- Oct 2020
-
www.youtube.com www.youtube.com
-
i'm ewan gronstrom
Hi Ewan!
-
- Feb 2019
-
ocasio-cortez.house.gov ocasio-cortez.house.govuntitled2
-
What do you think everyone?
It's a nonbinding resolution. I'm in favor of passing it.
-
domestic or 19international monopolies
What are some?
-
- Oct 2017
-
people.eecs.berkeley.edu people.eecs.berkeley.edu
-
Consider Figure 2 showing a portion of the globalpermissions graph. A company namespace has granted permissionsto a building entity. The building entity can now autonomouslymanage access to all the resources within that building withoutcommunicating with the company namespace creator. It grants asubset of permissions to an HVAC service entity and to an employeelabeled Boss, who in turn grants an even narrower subset to Alice.Alice’s entity has permissions on multiple different namespaces,and she can inter
cool
-
- Sep 2017
-
www.sciencealert.com www.sciencealert.com
-
This is why light-based information that flies across internet cables is currently converted into slow electrons
Wait... what? Slow electrons? I thought that usually electrons/electricity travels pretty close to the speed of light.
-
-
pushpin.org pushpin.org
-
There are two hold modes: response and stream.
You should define what these do? Is 'response' long-polling?
I'd just remove this sentence since it just begs my questions but doesn't answer them. Maybe move the definitions down to the 'Grip-Hold' header def below
-
-
www.bitfinex.com www.bitfinex.com
-
o act asa market makers for these users
typo
-
- Jul 2017
-
en.wikipedia.org en.wikipedia.org
-
whereas women in the world of plants and animals in the world and the world's peoples are by nature beautiful and tender.
What about Lions?
-
- May 2017
-
fanout.github.io fanout.github.io
-
enter an origin server destination (e.g. app.yourcompany.com:80).
It's not really clear to me what the value of this should be... Does it matter?
-
For example, you can use curl to test:
Before I can test, I need to deploy my django app so its available on the public internet. And, oh, maybe this is what you meant by "Origin Server destination" above.
It's likely that 99% of people following this guide are devving on localhost. It would be sweet if you showed them how to use something like localtunnel to tunnel their dev box to a public url that fanout cloud can reach. https://localtunnel.github.io/www/
-
lets Fanout Cloud to integrate
I think you mean 'lets Fanout Cloud integrate'
-
- Apr 2017
-
dev.twitter.com dev.twitter.com
-
.
This period looks like it should be in the header value, but it shouldn't be.
-
::
Why have these colon characters here? AFAICT they're not actually supposed to be sent in the Authorization header
-
-
missionlocal.org missionlocal.org
-
While Rec and Park has a pack and carry policy at Dolores, which means there are no trash bins inside the park
I hate that there is so much trash left behind, but I have to wonder if there is any practical reason for this policy. Add more trash cans.
-
- Jan 2017
-
rauchg.com rauchg.com
-
Being used in government, health care, non-profits, tourism, education (hacking schools, hackathons, and IVY league classrooms), many Fortune 500 companies and even parents teaching their kids how to code :)
users flock to free. Will it stay free forever? If not, what about all those projects? :(
-
-
www.w3.org www.w3.org
-
origin
Not to be confused with 'origin' property
-
MUST be an OrderedCollection
This implies that the inbox URL MUST respond to a GET request, but doesn't explicitly require it
-
unless the activity is transient
Who determines when an activity can be transient? A receiving server can apply whatever logic it wants (e.g. everything is transient to limit storage requirements)
-
servers MUST ignore this
I think better to throw a Bad Request error than silently ignore parts of the request body
-
In particular, servers MUST append an id property to the object
Even if there already is an .id ?
-
if their values are individuals, or Collections owned by the actor.
I think this requirement should be removed. It's overconstraining.
-
Discovering an actor's profile based on their URI.
What does this mean? Elsewhere in the document, the only time 'discovering' is used is wrt discovering an inbox or outbox, not a 'profile'.
-
-
github.com github.com
-
makes it available to JS content * running in isolated worlds.
Hmmm. I'm curious what you mean by this?
-
-
www.deepsouthventures.com www.deepsouthventures.com
-
GoSojourn.com
I chose this one. "hmm what is Sojourn?"
-
-
www.adobe.com www.adobe.com
-
cue
I think you mean 'queue'
-
- Oct 2016
-
www.w3.org www.w3.org
-
Notification targeting: the actors for all objects in the object, target, inReplyTo or tag fields
In AS2, the domain of the 'actor' property is said to be only 'Activity'. The class of Activities is disjoint from the class of Objects. i.e. 'actors for all objects' doesn't make sense to me in the context of AS2 as objects cannot have actors.
