27 Jan 2010

See also: IRC log




<mischat> hello, sorry I can't make the call today, will be sat in irc though

<tpa> yes hhalpin

I don't hear hhalpin well

1. Convene SWXG WG meeting of 2010-01-27T16:00-17:00GMT

<tpa> we're a XG now? ^^

<tpa> woah, I didn't realize we were moving that fast ;)


I'll give it a try!

<hhalpin> scribe: cperey

you will help me out!!

<pchampin> who is on a plane?

<mischat> woohoo ... to being a WG

<mischat> ah

<mischat> XG

<hhalpin> PROPOSED: to approve SWXG WG Weekly -- 20th January 2010 as a true record

<hhalpin> http://www.w3.org/2010/01/20-swxg-minutes.html

<DKA> +1

<hhalpin> APPROVED: SWXG WG Weekly -- 20th January 2010 is a true record

<hhalpin> PROPOSED: to meet again Wed. February 3rd

<hhalpin> The topic will by micropaymentss

<tpa> cool

Action Reminders

<Yuk> zakim ??P33 is me

<hhalpin> http://www.w3.org/2005/Incubator/socialweb/weekly-agenda.html

<danbri> oops

<tpa> hhalpin: closed a few actions that were no longer relevant

<DKA> http://www.w3.org/2009/11/03-swxg-minutes.html

<danbri> Yuk, sorry one of us is P34 and the other P33

<danbri> hmm

internal discussion about protocol first

<hhalpin> Is that OK?

<DKA> (minutes from our f2f)

hhalpin just so everyone is up to speed. Has everyone had a chance to look at document?

<tpa> hhalpin: I really have trouble hearing you

Salmon Protocol

<DKA> (thanks to Phil Archer for helping me find that)

<hhalpin> Has anyone looked at the document?

hhalpin is riding in a car

<hhalpin> No it's danbri

<rreck> darn

<tpa> the salmon protocol spec ?

<tpa> is that the document in question?

<rreck> sorry

<danbri> hhalpin, I told Zakim ??P33 is me but it's not

<hhalpin> http://www.salmon-protocol.org/salmon-protocol-summary

DKA accomplished one of his action itmes off

<hhalpin> ACTION: [DONE] DKA to write-up output of XG meeting in TPAC [recorded in http://www.w3.org/2010/01/27-swxg-minutes.html#action01]

<hhalpin> So, I could give a quick overview of the problem that Salmon Protocol trying to solve

<hhalpin> if anyone interested

<DKA> +1

yes, pleaes

<rreck> itwas me

<hhalpin> http://www.salmon-protocol.org

<hhalpin> The comments in general are fragmented across the web

<hhalpin> blog comments

hhalpin looks at the fact that comments are fragmented


scribe: all the comments on social media sites

<hhalpin> ActiveStrea.ms

<hhalpin> Atom-based

<hhalpin> PubSubHubbub

<Yuk> thanks

<melvster> s/activestrea.ms/activitystre.ms

hhalpin: allows feed to stay close to real time
... active stream lets single site publish an update of all comments
... the reason that you might want to knit the conversation, is that you might want to verify if the conversation fits togethre
... some form of syndication allows you to check in
... to dish out bad comment headers, seems to be its main advantage
... builds on top of using...web speaker to use authentication methods used by various servers
... to use web speaker XRD

<hhalpin> http://www.salmon-protocol.org/salmon-protocol-summary

hhalpin: to determine if comments are valid or not
... protocol quite short
... might want to look at examples of code to understand
... for example atom
... how this improves over standard methods, attempt to use security measures
... doesn't yet do a full HTML signature, though interested in that
... currently another thing on the to do list is ...can't hear you
... similar to track bak

<hhalpin> http://commentback.micz.it/

hhalpin: alternative spec out there, the alternative to comment back'

<hhalpin> this is an alternative to salmon protocol

hhalpin: a lot of people excited about Salmon, but not about comment back

<hhalpin> 1) centralized logging for the verication

hhalpin: because requires

<hhalpin> 2) XML-RPC

hhalpin: a lot of people don't like
... hope that helps people to understand. Demo if you have time and Demo acount

<hhalpin> http://groups.google.com/group/salmon-protocol

Google account

scribe: first spec to use the Open Web Foundation legal agreement

<hhalpin> http://groups.google.com/group/salmon-protocol/browse_thread/thread/e0a6c6cf1dbd668d

scribe: argument about authentication will
... talk about controversy around OauthWRAP and Oauth 1.1
... what do we want John to address?
... should we recommend this protocol?
... not semantic web

<bblfish> it would be interesting to think about how it fits with SIOC

scribe: not widely deployed. spec itself quite drafty
... Alex could join?

