50, devroom (H.1302): Bridging Open Protocols: and Gateway via https://fosdem.org/2024/schedule/event/fosdem-2024-2857-bridging-open-protocols-xmpp-and-activitypub-gateway-via-libervia/

🗓️ Sun, 16:30, devroom (UD2.218A): How I've Built a Web Frontend for a Federated Communication Tool with https://fosdem.org/2024/schedule/event/fosdem-2024-2337-how-i-ve-built-a-web-frontend-for-a-federated-communication-tool-with-brython/

Looking forward to insightful discussions on . See you there!

steve,
@steve@social.technoetic.com avatar

@Goffi Sounds great. I can't attend, but I would have loved to have seen the Libervia presentation.

steve, to fediverse
@steve@social.technoetic.com avatar

I just read an article that claimed local interop testing is difficult because the spec requires HTTPS. The AP spec strongly recommends it for publicly facing URIs (a very good suggestion) but does not require it. Some developers implement servers with HTTPS-only endpoints and that indeed makes local testing more difficult and makes it more challenging to use reverse proxies with SSL termination. It would be nice if all servers allowed opt-in to HTTP endpoints for these purposes.

hrefna, (edited ) to random
@hrefna@hachyderm.io avatar

I have maintained, and continue to maintain, that my concerns about and the have nothing to do with threads as such and everything to do with how they act around the protocol.

Them releasing a client or a server would be very, very bad news in this space. Them running a multi-tenant (or multi-single-tenant) setup would be very, very bad for the fediverse.

Their presence on a single domain just doesn't say or do all that much in the grand scheme of things.

steve,
@steve@social.technoetic.com avatar

@hrefna "How much money does it cost to run a mastodon instance, exactly? Especially for an individual ..." Not "exact", but my personal Mastodon instance has no recurring costs other than for electricity usage, which hasn't had a noticeable impact on my electric bill (I self-host at home).

steve,
@steve@social.technoetic.com avatar

@hrefna I use a tunneling service (free) so the incoming connections are not directly to my home LAN. I run several server applications from my home "cloud" using a low-cost, fixed-price, high-bandwidth network provider (fiber). And, yes, my servers are continuously online. The primary server machines are refurbished micro form factor systems that are more powerful than a Raspberry Pi but cost less.

steve,
@steve@social.technoetic.com avatar

@hrefna Yes, if you don't have access to a reasonably fast network connection (say, at least 100mbs), the approach I use is not going to work well. Were you asking how much it costs to self-host a Mastodon instance with a cloud provider? There are also Mastodon-specific hosting providers, but I am skeptical of the prices they quote ($6/month). The resources provided with their low-cost plans look far too low based on what I see on my server, even for 1 user.
https://masto.host/pricing/

steve, to fediverse
@steve@social.technoetic.com avatar

One of the challenges with targeting is that the targeting properties (to, cc, bto, bcc, and maybe audience) conflate inbox delivery, interaction authorization, notification policies, and visibility (and probably more). This is a broad range of somewhat orthogonal behaviors and the limited guidance in the specs for them only makes it more challenging for AP devs.

hrefna, to fediverse
@hrefna@hachyderm.io avatar

I'm trying to make sense of how audience is supposed to work in and it feels like something is missing in the specification here both for AP and .

The documentation from AP:

  1. Never uses audience targeting even in its audience targeting example.
  2. Uses it almost identically to "to" or "cc"

On the part of AS it gets somewhat alluded to in 5.1.1, but not in the main section actually titled "Audience Targeting" (5.1) and says very little about it, just one example

7.1.1 Outbox Delivery Requirements for Server to Server When objects are received in the outbox (for servers which support both Client to Server interactions and Server to Server Interactions), the server MUST target and deliver to: The to, bto, cc, bcc or audience fields if their values are individuals or Collections owned by the actor. These fields will have been populated appropriately by the client which posted the Activity to the outbox.
Activities are rarely isolated events. Often, multiple individual activities will be performed around a similar context or audience. For instance, a collaborators working on a shared project might perform multiple related activities in the process of achieving some goal. Such activities can be logically grouped together using the context property, and scoped to a particular audience using the audience property.
audience, Notes: Identifies one or more entities that represent the total population of entities for which the object can considered to be relevant.

steve,
@steve@social.technoetic.com avatar

@hrefna There's a bit more discussion about scope and targeting at https://chat.indieweb.org/social/2016-03-17#t1458229683066000 .
Snell makes it clear that scope/audience is not intended to be used for targeting (to/cc/bto/bcc). Somehow the AP recommendation (incorrectly?) included it as a targeting property. Also relevant: https://github.com/evanp/onepage.pub/issues/91#issuecomment-1656844202

hrefna, (edited ) to fediverse
@hrefna@hachyderm.io avatar

I sort of want:

  • To/cc to control where the message gets sent.
  • Audience to control who can see the message.
  • bto, bcc to not exist or be broadly disabled in AP (edit, to clarify: I want to and cc to take the meaning of bto and bcc in general; the functionality is useful, but in a social network it should be the default behavior and we have other mechanisms to tag people in)

steve,
@steve@social.technoetic.com avatar

@hrefna The linked issue might be interesting. It's a discussion of AS2 "scope", changed later to "audience", after an attempt to remove it completely. @jasnell clarified that the property wasn't intended for access control, but it's not clear to me how it differs from "secondary audience targeting" (cc, bcc). https://github.com/w3c/activitystreams/issues/300

steve, to fediverse
@steve@social.technoetic.com avatar

It's a little confusing, but there is no base actor type/class in Activity Streams 2.0 (unlike Activity for activities). There are only some specific actor type URIs (as:Person, as:Service, etc.). An actor is a restriction of an AS2 actor and required to have inbox and outbox properties, unlike an AS2 actor (which has no required properties). Both AP and AS2 actor data can exist in the same application and can be used for different purposes.

