W3C

- DRAFT -

Federated Social Web Incubator Group Teleconference

08 Mar 2011

See also: IRC log

Attendees

Present
+1.301.458.aaaa, jeffsayre, +1.301.848.aabb, +1.253.590.aacc, webr3, MacTed, +1.510.472.aadd, harry, bblfish, dml, terraces
Regrets
Chair
hhalpin
Scribe
hhalpin

Contents


<eschnou> I'm trying with sip as well but so far the conference code is invalid... fswxg# ?

<bblfish> hi

<MacTed> trackbot, start meeting

<trackbot> Date: 08 March 2011

<MacTed> zack, this is FSWXG

<evan> OK, are we on?

<zack> uhm, the French number doesn't work for me

<Simon> Someone is sitting in a datacenter.

<eschnou> daniel, did you succeed with SIP ? What numbers should I type on my dialpad ?

<cdent> zack, uk number didn't work for me, so used us number

<zack> cdent: kthx

<MacTed> oh interesting... someone W3-ish may hopefully be able to tell trackbot that this is FSWXG, not FSWG, for calendaring

<Simon> someone who joined about 1 minute ago has a very loud background noise.

<jan_> still trying , now

Perhaps thats me...

ok, dialing ut.

<drenfer> I'm still getting that the passcode is invalid

<wetter> ah, i know this data-center, sounds like ...

<markus> i am in with skype, but i should be muted

\me odd I am not in a large data set

<eschnou> @drenfer me too, anyone else using the sip bridge ?

<MacTed> huh.

<lattice> hi all - UK number not working, any details?

<cdent> lattice: same for me, went in us number

<jan_> still only noises

<lattice> Zakim: is there a UK number?

<zack> I wonder who am I now?

<lattice> c'mon artificial intelligence! :-)

<terraces> you can hands up on the phone to see who you are

<zack> ok, that was me, re-dialing in

<evan> I forget how to claim my number

<wetter> Berlin-Group is in the Chat room, litening to the noise and a bit stumblin

<Simon> and then there was peace.

<jeffsayre> Nice

<eschnou> @drenfer Are you on SIP ? How did you get in ?

<zack> Zakim: I am + +39.525.0.aahh

<drenfer> I'm using Google Voice

<terraces> yes harry

<eschnou> I'm in.. with Skype :-( Sip did not work.

<lattice> Zakim: aajj is lattice

<cdent> Zakim I am P10

<wetter> Oh, that sounded more like harbour, quite windy.

<MacTed> sorry, too much noise, new 415 caller....

<jeffsayre> I'm not.

\me Zakim, ??P10 is cdent

ack ??P10

<cdent> Zakim ??P10 is cdent

<bblfish> cdent, you need to put a , after Zakim

<cdent> thanks

<evan> drenfer: scribe?

<drenfer> sorry, I'll have to pass

<bblfish> I can try a bit if someone wnats to help

<scribe> chair: Evan

<scribe> scribe: hhalpin

Convene FSWXG WG meeting of 2011-03-08T20:00-21:00GMT

<drenfer> I'm new here

<dml> New, as well

<faborl> new as well

minutes: http://www.w3.org/2011/01/11-federated-minutes.html

<blaine> Zakim: aajj is blaine

<terraces> first telco for me as well

<jeffsayre> I just was accepted as an invited expert. So, I'm new here as well.

<bblfish> +1

APROVED: minutes from Googe Group Telecon: http://www.w3.org/2011/01/11-federated-minutes.html

Evan: we're going forward with intros
... please send out intros with emails
... but we can do intros re emails.

<kaliya> we should just have people "say" they are here

<kaliya> so we know names but intro's seem to much.

I recommend quick intros if you haven't done via email!

<bear> zakim aaoo is bear

<thkoch> Hi. Thkoch here. I'm from switzerland and would like to work as a GoogleSummerOfCode student on bullycloud or onesocialnet

<jan_> will do on agenda item 3

Federated Social Web Summit 2011

Evan: what are we going to do?