<hhalpin> (I did send Alex an e-mail)

bblfish: you can link comments
... what does this do on top of it?

hhalpin: does the same but has an authentication mechanism
... don't know if ... does that. Doubt they do

<hhalpin> http://sioc-project.org/

bblfish: is this to tell people where they can point for comments on a blog

hhalpin: unify comments about video or tags
... combine with reviews from a movie site

<hhalpin> supposed to be more general than just blog sites

bblfish: there's a link in the URL? New relation to a post end point

hhalpin: two weaknesses
... could be added at some point
... the update data
... handled by atom
... the other problme is the authentication problem. Some work by Henry and others (DanBri) on this

<hhalpin> SIOC?

bblfish: looking at protocol

<bblfish> <link rel="salmon" href="http://example.org/salmon-endpoint"/>

<hhalpin> it's not an advantage of Atom per se

<hhalpin> we can easily semantic-webbize Salmon protocol

<bblfish> GRDDL

<pchampin> +1 hhalpin

bblfish: don't see any problem with that

<hhalpin> however, we'd need to think about how OAuth/OpenID works with RDF

bblfish: some way to authenticate

<hhalpin> Or we could just keep SSL


<hhalpin> ack ??P34

<hhalpin> Whoever is ??P34 should speak after Henry

bblfish: looks like the obvious thing to do

<hhalpin> "salmon" as salmons going upstream, as the blog comments being re-aggregated

<melvster> Salmon + TLS http://www.abstractioneer.org/2010/01/web-wide-public-key-infrastructure.html

<hhalpin> Ah, good point melver

bblfish: can this be done without forcing use of XRD

DKA: from perspective of what we can ask
... interesting to hear what the adoption has been
... what problems trying to solve

<hhalpin> +1 not sure where adoption is on this, as compared to ActivityStreams

<hhalpin> And good to see how it also works with TLS, like FOAF+SSL

DKA: how to be integrated into multiple different types of architecture
... look at how it fits with sem web is one perspective, how it is being adopted into social web landscape is another question

hhalpin: seems to be verification???
... other people focusing mostly on Atom and others on XMPP

<hhalpin> does that make sense?

hhalpin: why would you choose one over the other?

<hhalpin> I could see this all being done with XMPP on some level

<bblfish> atom makes sense, it's just a simplified WebDAV

high-level social infrastructures

hhalpin: want to discuss high level issues

Harry? when John comes on, could you scribe to get the transcript correct?

DKA: need to talk about high leve principles to solidify what the social web is

<danbri> reading about salmon, i wonder if there's a slot in the protocol to deal with rights/copyright info about re-aggregated content...

<scribe> ... new CNET article yesterday, how Chris messina has joined google

UNKNOWN_SPEAKER: social web team is being talked about in mainstream tech press
... useful to talk about how we talk about social web high level principles

<hhalpin> Anyone got a link to the CNET article?

<tpa> Tim Anglade is here :)

AnitaD: how do you want to continue
... can you talk about business use cases?
... some comments to high level principles
... should we discuss now or another call

tpa: I figured the topic and want to give it a try to formalize the language and underlying principles
... not sure that the current vocabulary is satisfactory

<bblfish> what is the URL of the latest use cases?

<Yuk> http://news.cnet.com/8301-13577_3-10441307-36.html?tag=mncol;posts

tpa: we are trying to add a larger view, want to inspire from some other documents out there.
... thinking of bill of rights for social web, linked back clearly, or not to use cases on the document
... need to formulate language and link. still tagging and background work, just plain writing that needs to be done

<hhalpin> speaking of tagging, there is a standard for tags out there we should look at

DKA: on principles, we need to take time to look at what these things mean

<hhalpin> http://tagcommons.org/

<hhalpin> Very old API effort on tags

DKA: these principles, rather than adopting from social media best practices, before we wholesale adopt

<hhalpin> http://www.commontag.org/Home

tpa: at least linking to the other people, other sources, other blog posts, where the principles have been surveyed

<hhalpin> Semantic Web Tag vocabulary

tpa: not for adopting because so far nothing has been fully satisfying

DKA: Harry what do you think?

hhalpin: we could devote another full session to it
... first half of next week

DKA: take a stab that we voiced, which got some debate
... what you see depends on who you are, user centric approach to thinking of the social web
... what does it mean, how do we elaborate on it
... as a diferentiator between ...

