15:51:40 RRSAgent has joined #social 15:51:40 logging to http://www.w3.org/2017/05/19-social-irc 15:51:43 Zakim has joined #social 15:51:48 RRSAgent, make logs public 15:53:04 Sorry, first time on Mumble 15:53:23 tantek has joined #social 15:54:06 geppy has joined #social 15:55:53 i am /that guy/ 15:55:54 tantek: strugee left you a message 6 hours, 29 minutes ago: I seem to recall you mentioning a while back that Google still parses mf2 even though they've replaced their proprietary markup like 3 times. do you remember where that was from? not sure if it was on a web page or in this IRC channel. context: https://github.com/brentsimmons/JSONFeed/issues/20#issuecomment-302654477 15:55:54 tantek: strugee left you a message 6 hours, 23 minutes ago: ignore ^^^ that; I was thinking of something aaronpk wrote :) 15:59:03 MMN-work has joined #social 16:00:01 http://wiki.mumble.info/wiki/Main_Page#Download_Mumble 16:00:06 twryst has joined #social 16:00:40 !tell strugee looks like you found your answer re: Google and microformats? They definitely still do parse microformats, question is where they are with parsing mf2, since they have unofficially made positive remarks about it for a few years, and may just be waiting for some measure of critical mass (which has accelerated in the past 2 years) 16:00:40 Ok, I'll tell them that when I see them next 16:00:48 DenSchub++ 16:00:48 denschub has 1 karma 16:01:46 knutsoned has joined #social 16:01:59 sandro: voice overs? what do you mean? 16:02:32 the app is always saying people are joining/leaving server and channel. on desktop you can turn it off, but not android, it seems. 16:03:09 RRSAgent, pointer? 16:03:09 See http://www.w3.org/2017/05/19-social-irc#T16-03-09 16:03:44 scribenick: sandro 16:03:51 OSM:ing in parallell 16:04:09 chair: cwebber 16:04:15 topic: Introductions 16:04:20 This config screen reminds me of PPP 16:04:52 hey what's the Username 16:05:14 aaronpk: Aaron Parecki 16:05:16 cwebber2: Please join IRC 16:05:19 irc://irc.w3.org:6665/social 16:05:41 "Unable to validate server certificate". 16:05:57 aaronpk: co-chair of group, editor of some W3C specs in this space, MicroPub, Webmention, and co-editor of WebSub (aka PuSH) 16:06:02 whoa voice! 16:06:32 evan has joined #social 16:06:47 Hi, I'm albino and my mic isn't working :( 16:06:55 https://aaronpk.com 16:06:55 saranix has joined #social 16:06:56 Aaron Parecki h 16:07:00 I'll talk in ~15 minutes if we're lucky 16:07:10 (no quiet spot) Jamie, independent, interested person. 16:07:15 Good enough 16:07:45 Ben Roberts (Ben that must be me) 16:08:03 ben_thatmustbeme: Ben Roberts, ben.thatmustbe.me 16:08:21 cwebber2: swwg, working on ActivityPub, a client-to-server and server-to-server, using AS2 as vocab 16:08:35 DenSchub: Dennis Schubert, http://schub.io, working on diaspora* 16:08:36 yay another Mozilla person! (nice not to be the only one :) ) 16:08:42 denschub: at mozilla, but here in private role 16:09:01 evan: At InternetArchive, but here in private capacity as well 16:09:09 geppy (legal name Brian Geppert) 16:09:13 Ed Knutson 16:09:40 MMN-work: AS1.0 and GnuSocial 16:10:01 Rushyo: end-to-end encryption 16:10:08 scribenick: cwebber2 16:10:19 sandro hawk, works at the w3c, one of the group contacts 16:10:26 (scribing for him so he can talk ;)) 16:10:32 sandro: hi i'm Sandro Hawke, I work at the w3c, and am one of the two staff contacts for the socialwg, and am excited about this work 16:10:35 scribenick: sandro 16:11:20 tantek: first time using mumble :-) also works at mozilla, co-chair of SWWG, and on W3C AB and CSS WG, cofounder of indieweb 16:11:28 ... own personal CMS 16:11:45 ... editor of some microformat specs 16:12:00 twryst? 