Re: Proposed agenda items for 5 Apr 2024 meeting from Aaron Gray on 2024-04-05 (public-swicg@w3.org from April 2024)

From: Aaron Gray <aaronngray@gmail.com>
Date: Fri, 5 Apr 2024 04:44:31 +0100
To: Ryan Barrett <public@ryanb.org>
Cc: Evan Prodromou <evan@prodromou.name>, "public-swicg@w3.org" <public-swicg@w3.org>
Message-ID: <CAKXmGHBzrmWnzXUTtpvvp6Was0QysOkSa8=ZR6KuXjUkWodGsg@mail.gmail.com>

I have a number of issues. I will file them for completeness but would like
to discuss them tomorrow.

Regards,

Aaron

Aaron Gray - @AaronNGray@fosstodon.org

Independent Open Source Software Engineer, Computer Language Researcher,
Information Theorist, and Computer Scientist.



On Fri, 5 Apr 2024 at 00:53, Ryan Barrett <public@ryanb.org> wrote:

> Hi all! Late notice, but I'm hoping to take a minute on tomorrow's call to
> announce the first draft of the ActivityPub and HTTP Signatures report
> <https://swicg.github.io/activitypub-http-signature/> and request review
> and feedback. I'm happy to hear comments on the call, if we have time, or
> you're welcome to file them in a GitHub issue
> <https://github.com/swicg/activitypub-http-signature/issues>.
>
> See you all tomorrow!
>
> On Wed, Mar 27, 2024 at 10:47 AM Evan Prodromou <evan@prodromou.name>
> wrote:
>
>> For the chairs and everyone else: I have three proposed agenda items for
>> the 5 Apr 2024 meeting.
>>
>>    1. *Advance ActivityPub-Webfinger profile to a draft report*. a has
>>    done a great draft here, and there's been a lot of issue development and
>>    guidance. If a thinks it's ready, I believe we should release this report
>>    as a CG-DRAFT for wider review.
>>    2. *Integrate the Security namespace into the Activity Streams 2.0
>>    context document*. Web Security 1.0 is a widely-implemented context
>>    used for HTTP Signature properties in ActivityPub. It would make a good
>>    test case for the extensions process
>>    <https://swicg.github.io/extensions-policy/>.
>>    3. *Consider an OAuth 2.0 profile for ActivityPub*. One discussion
>>    that has come up during issue triage is aligning the different OAuth 2.0
>>    profiles for AP. FEP-d8c2
>>    <https://codeberg.org/fediverse/fep/src/branch/main/fep/d8c2/fep-d8c2.md>
>>    lays one out; there are also suggestions to use OIDC's discovery
>>    mechanisms. Because we already have several profiles for using other
>>    standards with AP, and because OAuth 2.0 is the primary way for client
>>    applications to access API servers, I think it may be good for developers
>>    to have a report on current best practices for OAuth 2.0.
>>
>> Evan
>>
>>
>>
>
> --
> https://snarfed.org/
>

Received on Friday, 5 April 2024 03:44:49 UTC