<tpa> bblfish: http://www.w3.org/2005/Incubator/socialweb/wiki/RequirementsAndUseCases-WorkArea this is the latest URL for the use cases

DKA: high level principle depends on who yuou are, depends on your social graph, from perspective ... having to do with permissions
... how you see, perceive the web, depends on how you see others, linking with profiles or through meta data that hangs off of a link between you and another user
... key differentiator of the social web. Why it is different from the web as we know it

<tpa> I agree that we need to talk about those principles

<tpa> but maybe not through a call

hhalpin: continue this next week?

<hhalpin> lets take it to the list-serv?

<tpa> it'll probably get really messy in a telecon

DKA: propose that we come out with resolutions that codify the first draft of proposed principles

<melvster> +1

<tpa> +1

<bblfish> makes sense

John Panzer on Salmon Protocol

<bblfish> yes

hhalpin: what's the current deployment?

<hhalpin> Queue up people to ask questions?

<hhalpin> jpanzer: I work for Google, formerly on OpenSocial, now on open protocols

<hhalpin> jpanzer: we now have a WordPress stack

<hhalpin> ... working on digital signatures

<hhalpin> ... now we will give in IETF working draft

<hhalpin> ... we are trying to keep the widest deployment as possible

<hhalpin> ... from implementing the protocol

<hhalpin> ... but we want a minimum level of security

<hhalpin> ... OAuth itself is in a little bit of flux

<hhalpin> ... due to OAuth and the new WRAP initiative and OAuth 2.0 effort

<hhalpin> ... but we will do existing specs when available

<hhalpin> ... what salmon needs is a way for a way for the client

<hhalpin> ... to securely identify itself

<hhalpin> ... OAuth would give us that, TLS with client certificates gives us that (but issues with key distributios)

<hhalpin> bblfish: Would be very interesting how to client certificates without key distribution

<hhalpin> ... with FOAF+SSL would apply and convert over this, no CA signing stages

<hhalpin> ... but the problem is people who wrote the library didn't write the standard

<hhalpin> ... we can't get people to upgrade their libraries

<hhalpin> bblfish: X.509 we try to use it the way they were intended to be used

<hhalpin> ... but the possibilities were not available at the time

<hhalpin> ... will send you link

<hhalpin> henry - also send that link to the listserv!

<hhalpin> jpanzer: there are two clients on the client-side

<hhalpin> ... people on server

<bblfish> http://esw.w3.org/topic/foaf+ssl

<hhalpin> ... and people behind client

<hhalpin> ... people have independent public key for signing things

<hhalpin> ... so not tied to multiple clients

<hhalpin> ... can move between client

<hhalpin> bblifish: multiple keys and multiple clients tied to the same URIs, but we would need to discover profile at that URI

<hhalpin> ... if user owns a file

<hhalpin> ... then we can use that as verification

<hhalpin> ... due to domain name system

<hhalpin> jpanzer: yeah, that would work

<hhalpin> ... links then build the reputation system over time

<hhalpin> Likely, you'll be one of the first projects - including pubsubhubub to implement Open Web Foundation Agreement

<hhalpin> http://openwebfoundation.org/legal/agreement/

<hhalpin> http://groups.google.com/group/open-web-discuss/browse_thread/thread/f567836-33382c490

<hhalpin> Correct?

<hhalpin> ... if I'm going to start developing, as someone that works for a large company (luckily my company is rather liberal)

<hhalpin> ... we need to satisfy our lawyers

<hhalpin> ... which is much better if we engage people early

<hhalpin> ... most of the companies would be happy to have their people engage in these things, as long as everyone does

<hhalpin> ... to keep the playing field level

<hhalpin> ... rather than inserting IP that is problematic down the road

<hhalpin> ... this helps immensely

<hhalpin> ... particularly in large things in browser specs

<hhalpin> ... harder to get lawyer before doing things

<Zakim> danbri, you wanted to ask about the openweb license commitments in face of acquisitions etc

<hhalpin> especially with smaller specs where the value is not sure yet

<hhalpin> danbri: how does owf deal with acquisition?

<hhalpin> jpanzer: great question for someone like dewitt

<hhalpin> ... not sure off top of my head

<hhalpin> ... of company obligations

<hhalpin> ... dewitt clinton would be happy to talk about this.