16:12:13 (silence) 16:12:22 Zakim, who is here? 16:12:22 Present: (no one) 16:12:24 On IRC I see saranix, evan, knutsoned, twryst, MMN-work, geppy, tantek, Zakim, RRSAgent, albino, Rushyo, thrrgilag, KevinMarks_, ajordan, timbl, JanKusanagi, tcit, 16:12:24 ... ben_thatmustbeme, MMN-o, astronouth7303, cwebber2, bwn, sandro, Gargron, mattl, wilkie, DenSchub, trackbot, csarven, nightpool, raucao, jet, bigbluehat, KjetilK, dwhly, 16:12:24 ... bitbear, aaronpk, lambadalambda, Loqi 16:12:29 present+ 16:12:33 https://www.w3.org/wiki/SocialCG/2017-05-19#Topics 16:12:33 present+ 16:12:40 present+ 16:12:40 present+ 16:12:42 present+ 16:12:43 present+ 16:12:43 present+ 16:12:44 present+ 16:12:44 present+ 16:12:44 present+ 16:12:46 present+ 16:12:53 Present+ 16:12:56 present+ 16:13:13 topic: Social Web WG Updates 16:13:56 aaronpk: websub test suite finished! websub.rocks. you can go test your implementations. it'll act as fake server, subscriber, hub, so you can see how your implementation is doing 16:14:15 ... W3C lifecycle: Working Draft, Candidate Recommendation, Proposed Recommendation, Recommendation 16:14:36 ... We need to show people are implementing and interoperating, to move past CR 16:14:51 ... one of the goals was to make very few functional changes to PubSubHubbub 16:15:18 ... so if you've implemented that, we'd GREATLY APPRECIATE you trying your impl against the test suite 16:15:22 ... and submitting implementation report 16:15:30 Note to self, submit a WebSub (publisher) implementation report for @Falcon! 16:15:34 ... USEFUL even if you only pass half the tests 16:16:14 q+ 16:16:16 aaronpk: I should submit reports for GNU social (nightly branch has recently renamed PuSH to WebSub in most documentation). .) 16:16:21 please do! 16:16:37 ack sandro 16:16:41 scribenick: cwebber2 16:17:00 sandro: is it reasonable to run the test suite on pubsubhubbub implementations we use and know of and submit them as third party specs? 16:17:10 sandro: and I say absolutely yes as long as you identify that in your implementation report 16:17:17 scribenick: sandro 16:17:29 q? 16:17:32 when do we need these impl reports by? 16:17:51 cwebber2: ^^ 16:17:53 https://www.w3.org/TR/activitypub/#Overview 16:17:53 topic: ActivityPub 16:17:57 \o/ new AP CR 16:18:23 cwebber2: Includes nice tutorial, and changes you can see in change log 16:18:35 ... still working on test suite, sorry it's not done yet 16:18:57 haha 16:18:58 cwebber2: When do we need impl reports by 16:19:00 hah 16:19:06 nice 16:19:30 scribenick: cwebber2 16:19:36 sandro: two to 3 weeks is the estimation 16:19:52 aaronpk: Very helpful if you're building it, too 16:19:55 aaronpk: I'll also point out if you're implementing, your test suite will is a great way to debug 16:19:59 scribenick: sandro 16:20:12 tantek: So do it sooner, in case it exposes bugs in your code 16:20:23 aaronpk: Or bugs in spec! 16:20:44 topic: Social Web Charter Extension 16:21:01 cwebber2: We're asking for an extension 16:21:12 q+ to mention other test suites for WG specs 16:21:19 ... strong indicator at last meeting here that people want to explore it 16:21:29 q+ 16:21:29 ... so if we don't get extension, maybe we'll keep working on it any way 16:21:32 q? 16:21:34 ack ben_thatmustbeme 16:21:34 ben_thatmustbeme, you wanted to mention other test suites for WG specs 16:21:53 q? 16:22:03 ben_thatmustbeme: Most SWWG have .rocks for test suite, webmention, activitystreams, etc 16:22:11 ack tantek 16:22:16 q+ 16:22:44 q+ 16:23:26 tantek: What are editor's preferences for AP on whether ... 