<terraces> fyi, my intro : http://lists.w3.org/Archives/Public/public-xg-federatedsocialweb/2011Mar/0009.html

Evan: we had a summit in 2010
... we had a lot of questions
... one of the main instigators of this group
... so we have a volunteer for space/funding June 3-5th in Berlin
... unless there's gross outrage.

<bblfish> cool

Evan: website is under development

<eschnou> Is this next to another conference or do we expect people to travel just for the day ?

<bblfish> is Jan from Berlin on irc?

<jan_> yes

<maxogden> jan_: yo!

<dietpunk> Jan is reading the IRC.

<bblfish> Conf is going to happen in Berlin, Federated Social Web Summit

<dietpunk> Just has his hands full w/ microfone ;-)

<bblfish> June 3-5

<bblfish> 2 day Open Space Hack Day. Party at CBase in Berlin.

<Simon> http://hackerspaces.org/wiki/C-base

<zack> (CCC site)

<bblfish> ccc site is here http://ccc.de/

<jan_> http://78.47.176.118/

<jan_> this is the draft website for the conf

<thkoch> Is the date june 3-5 already fixed? It collides with "Kirchentag" (German Church meeting) for me

<bblfish> help with funding for people who come from a long way away

<jan_> +q

<kaliya> I think there are also two events in North America - on either side it would be good to leverage/cooperate with - cause many north american's are not going to make it to Berlin. Internet Identity Workshop May 3-5 and the IndieWeb Summit at the end of June.

<wetter> everyone & jan_: Please do not circulate this URL at the moment broader than this circle.

<terraces> i'm on the q harry

+1 kaliya's suggestion - maybe do one in Nov before IIW if folks can't make it to Berlin.

<bblfish> Berlin is very nice place for Americans - no jet lag. Berlin is open until 5 am

<jan_> +q

<markus> markus from http://projectdanube.org, i am definitely interested in coming to berlin and contributing

<kaliya> Well do it "within" IIW - as the agenda is created live if a lot of Federated Social Web people attend they can get work done there.

<bblfish> is the conference for who: geeks, academics?

<ciberch> +1 to doing North America event as well

Evan: I'm up for having two summits, one in Europe and on in USA

<prhodes> +1 for NA event

<prhodes> east coast is good. :-)

<zack> ok

Evan: participation is pretty open, I want the people who are working hard on these questions to participate.

<Simon> This event should really include a plugfest

<bblfish> Evan: an even for people working hard on these questions

Evan: I'm not sure if we're at a point reaching out to non-practioners is a worthwhile

<kaliya> the Indie Web camp is already being organized in Portland in http://indiewebcamp.com/Main_Page

<ciberch> +1 to Harry agreed

ack [IPcaller]

<wetter> [IPcaller] = jan_ = Jan Schallaboeck

Alex: SemTech is 5th of June, so semantic web folks will be there.

<jeffsayre> I may be at SemTech 2011 in San Fran, June 5-9, 2011

<maxogden> also of note is indiewebcamp in portland oregon on june 25-26 http://plancast.com/p/3cos/indiewebcamp

<bblfish> semtech probably starts on 6

<dietpunk> Jan is talking ... microphone change ...

<Zakim> terraces, you wanted to ask about the dates

<jan_> mic does not seem to work, sorry.

<jan_> I just had circulated the link on the website

<drenfer> +1.734.237.aagg = drenfer = Daniel E. Renfer

<evan> harry, current web site says FSWS europe

<jan_> I think naming is fine either way

<evan> kaliya: not suggesting fall, but there may be a chance for IIW in May

kaliya: the IIW is May would be a good event

<bblfish> I'd like to try to come to IIW… will let you know how feasible it is

http://www.internetidentityworkshop.com/

<jeffsayre> What are dates of IIW?

<bblfish> IIW May 3-5 I think

Evan: We should use the June opportunity for some event, continue to call it the "Europe" event, and then use the ancillary conferences like Indieweb and IIW to fill in with USA, and maybe an official "USA" event for later this year /early next year?