<hhalpin> Microsoft odata

<hhalpin> ... primarily leveraging the Atom format

<hhalpin> jpanzer: primarily leveraging Atom format

<hhalpin> ... but not Atom protocol

<hhalpin> ... as distributed comment is different

<hhalpin> ... people understand its semantics

<hhalpin> ... and lots of people are building on top of it, like ActivityStrea.ms

<hhalpin> ... salmon is built on top

<hhalpin> ... of atom because activiystreams is still in flux

<hhalpin> ... don't do anything that is conflicting

<hhalpin> ... this is largely orthogonal due to verified provenance

<hhalpin> ... as they are kinda composable

<hhalpin> licensing information and provenance information on atom, is that enough?

<hhalpin> jpanzer: at least one level, the identity - but also the agent of that person

<hhalpin> ... so there's two players

<hhalpin> ... why we picked those two

<hhalpin> ... is that we can get reputation and spam control

<hhalpin> ... again, immediate vector of parasites

<hhalpin> ... so we're planning on this being successful

<hhalpin> ... the spammers will immediately attack it

<hhalpin> ... so we need a minimum way to defined itself

<hhalpin> ... so having provenance itself doesn't that

<hhalpin> ... so that gives us information to defend against simple attacks

<hhalpin> ... and basis for defending against other attacks

<hhalpin> ... and reputation management

<hhalpin> ... then you can make lot more automated decisions

<danbri> re reputation and xmpp, see also http://xmpp.org/extensions/xep-0275.html

<hhalpin> what is next after salmon protocol?

<hhalpin> ... what is next

<hhalpin> ... send verified structured data that is signed

<hhalpin> ... could let you build interesting things

<hhalpin> ... one application that keeps coming up to detect a personal store

<hhalpin> ... the comments, the ratings, and all of that

<hhalpin> ... and services that are enabled for this

<hhalpin> ... will automatically copy back to personal store

<hhalpin> ... so I have a record of what I did

<hhalpin> ... a searchable database

<hhalpin> ... so I can do my own personal social search

<hhalpin> ... that's a very interesting and useful thing

<hhalpin> ... automatically discover endpoints that discover salmon

<hhalpin> ... and then second ability to do interesting things with sieve data

<hhalpin> ... talking to status.net guys about distributed social networks

<hhalpin> ... follow action

<hhalpin> ... broadcast an activity saying john follows bob

<hhalpin> ... and send that to bob

<hhalpin> ... so bob can build his own database of people that follow/unfollow it

<hhalpin> ... distributed social graph

<hhalpin> ... automatically edit or generate FOAF file

<bblfish> yes, so you could have a addfriend contact to foaf

<hhalpin> ... doesnt really add a centralized service to maintain that graph

<bblfish> foaf:addContact

<danbri> i have to go - late for DataPortability Steering call ... but great stuff, i'm inspired to read the manual now :)

<DKA2> Ref XMPP, we are doing something interesting in this space as well - http://onesocialweb.org/ - hope to present / discuss next week.

<hhalpin> what about dsig and role of the w3c?

<hhalpin> jpanzer: for many apps dsig is great

<hhalpin> ... but there's a real problem

<hhalpin> ... for more lightweight applications

<hhalpin> ... pulling stuff together in 30 minutes

<hhalpin> ... we can't get traction on xml-dsig

<hhalpin> ... main issue is canonicalizaiton issue

<hhalpin> ... which is a software stack

<hhalpin> ... issue, as they aren't interoperable

<hhalpin> ... and people can't do this by hand

<hhalpin> ... unforunate, but current state of practice

<hhalpin> ... its specified for signing atom entries

<hhalpin> ... but not done in the wild, only in intranet

<hhalpin> ... due to canonicalization issues

<hhalpin> ... and when they process and resyndicate, it gets munged

<hhalpin> ... worst than canonicalization, as we store in our database and constitute it the way we want.

<pchampin> gotta go, but thx a lot, that's really inspiring

<bblfish> very interesting

<pchampin> bye all

<bblfish> That is part of the reason why I am worried about adding rdf sig to foaf+ssl

<hhalpin> test cases are failing here, no?

<hhalpin> jpanzer: very few people understand infoset

<hhalpin> ... how those things work

<bblfish> or the same concerns as described with XML-DSIG appy to signing RDF, and even more so.