16:24:06 cwebber2: My feelings have shifted since last meeting. I previously imagined I'd feel like I failed if we didnt get AP to Rec before the group ended 16:24:24 ... but since there are a bunch of people saying they want to implement, and 2-3 weeks are not a lot of time 16:24:37 ... (and there's a lot of value to having implementations) 16:24:45 ... what about y'all? 16:24:55 q+ 16:24:56 I probably won't be done in 3 weeks 16:25:02 ... how do you feel about getting Gold Foil Stamp of W3C, if we have to cut off iterations to get it 16:25:29 geppy: I'll need more than three weeks 16:25:33 evan: Me, too 16:25:58 scribenick: cwebber2 16:27:06 sandro: w3c has maturity process of proposed recommendation and recommendation, some people take that very seriously and won't build things without a w3c spec. we can't make changes beyond the group charter, and that means freezing the spec, which has risks if there are problems. In that case, shoudl we just not freeze it in stone, and keep it in a living document in the community group? we don't have to decide that immediately 16:27:15 -> https://www.w3.org/2002/09/wbs/33280/socialweb-exnt/ (For W3C Advisory Committee Representative Only) Vote on whether to extend group 16:27:18 q+ 16:27:47 sandro: what I was going to say, if you happy to be involved with a w3c member org, then by all means point them at the link I just pasted. that link is access controlled and won't work for anyone who aren't advisory members, but part of the problem is getting peoples' attention so I am urging people there 16:27:57 ack sandro 16:28:01 scribenick: sandro 16:28:39 ack cwebber 16:28:41 ack evan 16:29:11 ack astronouth 16:29:16 Is the living document route work for other specs? 16:29:40 Can we move back to cr? 16:29:52 cwebber2: There are some proponents of living documents 16:29:58 aaronpk go ahead 16:30:29 aaronpk: Living specs have worked well for other things. 16:30:35 sandro: They wouldn't be at W3C 16:31:07 cwebber2: Community groups don't have authority to publish Candidate Recommendations, etc. 16:31:09 q+ to answer as requested 16:31:17 ... only Community Group documents 16:31:32 cwebber2: Maybe not a lot of interest from W3C paying members. 16:31:34 q+ 16:31:41 ack tantek 16:31:41 tantek, you wanted to answer as requested 16:31:51 q+ evan 16:32:04 tantek: good summary, living specs can work well, eg WHAT-WG, microformats.org, indieweb.org 16:32:15 ... and then submitted to W3C 16:32:30 I actually do have thoughts on this current topic now 16:32:38 tantek: Challenge if it's already at w3c, like AP, but it doesn't mean there's no option 16:33:32 .. we can have the last CR say where you go instead, eg pointing to github for spec. Implementors have learned to look for stuff like that. So it's not the gold seal of approval, but there is a path forward. 16:33:51 .. in spirit that's what a standard is about. SO I tend to be for that sort of thing. 16:33:57 .. personal opinion 16:33:59 q? 16:34:06 q- later 16:34:21 ack evan 16:35:02 evan++ 16:35:02 evan has 2 karma 16:35:11 evan: I feel like Mastodon, recent popularity, seems to indicate this space is going to be much more driven by what's out there. Which leads me to living document. People will use what's in use. 16:35:13 q- 16:35:17 ack sandro 16:35:21 q+ 16:35:25 I also agree, W3C works best when it documents emerging interoperability 16:35:30 ack Rushyo 16:35:31 rather than legislating 16:35:55 Rushyo: In terms of deadline, that was created before Mastodon movement, 16:35:57 q+ 16:37:51 sandro: that's exactly the argument I made, a few years ago there was business intro in open social and that died down, but I'm trying to make the argument that there's reason to see excitement and the Mastodon stuff shows interest / value 16:37:57 q? 16:38:01 q- 16:38:07 sandro: +1 business discussion 16:38:55 q? 16:39:31 topic: Disclosure 16:39:56 cwebber2: I'm part of Verifiable Claims work, representing spec-ops, but I'm actinging independly here 16:39:58 random aside, i released a new version of the microformats-ruby gem, includes a console based fetch and parse to json of any mf2 page, which includes most of the social sites here 16:40:07 topic: Meetings 16:40:14 https://doodle.com/poll/rnnsf2y2fgmiq8zb 16:40:40 cwebber2: Please fill this out! For weekly meeting times! 