<donpdonp> jeffsayre: http://www.internetidentityworkshop.com/iiw-12/

+1

<cdent> +1

<jan_> absolutely

<jeffsayre> bblfish | donpdonp : Thanks.

<prhodes> +1`

<kaliya> +1

bblfish: I was trying to move the WebID face-to-face over to Berlin

<zack> oh, oops, sorry, I think I skipped the speaker queue with my previous question

<jan_> trying for the last time *sigh*

<evan> +1

bblfish: as it seems there will be the right folks there, and it seemed to work last time

<blaine> mute blaine

<blaine> Zakim: mute blaine

<wetter> Pro's Berlin, 3rd-5th June: Combination with PrimeLife-Workshop simoultanious, BerlinBuzzwords afterwards, broad privacy-discussions within germany.

eschnou: We should try in general to meet with FOSDEM and OSCON

<Simon> +1

eschnou: in moving on that makes things easier

+1, but we missed FOSDEM this year :(

<jan_> no, does not work.

Update on Infrastructure

Evan: from previous call we had two action items

<blaine> I like events separate, easier to get people's attention - but that's an aside. ;-)

<eschnou> @blaine you got free travel lucky boy :-)

<scribe> ACTION: [IN PROCESS] evan and hhalpin to migrate list and wiki over [recorded in http://www.w3.org/2011/03/08-federated-minutes.html#action01]

<blaine> eschnou: oh, if only. ;-)

<ciberch> Harry I am still happy to help with the Community Groups

<scribe> ACTION: [DONE] hhalpin to setup trackbot [recorded in http://www.w3.org/2011/03/08-federated-minutes.html#action02]

<trackbot> Sorry, couldn't find user - [DONE]

http://www.w3.org/2005/Incubator/federatedsocialweb/track/

<bblfish> are you typing harry?

Documenting SWAT tests

Evan: How formal do we want to take SWAT process
... do we want a formal test suite?
... it's a user story
... it does not make any requirements
... it lays out a user story that can be implemented with various protocols.
... is that sufficiently rigorous to encourage participation or should we have more formal tests?

<bblfish> I think it was good to get going

<ciberch> Where are the tests documented ?

<bblfish> I still have not implemented it

<_alexpassant> +1 for keeping it at a meta-level

<eschnou> +1 for the informal youtube video styled tests :-)

<dml> I believe it's here: http://federatedsocialweb.net/wiki/SWAT0

http://acid3.acidtests.org/

that is an example of testing for CSS

Evan: as of today, federated social web is not specific to any particular protocol

<kaliya> In the identity community OSIS has been doing adhoc - semi-formal testing of use-cases for several years

<zack> dml: yup, that's it

<bblfish> agree.

Evan: so if we want to get down to bits and bytes today.

<kaliya> we might look to them and learn about how they drive that kind of community process

<bblfish> It's already good for us to know each others protocols

<drenfer> I felt that SWAT0 left a bit too much open for interpretation, especially wrt how a user is tagged.

<kaliya> http://osis.idcommons.net/wiki/Main_Page

<thurston> I'm working on it with DSNP, coming soon!

<kaliya> http://osis.idcommons.net/wiki/Open_Identity_for_Business_Interop_-_Burton_Group_Catalyst,_July_28,_2010

<kaliya> was their last interop

<bblfish> I'll add Clerezza to the wiki as soon as I have soemthing

<ciberch> url ?

http://federatedsocialweb.net/wiki/Software

<ciberch> thanks

http://federatedsocialweb.net/wiki/Protocols

<maxogden> is there a list of implementations of swat0 on the wiki?

<ciberch> +q

hhalpin: maybe could we list implementations that work with SWAT0 somewhere?

Evan: maybe list codebases, results, comments etc.

<markus> my experience with SWAT0 was that it was great to get started, but really the only way to make it work was trial&error with other implementations, rather than correctly implementing the specs

Evan: does someone want to take that?