steve, to fediverse
@steve@social.technoetic.com avatar

dev tip of the day: An inbox (or outbox) is not a queue. An inbox is reverse chronological (LIFO-ish) and maintains long-term references to items. A queue has FIFO behavior and items are dequeued/removed for processing. AP is difficult enough without equating the inbox concept with MQ middleware (which could be a useful internal implementation technique).

bengo, to fediverse
@bengo@mastodon.social avatar

ActivityPub Requirements Cohort 2
https://bengo.is/blogging/activitypub-requirements-testing-cohort-2/

steve,
@steve@social.technoetic.com avatar

@bengo Most of the outbox requirements are specific to C2S and aren’t relevant for servers that don’t implement that profile. How will that information (about optionality) be captured? In cohort 1, there are requirements for “valid” inbox and outbox references. How is validity defined in that context? Does any syntactically valid URI satisfy the requirement?

steve, to fediverse
@steve@social.technoetic.com avatar

An developer recently asked if my AS2 JSON Schemas require the AS2 JSON-LD context in a message. The answer is no. The AS2 specification does not require the context in a message if it is sent using the correct AS2 media type. The server must treat the message as if the context is present. However, for interop, it’s a good practice to always include it. Mastodon requires it, for example.

https://github.com/steve-bate/fediverse-jsonschema

smallcircles, to fediverse
@smallcircles@social.coop avatar

/ contribution suggestion:

bookmarking app.

The maintainer of Grimoire is aware of the fedi and sees merit in having an integration within the app.. https://github.com/goniszewski/grimoire/issues/4

Grimoire is built in and -licensed.

steve,
@steve@social.technoetic.com avatar

@smallcircles Recently, you seem to have been suggesting more of a design focus for social web behaviors. Social bookmarking might be a good domain for that. It's different from microblogging although there could be some overlap. Just integrating AP without that higher-level design is less likely to be effective, IMO.

steve, to fediverse
@steve@social.technoetic.com avatar

developers can process AP messages as JSON or as JSON-LD. The primary purpose of JSON-LD is RDF serialization. If you aren’t using RDF, you probably don’t want to use JSON-LD processing (expansion, flattening, ...). Even if you're using plain JSON processing, please provide a proper JSON-LD @context for JSON-LD processors. Watch for incorrect URI prefixes and blank nodes as potential issues in expanded message data. JSON-LD Playground can help with this.
https://json-ld.org/playground/

devnull, to fediverse
@devnull@crag.social avatar

Would I be a bad implementor if I don't maintain a "feed"?

If a post is created, NodeBB would send the Create activity to all of the author's followers, and that post would be displayed on that app, usually in the form of a feed.

On the other hand, if other apps send Creates to me, I can save them, but there's no place to display them organically within the existing forum structure 🤔 — since they're not part of an existing topic/category/etc...

steve,
@steve@social.technoetic.com avatar

@mariusor @devnull I thought this might come up. The specification has confusing language around inbox endpoints and inbox collections. An inbox endpoint is required. If a GET request for that endpoint returns anything (it might always be 404 or 403, for example, with no content), then it must be an AS2 Ordered Collection. Most of the AP Fediverse instances have no inbox collection (stored or displayed). This includes all the Mastodon instances, at least.

steve,
@steve@social.technoetic.com avatar

@mariusor @devnull That may not have been the intent of the specification authors, but it's allowed (maybe because Mastodon was the primary AP implementation at that time?).

steve,
@steve@social.technoetic.com avatar

@mariusor @devnull Even if an implementation maintains an inbox collection (maybe for admin audit support), there's no requirement that it be displayed to a user or externally accessible. The AP spec has few, if any, UI display requirements. The original question seemed to be related to "feed" display in an app.

steve,
@steve@social.technoetic.com avatar

@mariusor @devnull I agree about C2S, but I'm not confident that will be overhauled to make it competitive with existing client APIs any time soon. The specification does suggest inbox (endpoint) auth filtering. However, if the authorization mechanism enforces a "nothing is authorized" policy then you have the "always return an error code" scenario. That's why Mastodon is technically conformant with this behavior.

steve,
@steve@social.technoetic.com avatar

@devnull @mariusor Thanks for clarifying the question. In the original post, you mentioned "display" several times. That would be outside the scope of AP. For S2S purposes, you must have an inbox endpoint for receiving posted activities. However, an implementation isn't required to serve inbox collections from it. As for servers being down, most AP publishers, like Mastodon, will retry posting the activity for some period of time if the recipient server is not available.

hrefna, to random
@hrefna@hachyderm.io avatar

I already hate everything about this and I've barely started this method.

steve,
@steve@social.technoetic.com avatar

@hrefna @gugurumbe In the JSON-LD 1.1 spec, it states that "keywords cannot be redefined". When I try to alias "@type" to something else in JSON-LD Playground I see an error: "keywords cannot be overridden". I'm curious if you have an example where this is possible for @type?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • kavyap
  • DreamBathrooms
  • thenastyranch
  • ngwrru68w68
  • tacticalgear
  • magazineikmin
  • Youngstown
  • khanakhh
  • rosin
  • slotface
  • InstantRegret
  • everett
  • mdbf
  • JUstTest
  • cubers
  • GTA5RPClips
  • cisconetworking
  • modclub
  • ethstaker
  • osvaldo12
  • Durango
  • normalnudes
  • tester
  • provamag3
  • Leos
  • anitta
  • lostlight
  • All magazines
    •