16:40:56 q+ 16:41:36 https://github.com/swicg/general/issues/2 16:41:36 [sandhawke] #2 Meetings (perma-issue) 16:41:43 ack sandro 16:41:55 githubissue++ 16:41:55 githubissue has 1 karma 16:42:15 githubissue++ 16:42:15 githubissue has 2 karma 16:42:34 (nota bene, that issue is how I remembered today's call) 16:42:48 can we not just announce these things in irc topic? 16:42:55 all of the above! 16:42:56 I thought it worked well with cwebber2 reminding via XMPP :] 16:43:46 aaronpk: issue/2 is where the discussion happens, NOT an issue of where the discussion should happen 16:43:50 I definitely need these reminders heh 16:43:53 q? 16:43:58 topic: Discussion of ActivityPub 16:44:08 evan: Nice new stuff in draft 16:44:22 ... as an implementor what's giving me a headache is authn/authz 16:44:40 ... is there something we can do to make sure folks are doing the same thing, and it's secure? 16:45:11 cwebber2: Spec goes in two directions at once for auth 16:45:34 ... there was a discussion a few weeks ago. I'm still a bit lost about oath2 mechanisms 16:45:50 ... minimal is bearer tokens, .... 16:46:07 ... we have stuff in spec, but what are implementors comfortable with? 16:46:19 ... some people are allergic to signatures, and some people want to see signatures 16:47:05 evan: I've been playing around with HTTP signatures and Linked-Data Signatures. This is not my area of expertise. But once I figured it out, it was fairly straightforward. Unlike OAuth which has a lot of questionmarks. 16:47:10 ... few areas to diverge. 16:47:15 ... which is good 16:47:27 cwebber2: I agree, but I know there are disagreements 16:47:51 .. maybe we can try interop 16:48:06 .. I don't think we'll be able to make this as 'authy' as we'd like in the timeframe we have 16:48:13 +1 getting interop working 16:48:24 q+ 16:48:28 q? 16:48:36 q+ to add some notes about signing 16:48:41 ack aaronpk 16:49:12 aaronpk: Not to derail, but there is an alternative to auth, which is how WebMention solves it, with just using dialback 16:49:46 aaronpk: Avoids need for authentication 16:49:54 .. is there a way to do that with AP? 16:49:59 q+ 16:50:03 q+ to say no, because there's private content in AP 16:50:24 evan: I was already doing those round trips in my impl 16:50:33 cwebber2: Unless you don't have permission 16:50:59 aaronpk: Private WebMention solves this! 16:51:08 KevinMarks has joined #social 16:51:31 aaronpk: Does not solve all auth, just makes private dialback work 16:52:03 https://indieweb.org/private-webmention 16:52:04 q-, aaronpk basically answered my question, will have to read on that 16:52:05 cwebber2: Is this similar to EvanP's two-legged dialback? 16:52:12 q- 16:52:17 q- 16:52:31 aaronpk: Very specific way to get token 16:52:51 q+ to mention https://datatracker.ietf.org/doc/draft-prodromou-dialback/ 16:52:56 evan: Is this useful for the other places we need auth? 16:52:56 q- 16:53:09 evan: Like when a server needs ... 16:53:17 aaronpk: This is server-to-server only 16:53:21 ack cwebber 16:53:21 cwebber, you wanted to mention https://datatracker.ietf.org/doc/draft-prodromou-dialback/ 16:53:48 cwebber2: Link to evanp's dialback stuff that Pump.io uses currently. Maybe aaronpk you can talk to evanp ? 16:54:04 ( here's the actual spec link: https://www.ietf.org/archive/id/draft-prodromou-dialback-00.txt ) 16:54:28 https://github.com/w3c/activitypub/issues/221 16:54:29 topic: Controlling Availability To Search 16:54:29 [sandhawke] #221 Controlling availability to search 16:54:53 sandro: I want to go meta for a second, is this 5 more minutes or do people want to go longer? 