<cdent> markus++

<kaliya> they have had a lot of success with industry participation and also tracking what did and didn't pass a matrix. http://osis.idcommons.net/wiki/I5:OpenID_Relying_Party_FeatureTest_Results

Evan: so that would help with testing, as it would point to other implementations

<kaliya> John Bradley has been a major leader of the OSIS effort and the process they developed - I am happy to make an introduction if people want to talk with him and learn more about what worked.

<maxogden> kaliya: +1 to the matrix approach

monica: I see some key missing workflows
... especially for enterprise
... I'd be happy to help

<scribe> ACTION: Evan to put list of SWAT0 on wiki [recorded in http://www.w3.org/2011/03/08-federated-minutes.html#action03]

<trackbot> Created ACTION-1 - Put list of SWAT0 on wiki [on Evan Prodromou - due 2011-03-15].

<scribe> ACTION: ciberch to then revamp wiki and go over SWAT0 [recorded in http://www.w3.org/2011/03/08-federated-minutes.html#action04]

<trackbot> Sorry, couldn't find user - ciberch

Encrypted message use-case

Evan: From Appleseed, a private end-to-end crypto test-case

<webr3> +1

Evan: I have my personal feelings on this, that although I think its interesting and important, its had some success, its not been successful as a whole.
... only a small minority of users use end-to-end encryption via email.

<cdent> evan++

Evan: defining it as next step might be swallowing quite a bit.

<blaine> +1

<ciberch> I don't have a q sorry that was from the previous question

MacTed: the lack of user base for encryption is mainly because it hasnt been built into the codebase
... Maybe there's other reasons.

Evan: fair point
... maybe we could aim for something easier immediately

<bear> end to end is not because of the server but the pipes to and from the server

<zack> d'oh

cdent: is encryption really a focal point
... maybe its a secondary thing

<cdent> ineed

<bblfish> With WebID you get both

cdent: if the focus is on the social

<cdent> indeed

<ciberch> https for everything

<evan> blaine: point of the swat tests is to give this community a way of developing a product

blaine: to echo that point, the point is to give it some user-stories to develop a product
... otherwise we'll just be developing protocols without a product
... a way of thinking about the product

<evan> let's see if I can do these ack

blaine: encryption is a feature, not a product

<ciberch> +1 blaine

<bblfish> +1

<jeffsayre> =!

blaine: you can add encryption to user-driving features, but not the reverse

<jeffsayre> oops +1

dml: encryption is a particular mechanism to achieve a more fundamental goal

<eschnou> +1 swat should be about UX, not technology/protocols

dml: one potential swat test, the notion of insuring and authenticating
... their data

<ciberch> +1 Privacy and Authentication

dml: to make sure they can get there
... persona work
... social networks would only store info encrypted by user
... but only people to who user gives keys can decrypt it
... end-to-end HTTPS is one means
... we could focus on this topic for next SWAT est

<cdent> valid point dml but still seems early

zack: a quick community point

<blaine> ... and to add to dml's point, I've circulated a proposal that doesn't involve any encryption at all, but provides a reasonably high degree of privacy.

zack: some of the hype are people who are interested in a couple of use-cases
... freedombox, communicating through a mesh
... some of the hype via african movements

<kaliya> There is also the Locker Project

zack: to attract interest of community it might be useful to attract this community

<ciberch> +1

s/attrack this community/have this encryption feature

MacTed: SWAT is not at all about making a product, its not about making a product, so each of us might built a product
... and we want them to interoperate

<bblfish> MacTed: we are not building a product, but interoperability

MacTed: one of things is privacy
... having your site behind closed doors and sending everything on post-cards
... an important part of privacy

<bblfish> +1

<prhodes> +1

<bradk> +1

<ciberch> +1

<dml> A fundamental notion of federation is the lack of a centralized trust domain, in which case authentication and controlling information flow may be so fundamental that they need to be considered very early on.

<_alexpassant> not convinced that encryption is in the scope of the XG

<kaliya> There is also Persona Management

<_alexpassant> but probably relevant to discuss with the webid XG

<jeffsayre> _alexpassant: Agreed.