Let's say the Activity was "Ben Liked the Note by Amy". Then for the purposes of notification it seems like the more important properties would be .attributedTo (Amy) and .url of the Note itself (looking for a Inbox for the Note?).
-
The audience specified on the object MUST be copied over to the new Create activity by the server.
I assume this means 'the activitystreams#to, activitystreams#cc, and activitystreams#bcc' properties, but
- I would have no idea if I weren't so famliiar with the specs, esp since 'bcc' isn't in these examples.
- in Example 11 '.published' and '.object.published' are the same value. Is this because the published value was copied during transformation to a Create activity? Or because the Note and Activity creation happened within the same second?
- In Example 11, where did .object.id come from? Other sections talk about generating ids for activities, but not for sub-objects
- In example 11, the addition of .object.attributedTo, .actor, and the inclusion of '@language' in the Note's @context (but no description of how/why it was modified from the original value in Example 10) distract from the point of this section and make it hard to know what's required of an implementation
Will you just enumerate the properties that must be copied? Or otherwise more clearly specify the transformation algorithm?
-
- Jun 2016
-
www.rand.org www.rand.org
-
or the moment, at least, cyberterrorists have not harnessed the technology they would need to destroy Western civilization from a basement lab in some remote corner of the world.
Wow. Straight to alarmist! Way to lose centrists in the opening sentence.
-
- Apr 2016
-
www.wired.com www.wired.com
-
Long story
Why is this highlighted? Was hoping to click and see an annotation or hyperlink.
-
-
schepers.cc schepers.cc
-
Don’t post stuff you haven’t verified
Woah woah woah! Definitely post it. Just maybe consider marking it as un-verified. Or inviting verification.
Some of the best (and worst, but tolerable) parts of the web are posted right after a thought enters your mind. I think self-censorship makes the web worse.
-
- Dec 2015
-
w3c-social.github.io w3c-social.github.io
-
Streams
consider describing conceptual relation to as:Collection?
update: ActivityPump does this
-
The Social API
This has more in common with the "Federation Protocol" part of the charter than "Social API", which is chartered as "A document that defines a specification for a client-side API that lets developers embed and format third party information such as social status updates inside Web applications."
Proposal: Rename this to "Social Web Federation Protocol" or if it turns out to be more informative than normative, "Architecture" and not protocol
-
Its URI SHOULD return a 410.
URIs can always come back, and 410 is cacheable. IMO 404 is better
From RFC2610
Such an event is common for limited-time, promotional services and for resources belonging to individuals no longer working at the server's site. It is not necessary to mark all permanently unavailable resources as "gone" or to keep the mark for any length of time -- that is left to the discretion of the server owner.
-
When an object is deleted, it SHOULD be replaced with a ‘tombstone’
This implies linear storage requirements, which isn't ideal. IMO 'MAY' or less is better.
-
Here are some options…
Proposal: Consider SIP Specific Event Notification or a redux of it for HTTP/W3: https://tools.ietf.org/html/rfc6665#section-3
Also I know @progrium has thought a LOT about this over the last 5+ years. https://github.com/progrium/http-subscriptions/blob/master/SPEC.md
-
JSON[-LD]
leave to content negotiation
-
One user may publish one or more streams of content. Streams may be generated automatically or manually, and might be segregated by post type, topic, audience, or any arbitrary criteria decided by the curator of the stream. The result of a GET on the HTTP URI of a profile MAY include links to multiple streams, which a consumer could follow to read or subscribe to. Eg. <link rel="feed" href="http://rhiaro.co.uk/tag/socialwg"> HTTP/1.1 200 OK .... Link: <http://rhiaro.co.uk/tag/socialwg>; rel="feed"
I would leave only this part in and delegate the preceeding to paragraphs to Social Data Syntax (e.g. as:Collection for JSON)
-
MUST result in the contents of the stream
If 'MUST', ALL of the contents (even if 1billion), or is a subset ok?
-
Bearer tokens for authentication
Is it worth even being specific about 'Bearer'? Other Authorization header types are sometimes reasonable too, and other good ones will likely be invented in the future.
IMO if auth{z,n} means is considered orthogonal, the most normative this group should be is "Use the Authorization Headers" and maybe descriptions of reasonable status codes to use.
-
Amy Guy, University of Edinburgh
Thanks for making this!
-
the subject is added to a Followers Collection, which is discoverable from the subject’s profile.
This is hard to keep i sync. i.e. how does a reader of this Collection know if the subject is still following?
Would be better to reify that 'Following' relation (e.g. call it a 'Subscription') and give it a URI on the subject's domain that can 404 once it is removed.