16:54:55 (somewhat off-the-record, but i'd like to join any discussions, aaronpk and evan. the missing/undefined/imprecise definition of signing is one of the main issues we have right now) 16:55:07 sandro: do we want to extend for 35 minutes from now or wrap up in next 5 minutes? 16:55:07 +1 extend 30 mins 16:55:14 +1 on extend to 15-30 mins 16:55:17 +1 extend 16:55:22 +1 extend 16:55:22 +1 16:55:24 0 16:55:28 0 16:55:34 +1 extend 16:55:36 0 16:55:41 +1, but I'll only have 15 or so 16:55:45 i won't be able to talk though 16:55:57 DenSchub, i'd be happy to! 16:56:28 thanks aaronpk 16:56:57 scribenick: sandro 16:57:02 scribenick: cwebber2 16:58:05 q+ to add some user-perspective context 16:58:30 q+ to describe GNU social stance on public posts 16:58:33 sandro: I made this because there was a big mastodon thread on mastodon a while ago... someone made a search engine that gathered stuff from public timelines and allowed search, which many of us found useful, but some people were extremely upset about. The person who brought it up took it down again because they didn't want to upset people. In the github thread you see me going back and forth with one of these people to deal with it. 16:58:33 as a programmer I like to say "if I have access to this why I can't I index it etc". But there are users who want this functionality, but is there something we can do to balance waht different parties want here 16:58:36 ack DenSchub 16:58:36 DenSchub, you wanted to add some user-perspective context 16:58:59 DenSchub: we had the same discussion over and over again, on diaspora, public and private stuff 16:59:05 scribenick: sandro 16:59:08 ... we worked around it by adding robots.txt 16:59:24 ... that seemed to make most users happy 16:59:31 DenSchub++ 16:59:51 sandro: that wouldn't make me, as a user who wants to search, very happy 16:59:51 q+ 16:59:55 I appreciate the user-privacy by default design 16:59:55 q+ 17:00:19 DenSchub: We were marked as private social network, so this (non-google) approach seemed to make our users happy 17:00:22 opt-in would be nice if people really want their posts indexed 17:00:24 q? 17:00:32 sandro: that makes sense 17:00:36 ack MMN-work 17:00:36 MMN-work, you wanted to describe GNU social stance on public posts 17:00:53 q+ cwebber2 17:00:53 MMN-work: gnusocial idea about this is we never say anything is private 17:01:06 ... you can never guarantee the remote side in a federation will honor anything 17:01:17 ... as long as the admin can read it, the remote side can publish 17:01:38 ... we even license the content as CC-attr so there is explicit permission to replicate posts 17:01:43 ... it's important to be clear about this 17:02:04 ... of course Diaspora* is marketed as private, but I don't see how you can do that without explicity e2r crypto 17:02:11 ... we're very open about this 17:02:20 ... so transparency 17:02:28 q+ to ask if gnusocial has search engines 17:02:37 interesting, in contrast email "seems" to work for private by default (as long you don't get phished by Russians :P ) 17:02:51 ... with Mastodon introducting scoping, ... it doesn't work in Federated environment 17:02:54 ack Rushyo 17:03:20 Rushyo: The Mastodon ecosystem has a very wide variety of different privacy expectaitons. Some enforced by tech, some social 17:03:27 tantek: you still have to somewhat trust the mail server 17:03:34 ... and instance might have a whitelist, with other instances that will use data responsibility 17:03:45 ... lots of instances have users with privacy requests 17:03:47 DenSchub: yes, that's my point. somehow mail servers have evolved to trust each other 17:03:54 ... with Mastodon it's all kinds of gray (colors!) 