<bblfish> yes, we have http://www.w3.org/wiki/Pingback

<kaliya> I just went on Diaspora and I found lots of folks. but maybe that was recently. I was thinking of having a "movement" at sxsw - to get people to really start using Diaspora as they use facebook or twitter.

<prhodes> wouldn't think this XG would be developing any new encryption protocols, for sure. But sorting out the relationship between existing encryption protocols and the federation protocols could be in scope.

hhalpin: could we have a story about adding friends in a federated matter with a good user base

laurent: sharing activities with a sub-group of friends, and then exposing only a subset of your data to your friends

<blaine> re: not being able to add on security later, please look at RedPhone: http://www.whispersys.com/

<zack> kaliya: OTOH, people should start using it in a distributed way, to be sure the message is getting through

<zack> s/distributed/federated/ (my bad :))

<blaine> +1

<thurston> finding your friends: are search engines the answer?

<MacTed> +1

laurent: encryption is feasible, but should not be at core of infrastructure, but we should make sure on top of it.

notes there is interesting work on distributed search via caching by Ricardo Baeza-Yates that might be useful for "friend search" in distributed manner

<zack> fair point "there is just one 0"

Evan: Is there a way to collect these user stories without requiring for them to be SWAT1?

<eschnou> can't we relate to the use cases documented by the SWXG ?

Evan: could we collect these stories and case a broader net for user-stories

<ciberch> +1

<prhodes> +1

Evan: less what is SWAT1 and what is the SWAT test

<bblfish> a wiki with SWAT/Friending

<bblfish> SWAT/Mail

Evan: we may get to the point where there is broad set of use-cases people want to pursue

<bblfish> +1

+1

bblfish: we could have a place to write them out
... where easier ones could take off.

<bblfish> http://www.w3.org/wiki/Pingback

bblfish: no-one's even implemented a distributed friending protocol

<dml> The necessary crypto may make some operations currently impractical (ref. homomorphic encryption), and may prove impossible to be added on top of some designs after the fact.

<MacTed> I have to bail out of phone; have another call in 90 seconds... IRC will remain but backgrounded.

<ciberch> ignore my q

<evan> OStatus has remote subscribe -- one-way "follow"

bblfish: if we think in terms of REST, adding security is just a matter of adding HTTPS

<maxogden> would liek to bring up the OInvite protocol re: friending https://groups.google.com/forum/#!topic/ostatus-discuss/mf0UlEz7UxE

<evan> But not "friend"

Have not seen OInvite, thanks maxogden

<jeffsayre> Agree with prhodes . There are a number of authentication (authn) and authorization (authz) protcols. This XG should be aware of them and consider them in certain use cases but not necessarily recommend one versus the other. We have another W3C XG dealing with secure identity http://www.w3.org/2005/Incubator/webid/ .

ciberch: one of the issues we have streams attached to group of users
... who gets to view which part of the stream?

<bblfish> +1 for many user stories in the wiki

<evan> I'd like to propose making a list of SWAT "candidate" use cases for next meeting

<kaliya> I can't emphasize how useful and helpful having "identity in the cloud for groups"

<bblfish> and each one with implementations listed and descriptions

<jeffsayre> +1

<kaliya> as a normative thing cause it would make the web ACTUALLY SOCIAL - rather then the networked individual web

<bblfish> 5

<kaliya> well why don't we just time bound when we will settle on SWAT 1.

<prhodes> 5 would probably work

<evan> kaliya++

<kaliya> 5 seems like a lot 3?

<prhodes> that too

<evan> time bound keeps us from talking forever

<_alexpassant> I think that the way we chosed the user story in the previous XG worked well and w could do the same

<_alexpassant> e.g. 2 weeks for throwing ideas on the wiki and then telco to get the shortlist

<kaliya> But distributed group management - across social web - that would be HUGE to figure out how to do that well.

<evan> harry: take 2 weeks to collect use cases on list

<kaliya> give a whole set of services life.

