Social API: Scope from Owen Shepherd on 2014-07-29 (public-socialweb@w3.org from July 2014)

From: Owen Shepherd <owen.shepherd@e43.eu>
Date: Tue, 29 Jul 2014 23:13:26 +0100
To: <public-socialweb@w3.org>
Message-ID: <068701cfab7a$521dfad0$f659f070$@e43.eu>

Hi all.

 

I brought this up at today's informal meeting, and the chairs said these
points were undecided. So, while the primary focus of the WG should probably
be locking down the requirements, justification, etc for AS2, we should
probably at least begin considering the scope of the social API.

 

So, the first question (which I raised at the meeting is):

The primary input (per the charter) into the social API is the OpenSocial
Activity Streams and Embedded Experiences API member submission
<http://www.w3.org/Submission/2014/SUBM-osapi-20140314/> . This incorporates
two aspects: firstly, an ActivityStreams API, and secondly functionality for
the embedding of "rich" content into a post. Is the latter portion in scope?


 

My personal inclination on this point is that

*         The later portion is out of scope for the social API spec, which
should be restricted to a HTTP(S) API.

*         It probably is in scope for the working group, but we should defer
working on interactive rich content until a later time

*         We should possibly consider "simple" embedded rich content in the
AS2 spec; this may be limited in scope to e.g. a link to some embedded
content (which in a web page might be rendered in a seamless IFrame)

 

My second point/question:

If we are to develop both a federation protocol and a client API, there is
liable to be considerable overlap in functionality and surface area, and
significant interactions. Should we not consider both together, as a single
holistic whole?

 

Examples of my reasoning for the above:

*         I click on a user's avatar in my client. This should bring up a
page showing information about the user, and their recent activities (as per
my permissions to their activities, e.g. I should see anything addressed
directly at me on that page). A consequence of this is that I need
authenticated access as myself to that user's server. In order to support
this use case, my client needs to be able to authenticate against the remote
server with its' own credentials

*         My friend posts a video to just his friends. My client should be
able to download that video straight from his server, without needing for it
to be proxied through my server as an intermediate (a waste of bandwidth for
my server, and a function which greatly complicates my server's code)

*         I play an online game. This creates activities in my stream for
things I do (i.e. acts as a client). It also posts activities to me to
notify me of events (i.e. acts as a server). The game should be able to do
both without needing to speak two different protocols

Received on Tuesday, 29 July 2014 22:13:55 UTC