17:03:59 though I agree end to end encryption is preferable :) 17:04:24 ... posts sent to an instance, but ... only some interface ... some instance rules, ... unless enforced by some kind of 'treaty', it works or doesn't if someone tries to abuse it 17:04:30 ... it gets really complicated and messy 17:04:50 i always argue with "it's clear what server you're sending to, so if you don't trust the server, do not send your messages there" in such discussions about diaspora 17:04:51 ... the implementations is relatively naive, but social seems to work 17:05:00 +1 rushyo 17:05:04 but that's just the user's feelings, not actual technical facts 17:05:09 ... search engine tramples on this, race to bottom, we'll get technical blocks 17:05:13 (how did you do the karma thing?) 17:05:22 ... one of the reasons behind 2crypt is to create minimum baseline 17:05:23 MMN-work, foo++ 17:05:26 ... person to person solution 17:05:31 rushyo++ 17:05:31 rushyo has 1 karma 17:05:42 ... for groups across federation you'd need something else 17:06:03 ... anything more than 2crypt is going to need some kind of agreement 17:06:04 q? 17:06:11 ... maybe just don't subscribe to people who want high privacy? 17:06:33 evan: Mostly agree with MMN-work that nothing is private unless end-to-end encrypted 17:06:42 q+ 17:06:48 ack evan 17:06:54 ... nothing is really private on FB and Twitter, right? But you can indicate that things are generally going to be private? 17:07:06 ... I'm really sympathetic to desire to avoid harassment 17:07:17 ... but systems need to acknowledge that there will be bad actors 17:07:26 ... so unless there's access control, it is searchable. 17:07:44 ... robots.txt is helpful as a hint, but the problem is 17:08:06 ack cwebber2 17:08:10 ... people want a guarantee of privacy. Without e2e, private posts are the only answer 17:08:10 evan++ 17:08:14 evan:++ 17:08:17 evan++ 17:08:17 evan has 3 karma 17:08:21 evan++ 17:08:21 evan has 4 karma 17:08:28 cwebber2: a few things going on here 17:08:37 FWIW FB has "public" posts that are only "public" to logged in users. Not available to search engines or non-logged in users. 17:08:39 ... at one end gnusocial, everything is public 17:08:48 ... some ability to do private, but not much 17:08:53 ... Mastodon is in between 17:09:04 ... at the other end is end2end encryption 17:09:08 ... but people can still break that trust 17:09:13 cwebber++ 17:09:13 cwebber has 20 karma 17:09:17 indieweb tends to do that same of 'everything is public' by default and a few have experimented with access controlled posts 17:09:21 ... in the middle we have email, esp unencrypted email 17:09:45 ... if I send to a public mailing list 17:09:58 ... if I send to just Tantek, I don't expect it to end up in Aaron's inbox 17:09:59 q- 17:10:23 ... maybe gmail or NSA can screw with that, but there's still an expectation of privacy 17:10:27 q+ to clarify difference of social and technical problems 17:10:36 ... maybe a DRM solution would help, but we don't really want that eiuther 17:10:49 q+ 17:10:51 ... on this AP issue, can/should we add anything? 