<ciberch> +1 on time boxing

dml: as far as putting HTTPS on top
... its a bit different
... if we assume two endpoints are trusted then we're OK
... but for federated idea, how about Alice puts something on website, Bob gets it, but Eve gets it and Alice hasn't given Eve permission
... its another kind of attack

<blaine> -1

dml: Alice could have sniffed it, but maybe Bob just shared it with her accidently

<blaine> +q

<blaine> -q

ISSUE: Collect use-cases and figure out how to limit it to a smaller list

<trackbot> Created ISSUE-1 - Collect use-cases and figure out how to limit it to a smaller list ; please complete additional details at http://www.w3.org/2005/Incubator/federatedsocialweb/track/issues/1/edit .

<jeffsayre> +1

<prhodes> +1

<bblfish> +1

<cdent> +1

Evan: So lets focus on how to get the smaller list once we have the list.

<_alexpassant> btw, anyone at SXSW ? evan you have a panel, right ?

bradk: a little bit back further, we thought an alternative to numbered use-cases

<dml> Bob could always share it, you can't ever get around that attack, but implicit here is that Alice trusts Bob, and that is why she shared with him.

<blaine> harry: it's been said, probably off-topic for the call. :-)

<evan> yes!

bradk: to go for named used-cases

<blaine> evan: yeah, we should talk about that. ;-)

bradk: people add as many as they want

<evan> blaine: let's!

bradk: then people can add
... if there are different groups that want to focus on different things
... hopefully we wouldn't add too many

<ciberch> and vote on the use cases

<bblfish> you could do some OO programming

<bblfish> when we have enough use cases

<_alexpassant> evan: need a semweb speaker :) ?

+1 brad's suggestion re naming rather than numbering

<bblfish> then abstract them to a few

A bunch of use-case from the W3C earlier thinking:

http://www.w3.org/2005/Incubator/socialweb/wiki/FinalUseCases

Evan: SXSW both myself and Blaine have a panel
... and we do an informal lunch immediately after
... any other upcoming issues

<ciberch> thanks

Meeting Adjourned

<bblfish> Jan, is that web site going to be up for a little while, so I can mail it to the WebID XG list?

<ciberch> sure

<evan> harry: thanks!

<blaine> thanks!

<evan> Good meeting!

<cdent> thanks

<_alexpassant> thanks !

trackbot, end meeting

<drenfer> thanks

Summary of Action Items

[NEW] ACTION: ciberch to then revamp wiki and go over SWAT0 [recorded in http://www.w3.org/2011/03/08-federated-minutes.html#action04]
[NEW] ACTION: Evan to put list of SWAT0 on wiki [recorded in http://www.w3.org/2011/03/08-federated-minutes.html#action03]
 
[PENDING] ACTION: evan and hhalpin to migrate list and wiki over [recorded in http://www.w3.org/2011/03/08-federated-minutes.html#action01]
 
[DONE] ACTION: hhalpin to setup trackbot [recorded in http://www.w3.org/2011/03/08-federated-minutes.html#action02]
 
[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2011/03/08 21:10:38 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.135  of Date: 2009/03/02 03:52:20  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

FAILED: s/attrack this community/have this encryption feature/
WARNING: Bad s/// command: s/distributed/federated/ (my bad :))
No ScribeNick specified.  Guessing ScribeNick: harry
Found Scribe: hhalpin
Default Present: +1.301.458.aaaa, jeffsayre, +1.301.848.aabb, +1.253.590.aacc, webr3, MacTed, +1.510.472.aadd, harry, bblfish, dml, terraces
Present: +1.301.458.aaaa jeffsayre +1.301.848.aabb +1.253.590.aacc webr3 MacTed +1.510.472.aadd harry bblfish dml terraces
Found Date: 08 Mar 2011
Guessing minutes URL: http://www.w3.org/2011/03/08-federated-minutes.html
People with action items: ciberch evan hhalpin

[End of scribe.perl diagnostic output]