-
Note: I think defining a vocabulary for types of relationships is out of scope and generally not very useful.
+1
Though a narrower goal of ways of expressing interest in topics may be more tractable and useful
-
we should make sure there’s a standard way of doing it.
Just sketching.
Profiles could publish a document listing a set of topics they are interested in receiving Content for. Friends or aggregators could then use this to be informed when to send things to them (e.g. when syndicating an activity with tags in that set)
-
MUST return a JSON object
There's more to HTTP then just the method. For example, if the client requests with GET and 'Accept: text/html', the server probably shouldn't be required (MUST) to respond with JSON. http://www.w3.org/Protocols/rfc2616/rfc2616-sec12.html
Many indiewebers only support responding with html right now, which is fine because it can be marked up in such a way that JSON can be extracted. Furthermore, this extraction could be the basis of those same resources supporting responding with Content-Type: application/json.
-
HTTP
recommend (e.g. HTTPS URI)
without e.g. qualifier it's unclear if the parens are for example or equivalence
-
independantly
typo. You want "indenpendently"
-
People
and machines. Conversational computing is coming on quite strong (see Magic, Facebook M, Alexa, Siri)
-
-
w3c-social.github.io w3c-social.github.ioActivityPump23
-
A client may submit an [ActivityStreams] activity to the server using a HTTP POST request to the dereferencable URI of the outbox collection.
It's extremely unclear whether and/or when POSTing to outbox is semantically to initiate an activity or to publish that one happened. I think it can't be both at the same time.
IMO POST /outbox should have "This activity was performed by actor" semantics instead of activity-initiation semantics.
Leave activity-initiation and CRUD to other RESTful (or not..) control planes, but give them a way of putting it in the outbox so that the outbox can be GET as a user's activity feed.
Edit after thinking for a bit: The sort of side effects initiated by activity described at the end of this document are a sort of interesting idea to be able move the fulfillment logic to a server and out of a client, but IMO that should be a separate thing. like POST {activity} to /initiate or something. That's different than POST {activity} to activity-log. Not sure which is best for /outbox to be, but I don't think it can be all at once.
-
9.2.3 Delete Activity
DELETE via POST is bad because intermediaries have to understand the semantics of the post body in order to do e.g. cache invalidation or ACL inforcement.
-
Example 8{ "@context": "http://www.w3.org/ns/activitystreams", "@id": "https://example.com/~alice/note/72", "@type": "Note", "published": "2015-02-10T15:04:55Z", "updated": "2015-02-10T15:04:55Z", "deleted": "2015-02-10T15:04:55Z", }
Doesn't look deleted to me
-
9.2.1 Create Activity
What if I as a client submit two of these in a row?
-
should be modified
What if the object's @id is 'http://facebook.com' (or another thing that the outbox server can't know how to update?). 400 Response? and it doesn't get in outbox?
But what if I, say, did update some resource through another program, and want that update to appear in my outbox?
In general, submitting an activity to trigger a side effects in a federated model seems like a diffcult thing to get right... It seems more tractable to lay out a way for other servers on which you update things to deliver a receipt for that activity to your outbox.
-
Public
What about 'private'?
"Ben just weighed himself" may be useful to have in my personal outbox, but I def don't want to share that. :)
Only a concern because of earlier language of default recipient list being all your followers
-
notify all share activities of the object.
What does that mean? Can't find 'share activities' mentioned elsewhere.
-
MUST deliver that activity to all recipients of the object
Even those recipients in other federated spaces? That's a lot of MUST.
-
Notifications shall be sent to each of the following objects
Another reason the dereferencing algorithm should support service delegation is so that if all these objects all delegate to same receiver, then only one request has to happen.
-
activity's origin server
"origin servers of the new activity's constituent objects"
-
This is the default recipient list for otherwise unaddressed activities
Later section says that the default recipient list is implementation specific, but MAY be this.
-
prohom authorization
I think this is a typo. What does it mean?
-
MUST dereference the collection (with the user's credentials) and add each person
What if there are 1 million people in the Collection? Why not just delivery the inbox of the group?
We have this problem in real world (where group is all users of cnn.com following 'world news') and do something like the above.
-
agent's
definition?
-
posts
activities?
-
in reverse chronological order
of... activity.published? or activity.updated?
-
objectTypes
the following example as "itemsType", but I don't see that defined in this document or AS Core/Vocab
-
When a user dereferences an actor's ID the page MUST contain HTML
Why can't the ID or URL just support requesting as JSON?
-
User Authentication
OAuth 2.0 on it's own doesn't fully prescribe how to do this.