17:11:03 ... right now, it's a lot like email, with also a Public destination 17:11:14 ... some risks 17:11:28 ... if you say 'do not index' that's kind of a flag that'll get you attention 17:11:44 ... my feeling is we should say it's email like 17:11:55 q- 17:11:56 ... we can add other flags, but let's be careful 17:12:05 q? 17:12:07 ack astronouth7303 17:12:08 +1 modeling it like email 17:12:11 (sorry, phone) I have two thoughts on this topic: 17:12:52 1. I think that there should be room for different providers to compete while maintaining interop 17:13:16 2. S2s auth has a role in this 17:13:37 q+ 17:13:40 astronouth7303: ACK when done :) 17:13:54 ack astronouth7303 17:13:58 ack astronouth 17:13:58 Verifying the provider making the request means you can enforce some level of acl 17:14:02 it just needs to be clear that any extension that adds a form of e2e crypto or privacy creates messages that are ignored by implementations that do not understand them, which can be done by an extension that creates a new inbox for encrypted private messages 17:14:11 I look forward to seeing such extensions 17:14:13 Ack astronouth7303 17:14:49 (which is how TootCrypt works, extensions be damned ;]) 17:14:56 ack evan 17:14:59 cwebber2: EvanP suggested a public-no-indexing inbox maybe 17:15:05 q+ just to give a personal user anecdote example using robots.txt to block bots from my blog for its first two years felt "good enough" and then afterwards I changed how/what I posted. would like per-post robots.txt controls. might just implement this in my own CMS. 17:15:14 q- just 17:15:27 q+ to give a personal user anecdote example using robots.txt to block bots from my blog for its first two years felt "good enough" and then afterwards I changed how/what I posted. would like per-post robots.txt controls. might just implement this in my own CMS. 17:15:55 evan: astronouth7303 made a good point. We could consider, maybe in an extension, rather than auth'ing as user, when fetching an outbox, a search engine could have to provide some proof that it's the user it says it is. So a bad actor 17:15:59 q+ to discuss abuse briefly 17:16:08 ... a harassment-centric search engine, you could black-list it. 17:16:16 ack sandro 17:16:57 q+ 17:17:41 scribenick: sandro 17:17:59 cwebber2: diaspora, because of "own your data", and Mastodon fear of harassment 17:18:00 ack tantek 17:18:00 tantek, you wanted to give a personal user anecdote example using robots.txt to block bots from my blog for its first two years felt "good enough" and then afterwards I changed 17:18:02 q? 17:18:03 ... how/what I posted. would like per-post robots.txt controls. might just implement this in my own CMS. 17:18:07 q+ 17:18:14 tantek: I'm personally really interested in seeing this solved 17:18:21 ... use cases like privacy and avoiding abuse 17:18:29 tantek++ 17:18:29 tantek has 55 karma in this channel (342 overall) 17:18:30 ... are pretty important to making a different with federation 17:18:35 ... very happy to see this much work 17:18:48 ... micro.blog has "safe-replies" 17:19:07 +q to discuss technical and social problems 17:19:07 ... when I started my blog, I used robots.txt, because I didn't want results from search engine folks 17:19:25 ... I wanted to blog freely, and mostly be seen only by people who knew me 17:19:34 ... but then I wanted my CSS stuff to be found 17:19:42 ... maybe I want per-post robots.txt 17:20:08 ... I worked for technorati, blog search engine, before twitter had search 17:20:13 ... and we had this challenge as well 17:20:35 ... google sucked for indexing blogs, but we were really good at it, they pinged us 17:20:46 ... we ignored robots.txt because we were being requested to crawl 17:21:03 ... sometimes people complained, and when someone complained, we took them out of the index 17:21:11 ... and generally people found that acceptable. 17:21:15 Does anyone respect or whatever it is? 17:21:18 ... so I think there is a social evolution aspect here 17:21:52 ... good social engine actors, respecting people's requests, that will be self-reinfocing I think 17:21:56 q? 17:22:01 ... but then there are bad actors I have to block from my site 17:22:13 cwebber2: I think part of this is an expression of intent. 