<hhalpin> ... but we can't do everything by building one

<hhalpin> ... framework from one vendor

<hhalpin> ... because the open web uses lots of different

<hhalpin> ... vendors

<hhalpin> ... so I don't know if you can make a signature that can survive the reconstiutiton process

<hhalpin> ... maybe signatures should work

<hhalpin> ... but they don't right now

<danbri> (i prefer signing xml formats as blobs)

<hhalpin> ... as the social graph is stored in distributed databases

<hhalpin> ... signature survival is a non-starter

<hhalpin> ... there is also a problem

<hhalpin> ... with certificates

<hhalpin> ... as we have to trust they actually can verify themselves

<hhalpin> ... and these sites are horrible on the response time.

<hhalpin> ... which is why we are proposing this other thing.

<hhalpin> ... so we have to take entire Atom text and make it an opaque blob we can pass through to anyone/everyone

<hhalpin> ... so the idea is if you have this, you can pass it around

<hhalpin> ... so I am toying with extension to pass this around

<hhalpin> ... you should be able to do one level of redirection

<hhalpin> ... so you want to verify with realtime with cached keys

<bblfish> ok

<bblfish> that helps understand what is happening

<hhalpin> whats the role of w3c?

<hhalpin> jpanzer: if w3c wants to take on that scope

<hhalpin> ... we would be happy to take on that scope

<hhalpin> ... there are lots of central organization for social web standards

<hhalpin> ... owf is about IP license agreement standards

<hhalpin> ... ietf is everywhere,

<hhalpin> ... opensocial foundation for opensocial itself

<hhalpin> ... which is separate social web

<hhalpin> ... would be valuable

<hhalpin> ... if cross-fertilization is valuable

<bblfish> need to go.

<hhalpin> ... so then we'll know about specs

<hhalpin> ... and its hard to find specs

<hhalpin> ... trying to not reinvent things.

<hhalpin> ... that's why people grab onto things like Atom

<hhalpin> ... as they can find it and understand the Atom

<hhalpin> ... but there's a bunch of things like that

<hhalpin> ... that people are working on JSON-based formats for all this stuff

<hhalpin> ... lots of clients that don't want to speak XML

<hhalpin> ... and people want to accomodate them

<hhalpin> ... what is the standard ways of doing that?

<hhalpin> ... and more semantic web based approach

<hhalpin> ... everyone just really wants things to interoperate

<hhalpin> ... so we want everyone to plug into the social web

<hhalpin> ... would love to hear whats happening

<hhalpin> ... thinking in general

<hhalpin> ... what current status is w3c membership

<hhalpin> ... its mostly big companies

<hhalpin> ... and so smaller players and independent people

<danbri> (is it? i'd love to see some visual breakdowns of http://www.w3.org/Consortium/Member/List ...)

<rreck> thanks

<hhalpin> Meeting Adjourned.

<hhalpin> trackbot, draft minutes

<trackbot> Sorry, hhalpin, I don't understand 'trackbot, draft minutes'. Please refer to http://www.w3.org/2005/06/tracker/irc for help

Summary of Action Items

[DONE] ACTION: DKA to write-up output of XG meeting in TPAC [recorded in http://www.w3.org/2010/01/27-swxg-minutes.html#action01]
[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2010/01/27 17:26:57 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.135  of Date: 2009/03/02 03:52:20  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Succeeded: s/WG/XG/
Succeeded: s/microformat/micropayments/
FAILED: s/activestrea.ms/activitystre.ms/
Succeeded: s/protocol/comment/
Found Scribe: cperey
Inferring ScribeNick: cperey

WARNING: No "Present: ... " found!
Possibly Present: APPROVED AnitaD DKA DKA2 FabGandon Kingsley_Idehen MacTed OpenLink_Software P26 P33 P34 P35 P38 PROPOSED Thomas Yuk aadd aaee aaff anita bblfish bblifish cperey danbri foaf hhalpin jpanzer melvster mischat pchampin rreck tlr tpa trackbot yoshiaki
You can indicate people for the Present list like this:
        <dbooth> Present: dbooth jonathan mary
        <dbooth> Present+ amy

WARNING: No meeting title found!
You should specify the meeting title like this:
<dbooth> Meeting: Weekly Baking Club Meeting

Got date from IRC log name: 27 Jan 2010
Guessing minutes URL: http://www.w3.org/2010/01/27-swxg-minutes.html
People with action items: 

WARNING: Possible internal error: join/leave lines remaining: 
        <scribe> ... new CNET article yesterday, how Chris messina has joined google

WARNING: Possible internal error: join/leave lines remaining: 
        <scribe> ... new CNET article yesterday, how Chris messina has joined google

[End of scribe.perl diagnostic output]