OpenID Connect does (on top of OAuth2). Maybe other things too, but it's the most useful user authentication extension I've found.
-
HTTP
Says HTTP here but not in below part, where it just says 'Valid URI'
-
If successful, all requests to the URI which would have previously been successful SHOULD return the 410 Gone response code.
URIs can always come back, and 410 is cacheable. IMO 404 is better
From RFC2610
Such an event is common for limited-time, promotional services and for resources belonging to individuals no longer working at the server's site. It is not necessary to mark all permanently unavailable resources as "gone" or to keep the mark for any length of time -- that is left to the discretion of the server owner.
-
(and hence support "multiprotocol" server implemnetations)
Consider supporting activity pump service discovery (and delegation) for those URIs like webmention does
-
8. Notification and Delivery
So... loops. They can happen in here right? How do we prevent? There needs to be base cases.
Or something like: After you successfully send an activity to an inbox endpoint, you add that endpoint to the message somewhere. Other endpoints you notify can see endpoints its already been submitted to. If you receive an activity that is already submitted to other endpoints, you MUST not submit it there.
-
-
micropub.net micropub.netMicropub1
-
the parsed Microformats2 JSON format.
link?
-
-
webmention.net webmention.net
-
Sender discovers receiver endpoint
Consider adding a fourth discovery layer of whole-domain delegation via .well-known. http://indiewebcamp.com/irc/2015-11-29#t1448856141695
(this could also just be documenting how to use webfinger for this)
This lets one domain delegate all its webmentioning to another provider without having to adjust server code to add new response headers or HTML
-
-
www.w3.org www.w3.org
-
created or updated most recently.
which? Kind of ambiguous without an example.
-
To promote interoperability, Activity Streams 2.0 implementations MUST only use link relations that are valid in terms of both the [RFC5988] and [HTML5] definitions.
Seems like this should be SHOULD. The former requires emailing someone at IESG. The latter is wiki-based.
-
qualified, indirect reference
Consider linking to something like http://patterns.dataincubator.org/book/qualified-relation.html
-
In the serialized JSON-LD, these two forms are differentiated using a simple property naming convention
Not as simple as not having those extra properties and convention at all, and just having language maps in range of displayName, title, and future properties where it makes sense. Relevant, but not clear what the outcome was. https://github.com/json-ld/json-ld.org/issues/133
-
Where such overlap exists, for the sake of consistent interoperability, implementers MUST favor the use of properties defined by the Activity Vocabulary.
vague
-
normative JSON-LD @context definition provided here.
Why not include this in the specification document?
-
- Oct 2015
-
www.nytlabs.com www.nytlabs.com
-
have chosen to focus on a future that takes the shape of an article.
I think it's more that they're trying to focus on the present that takes the form of an article. Hipster atomic-news is < 1%. They want instant content liquidity by being able to ingest 99% of today's news sources.
-
- May 2015
-
stories.californiasunday.com stories.californiasunday.com
-
Tea with Strangers
http://www.teawithstrangers.com/
Ankit is really nice!
-
And health insurance?
Relevant: It's not uncommon for parental insurance to extend through 25 now!
-
“I want people to think of me for my merit, not my age,”
THIS. Was definitely a feeling I had after about a few months of moving to SF at 19
-
Now, experience is a liability.
The argument isn't really quoted for this conclusion...
-
“The other day after work, everyone went to drinks.” She went home.
Been there. Several company fundraising parties I couldn't get into.
-
struggled to focus, skipping classes and eventually dropping out, much to his parents’ horror
Me too!
-
Millennial Generation Entrepreneurs
:) #mlgen
-
the trusted tailor of the Lost Boys
Anecdotally, youngsters tend to dress to impress to be taken more seriously. Unfortunately, this takes capital, and not everyone has equal access.
-
One of the biggest fears these young people have is being unintelligible to their parents — and to everyone, really
I felt very very crazy while in college in Kansas. No one was teaching web engineering or product development, and no one at any age was practicing it that I could see and spend time around.
-
something called Nerd Night
-
and didn’t see why they should wait at home for their lives to start
Yep. SF is a better place to be 18-24 than Kansas.
-
Others couldn’t pay for college and questioned why they should go into debt when there is easy money to be made
IMO this is the most common. And extremely rational. 1$ today is worth ~$1.35 after 4 years of college. And that extra $0.35 can make you $3.50 over 30 years.
-
Mission Control
Surely it's not the same as http://missioncontrolsf.org/?
-
- Mar 2015
-
web.livefyre.com web.livefyre.com
-
Whoop dee do
-
-
hypothes.is hypothes.is
-
Comment!
-