Re: Proposed agenda items for 5 Apr 2024 meeting from Aaron Gray on 2024-04-05 (public-swicg@w3.org from April 2024)

From: Aaron Gray <aaronngray@gmail.com>
Date: Fri, 5 Apr 2024 08:05:44 +0100
To: Ryan Barrett <public@ryanb.org>
Cc: Evan Prodromou <evan@prodromou.name>, "public-swicg@w3.org" <public-swicg@w3.org>
Message-ID: <CAKXmGHD9G6_48QYxSYTw8EYMyZ3zKvmd2cYNtvX3zHDnUm+uxQ@mail.gmail.com>

Ryan,

I have used your specification for my Bash based webfinger

a) to deal with the Mastodon username validation - which should be okay
b) the RFC3077 username validation - which has issues, no RegEx, and the
ABNF was not clear to me, the 0*(...) was not obvious

Here's my repo if you want to play :-

https://github.com/AaronNGray/webfinger.sh

It should all be self installing all within the one
webfinger command, which can be copied locally.

I hope to expand this work to be a complete ActivityPub/Streams set of
tools and maybe even a test set.

If people are interested I may do a quick demo at the end of todays session.

Regards,

Aaron

On Fri, 5 Apr 2024 at 04:44, Aaron Gray <aaronngray@gmail.com> wrote:

> I have a number of issues. I will file them for completeness but would
> like to discuss them tomorrow.
>
> Regards,
>
> Aaron
>
> Aaron Gray - @AaronNGray@fosstodon.org
>
> Independent Open Source Software Engineer, Computer Language Researcher,
> Information Theorist, and Computer Scientist.
>
>
>
> On Fri, 5 Apr 2024 at 00:53, Ryan Barrett <public@ryanb.org> wrote:
>
>> Hi all! Late notice, but I'm hoping to take a minute on tomorrow's call
>> to announce the first draft of the ActivityPub and HTTP Signatures report
>> <https://swicg.github.io/activitypub-http-signature/> and request review
>> and feedback. I'm happy to hear comments on the call, if we have time, or
>> you're welcome to file them in a GitHub issue
>> <https://github.com/swicg/activitypub-http-signature/issues>.
>>
>> See you all tomorrow!
>>
>> On Wed, Mar 27, 2024 at 10:47 AM Evan Prodromou <evan@prodromou.name>
>> wrote:
>>
>>> For the chairs and everyone else: I have three proposed agenda items for
>>> the 5 Apr 2024 meeting.
>>>
>>>    1. *Advance ActivityPub-Webfinger profile to a draft report*. a has
>>>    done a great draft here, and there's been a lot of issue development and
>>>    guidance. If a thinks it's ready, I believe we should release this report
>>>    as a CG-DRAFT for wider review.
>>>    2. *Integrate the Security namespace into the Activity Streams 2.0
>>>    context document*. Web Security 1.0 is a widely-implemented context
>>>    used for HTTP Signature properties in ActivityPub. It would make a good
>>>    test case for the extensions process
>>>    <https://swicg.github.io/extensions-policy/>.
>>>    3. *Consider an OAuth 2.0 profile for ActivityPub*. One discussion
>>>    that has come up during issue triage is aligning the different OAuth 2.0
>>>    profiles for AP. FEP-d8c2
>>>    <https://codeberg.org/fediverse/fep/src/branch/main/fep/d8c2/fep-d8c2.md>
>>>    lays one out; there are also suggestions to use OIDC's discovery
>>>    mechanisms. Because we already have several profiles for using other
>>>    standards with AP, and because OAuth 2.0 is the primary way for client
>>>    applications to access API servers, I think it may be good for developers
>>>    to have a report on current best practices for OAuth 2.0.
>>>
>>> Evan
>>>
>>>
>>>
>>
>> --
>> https://snarfed.org/
>>
>

-- 
Aaron Gray - @AaronNGray@fosstodon.org

Independent Open Source Software Engineer, Computer Language Researcher,
Information Theorist, and Computer Scientist.

Received on Friday, 5 April 2024 07:06:01 UTC