17:22:19 ... important but tricky 17:22:24 ... ongoing 17:22:41 ... from Mastodon side, seems to be about abuse-mitigation, which is in-scope for this group 17:22:50 ... we don't have tooling as good as we'd like 17:22:59 ... anti-abuse stuff has come up a few times 17:23:08 anti-spam interesting bit for webmention http://indieweb.org/vouch 17:23:10 ... blocking search engines might be enough, might not 17:23:51 ack cwebber 17:23:51 cwebber, you wanted to discuss abuse briefly 17:23:52 ack evan 17:23:53 ... sandro mentioned possibility that someone could still implement a search used by abusers, might be most desired by them, could be flag in opposite direction. I think we have to do a lot of work on anti-abuse tooling. 17:24:48 evan: In terms of how there wasn't a race to the bottom in Diaspora, the problem isn't just technical. I think Mastodon is probably more lgbt / social justice aligned, which indicates to me it would be much more likely for a group of tech-savvy harassers to WANT to break in, 17:24:58 ... because of the dynamics of that sort of culture war 17:25:21 ack DenSchub 17:25:26 ... "nobody has built a harrassers search engine yet" might attract bad actors 17:25:53 DenSchub: The problems we had weren't really technical, because we always claimed public posts are public and visible to anyone, but there were 17:26:03 ... still a lot of misconceptions about what Public means. 17:26:18 ... not a technical problem, psychological problem. Not a lot one can do in spec. 17:26:36 .. clear from technical side, but user's feelings are sometimes a little bit tricky to understand. 17:26:43 ack MMN-work 17:26:43 MMN-work, you wanted to discuss technical and social problems 17:26:57 MMN-work: most has been said, but re race-to-bottom 17:27:06 ... I don't know if I've given up on technical 17:27:15 ... but the idea behind quitter.se 17:27:33 ... if there's some way to encourage people to create nodes that are not huge mega-nodes 17:28:02 ... it's much better. Small, community/friend instances, that kind of size is much better, because then admin/community solves moderation issues 17:28:03 MMN-work++ 17:28:03 mmn-work has 1 karma 17:28:23 ... if the network is properly federated it wont be possible to keep white/black list without very good community moderation 17:28:30 ... probably not in scope for AP 17:28:53 ... Community for moderately sized instance, vs mega-nodes 17:29:11 cwebber2: People would probably agree smaller instances makes moderation easier 17:29:12 q? 17:30:01 sandro++ for minuting 17:30:01 sandro has 37 karma in this channel (44 overall) 17:30:02 cwebber2: Let's wrap up, postpone anything else to next week 17:30:05 cwebber++ for chairing! 17:30:05 cwebber has 21 karma 17:30:38 and thanks sandro for scribing :) 17:30:40 sandro++ 17:30:40 sandro has 38 karma in this channel (45 overall) 17:30:43 Yay! My plane has not taken off yet! 17:30:46 cwebber2, I don't actually know what we do with minutes for the CG 17:30:47 😃 17:30:48 astronouth7303: :) 17:30:50 also 17:30:52 Mumble++ 17:30:52 slow down! 17:30:57 lol 17:31:06 karma overflow 17:31:32 sandro, last week we posted to https://www.w3.org/wiki/SocialCG/2017-05-05/minutes 17:31:36 oh, holdon. next week will be on the same time, right? 17:31:46 I have Opinions and would like to be part of several future discussions 17:31:53 trackbot, end meeting 17:31:53 Zakim, list attendees 17:31:53 As of this point the attendees have been tantek, sandro, geppy, DenSchub, evan, albino, cwebber, Rushyo, MMN-work, knutsoned, aaronpk, astronouth, ben_thatmustbeme 17:32:01 RRSAgent, please draft minutes 17:32:01 I have made the request to generate http://www.w3.org/2017/05/19-social-minutes.html trackbot 17:32:02 RRSAgent, bye 17:32:02 I see no action items 17:32:04 DenSchub, not necessarily