Re: Updated wish list

I apologize in advance for probably being snarky.

On 2023-04-06 00:52+01:00, Johannes Ernst wrote:

 > A design to reduce certain loads:
 > - Fan-out
Might we call this "federation" maybe? or "running smaller instances"? :^)

 > - Video
Not sure what you specifically want to reduce load with video, wouldn't it be more generally about files? My naive guess would be to use CDNs.

 > future of ActivityPub Client-to-Server (C2S)

I have to admit I have not acquainted myself in too deep detail with C2S but what seems to be missing is retrieving things? And at least in the way I use it, there is a lot more reading than writing, so that part would be arguably more important. Not sure what the advantage of splitting the specs would be since they would continue to be probably closely related.

 > Signed content
This is really something that I would like to be standardized. The current state is as I see more or less that Mabstodon dictates for everyone that we are stuck with an outdated RFC draft for HTTP signatures (or an even more outdated LdSignature thing). As far as I am aware there is a [FEP-8b32] about this and while I cannot comment on the technical merit I think that a FEP is a good place to kind of work out how the things should work and what problems may be and generally discuss it.

[FEP-8b32]: https://codeberg.org/fediverse/fep/src/branch/main/feps/fep-8b32.md


 > Private messages
I'm not sure that ActivityPub is the right tool to do private (or also instant) messaging.
There are plenty of protocols/services already around for this specific purpose and IMHO ActivityPub doesn't have to be the silver bullet for everything.
ActivityPub also definitely has some overhead and also privacy risks (e.g.: Wildebeest not interpreting addressing correctly).

 > A branding program for products that have passed the test suite
To me "branding" does not really sound like something nice, if I think about the literal sense. And thinking of the metaphorical sense also doesn't sound much better either, since it evokes images of "corporatism" that I am honestly happy at least the part of the Fediverse I call home has managed to avoid this far.

 > As an implementor, you get to put the sticker on your product.
 > In particular, in the places in the product where users “connect” to other servers in the Fediverse, like “Visa” is displayed at the POS terminal
 > I believe this will become critical if/when larger orgs with potentially different value systems connect to the Fediverse

There already is a logo for ActivityPub and/or the Fediverse which people could use for this purpose and I think projects do use them. But since they are just pixel graphics nothing would stop me from adding them without getting authoritatively certified by someone.

 > A set of web “intent buttons” for Like, Follow, Post, etc that work across sites

As far as I am aware Mastodon had something like this with authorize_follow URLs which were a part of OStatus I think, but this as been removed. I am not sure of the reasoning, maybe it was just because they wanted to remove old OStatus leftovers.
But I'm not really sure why they are necessary if instead it would be possible to put a things URI in your instances search bar and then being able to interact with it (the "new" solution). Having buttons for this is IMHO gimmicky and probably also out of scope for this spec.

 > Best practices for content propagation
 > - E.g. resolve the “It has 5 likes here but 10 over there” issue and related.

I think this is a pretty much fundamental "problem" of a distributed system and is unsolvable. You could maybe have an "update" button next to everything but that would play back into your prior point of reducing load? And why would it be necessary to know exactly how many likes someone's post has in the first place, other than "clout"?

 > Improved identity management across the Fediverse
 > - Easy-to-use single-sign-on across servers.

As already noted in https://socialhub.activitypub.rocks/t/activity-pub-sso/3067/3 single-sign-on and ActivityPub do not really have to do much together since ActivityPub is about activities and publishing them. There are existing technologies for this and as I said already, ActivityPub does not need to be a silver bullet.

Regards,
Johann
-- 
This message was signed using OpenPGP. If you receive email from me in the future that is not digitally signed, it might not be authentic. Demand that the message be digitally signed if you want to be sure you are talking to me.
My public key is available at these locations:
<https://github.com/Johann150/Johann150/blob/main/johann-qwertqwefsday-eu.asc>
<https://qwertqwefsday.eu/.well-known/openpgpkey/hu/spd3xecxhotzgyu1p3eqdqdp31ba6rif>
or through web key discovery, i.e. `gpg --locate-keys johann@qwertqwefsday.eu`
or as an attachment to this message. All these locations should provide the same key.