- From: a <a@trwnh.com>
- Date: Mon, 13 Mar 2023 04:30:50 -0500
- To: Bob Wyman <bob@wyman.us>
- Cc: public-swicg@w3.org
- Message-ID: <CACG-3GjNOzeJ=Q799pX2DeCEFCyVJFpzEm=xoUB4HGr3sLc6vQ@mail.gmail.com>
> it says nothing about the interface for performing even basic CRUD operations on those Collections. (e.g. CRUD = Create, Read, Update, Delete) i'm not sure why you would apply CRUD to Collections. we have Add and Remove. > If I want to sign, or encrypt a Collection, or some or all of its elements, I get no guidance from any of the existing Activity* specifications. If I look around hard enough, I might stumble across the Verifiable Credential Data Integrity <https://w3c.github.io/vc-data-integrity/> and find in it some guidance on signing chunks of JSON-LD, but I'm not really sure if anyone else would be able to understand such signed JSON-LD. yes, ActivityStreams and ActivityPub do not mandate any specific authentication or verification or proof mechanism. if they had, they would very quickly be outdated. i'm sure more work is ongoing with VCDI regarding this general issue of verifiability and data integrity proofs, some discussion of which can be found with FEP-8b32: https://socialhub.activitypub.rocks/t/fep-8b32-object-integrity-proofs/2725 -- the problem of course is deciding on a cryptosuite. cryptosuite churn is the biggest problem in general, as any proof you generate today will probably soon be useless on account of no one knowing how to verify it in a few years. see RsaSignature2017 as used in mastodon's implementation of the old Linked Data Signatures draft, which is not even defined anymore since it was formalized as RsaSignature2018, and even *that* is still a draft. > If items in my collection need to refer to each other refer *how*, precisely? `tag` is intended as a general "inclusion by reference" mechanism, but there also exists the more specific `inReplyTo` for when your object is in some way a response to another object. > how can I spend more time coding and less time digging through discussion lists of standards groups? i'm not sure there's a good answer to this question. if you want to implement a standard then you'll probably end up looking at either the standard itself, or at some implementation guide or tutorial.
Received on Monday, 13 March 2023 09:31:40 UTC