Re: Updated wish list

ne 9. 4. 2023 v 2:06 odesílatel Johannes Ernst <>

> Hey, could you fill what you said here into the survey I just sent? That
> might make it easier to keep an overview of the various views by everybody,
> and then we can have a consolidated discussion?
> (Note that I’m much more interested that this group is (re-)starting to
> move in some direction it is comfortable with, than that I get exactly what
> I would prefer … :-))

Thanks for the reminder.  I think W3C CG mailing lists, while certainly not
perfect, have a few benefits for discussion:

- bullet proof mechanism for creating royalty free technology
- long track record for keeping public mailing lists
- tooling that most of the group is familiar with

Other tools such as forums, surveys could be useful additions to this,
particularly in straw polling.  But I think in terms of figuring out what
to do with activity pub the ML is going to be a good starting
point.  I think it may be possible to take things from the public mailing
list and add them to a knowledge base, e.g. with an automated script, but
perhaps check with w3c first.

I've been through a lot of the open issues yesterday.  AP has actually
changed several times since it was first published.  There seems to be a
lack of change control, from what I saw, I may be wrong.  But it is the
case that the context has now diverged from the AS 1.0 vocab (this is
bad!).  Some of the examples are broken.  It's in a worse state than I
thought with fundamental parts of the vocab broken or inconsistent.  There
seem two options.  One is to accept the technical debt, and live with it.
The other is to make "breaking fixes", but that would likely require a full
version upgrade, and tt's unclear who would upgrade.  I think mastodon is
going to have to express an opinion as to what they want or dont want
upstream, and then that can be a basis to fix and improve AP.

> Cheers,
> Johannes.
> Johannes Ernst
> Blog:
> FediForum:
> Dazzle:
> On Apr 7, 2023, at 15:03, Johann Galle <> wrote:
> I apologize in advance for probably being snarky.
> On 2023-04-06 00:52+01:00, Johannes Ernst wrote:
> > A design to reduce certain loads:
> > - Fan-out
> Might we call this "federation" maybe? or "running smaller instances"? :^)
> > - Video
> Not sure what you specifically want to reduce load with video, wouldn't it
> be more generally about files? My naive guess would be to use CDNs.
> > future of ActivityPub Client-to-Server (C2S)
> I have to admit I have not acquainted myself in too deep detail with C2S
> but what seems to be missing is retrieving things? And at least in the way
> I use it, there is a lot more reading than writing, so that part would be
> arguably more important. Not sure what the advantage of splitting the specs
> would be since they would continue to be probably closely related.
> > Signed content
> This is really something that I would like to be standardized. The current
> state is as I see more or less that Mabstodon dictates for everyone that we
> are stuck with an outdated RFC draft for HTTP signatures (or an even more
> outdated LdSignature thing). As far as I am aware there is a [FEP-8b32]
> about this and while I cannot comment on the technical merit I think that a
> FEP is a good place to kind of work out how the things should work and what
> problems may be and generally discuss it.
> [FEP-8b32]:
> > Private messages
> I'm not sure that ActivityPub is the right tool to do private (or also
> instant) messaging.
> There are plenty of protocols/services already around for this specific
> purpose and IMHO ActivityPub doesn't have to be the silver bullet for
> everything.
> ActivityPub also definitely has some overhead and also privacy risks
> (e.g.: Wildebeest not interpreting addressing correctly).
> > A branding program for products that have passed the test suite
> To me "branding" does not really sound like something nice, if I think
> about the literal sense. And thinking of the metaphorical sense also
> doesn't sound much better either, since it evokes images of "corporatism"
> that I am honestly happy at least the part of the Fediverse I call home has
> managed to avoid this far.
> > As an implementor, you get to put the sticker on your product.
> > In particular, in the places in the product where users “connect” to
> other servers in the Fediverse, like “Visa” is displayed at the POS terminal
> > I believe this will become critical if/when larger orgs with potentially
> different value systems connect to the Fediverse
> There already is a logo for ActivityPub and/or the Fediverse which people
> could use for this purpose and I think projects do use them. But since they
> are just pixel graphics nothing would stop me from adding them without
> getting authoritatively certified by someone.
> > A set of web “intent buttons” for Like, Follow, Post, etc that work
> across sites
> As far as I am aware Mastodon had something like this with
> authorize_follow URLs which were a part of OStatus I think, but this as
> been removed. I am not sure of the reasoning, maybe it was just because
> they wanted to remove old OStatus leftovers.
> But I'm not really sure why they are necessary if instead it would be
> possible to put a things URI in your instances search bar and then being
> able to interact with it (the "new" solution). Having buttons for this is
> IMHO gimmicky and probably also out of scope for this spec.
> > Best practices for content propagation
> > - E.g. resolve the “It has 5 likes here but 10 over there” issue and
> related.
> I think this is a pretty much fundamental "problem" of a distributed
> system and is unsolvable. You could maybe have an "update" button next to
> everything but that would play back into your prior point of reducing load?
> And why would it be necessary to know exactly how many likes someone's post
> has in the first place, other than "clout"?
> > Improved identity management across the Fediverse
> > - Easy-to-use single-sign-on across servers.
> As already noted in
> single-sign-on and ActivityPub do not really have to do much together since
> ActivityPub is about activities and publishing them. There are existing
> technologies for this and as I said already, ActivityPub does not need to
> be a silver bullet.
> Regards,
> Johann
> --
> This message was signed using OpenPGP. If you receive email from me in the
> future that is not digitally signed, it might not be authentic. Demand that
> the message be digitally signed if you want to be sure you are talking to
> me.
> My public key is available at these locations:
> <
> >
> <
> >
> or through web key discovery, i.e. `gpg --locate-keys
> or as an attachment to this message. All these locations should provide
> the same key.
> <OpenPGP_0xA4EFCC5A6174FB0F.asc>

Received on Sunday, 9 April 2023 05:06:54 UTC