IRC log of social on 2016-06-28

Timestamps are in UTC.

17:00:29 [RRSAgent]
RRSAgent has joined #social
17:00:29 [RRSAgent]
logging to
17:00:31 [trackbot]
RRSAgent, make logs public
17:00:31 [Zakim]
Zakim has joined #social
17:00:33 [trackbot]
Zakim, this will be SOCL
17:00:33 [Zakim]
ok, trackbot
17:00:34 [trackbot]
Meeting: Social Web Working Group Teleconference
17:00:35 [trackbot]
Date: 28 June 2016
17:00:37 [sandro]
17:01:03 [annbass]
17:01:06 [akuckartz]
akuckartz has joined #social
17:01:39 [tantek]
17:01:53 [akuckartz]
17:02:15 [rhiaro]
17:02:16 [aaronpk]
17:02:34 [bengo]
bengo has joined #social
17:02:42 [cwebber2]
17:02:44 [cwebber2]
17:02:58 [aaronpk]
17:03:11 [bengo]
17:03:28 [aaronpk]
is the audio dropping periodically for anyone else? or is that my wifi?
17:03:35 [annbass]
scribenick: annbass
17:03:40 [cwebber2]
aaronpk, seems fine for the minute I've been in
17:03:43 [aaronpk]
calling back in..
17:03:58 [tantek]
zakim, who is here?
17:03:58 [Zakim]
Present: sandro, annbass, tantek, akuckartz, rhiaro, aaronpk, cwebber, bengo
17:04:01 [Zakim]
On IRC I see bengo, akuckartz, Zakim, RRSAgent, KevinMarks2, annbass, tantek, jasnell_, Arnaud, jet, cwebber2, KevinMarks, ben_thatmustbeme, rrika, rhiaro, wilkie, raucao, pdurbin,
17:04:01 [Zakim]
... dwhly, bigbluehat, bitbear, ElijahLynn, tsyesika, Loqi, strugee, aaronpk, wseltzer, sandro, trackbot
17:04:11 [annbass]
chair: tantek
17:04:26 [annbass]
approval of minutes from F2F and last week's meeting
17:04:56 [tantek]
17:05:15 [annbass]
F2F was 6-6 and 6-7, but first day minutes were already approved
17:05:21 [annbass]
this vote is for 6-7
17:05:29 [aaronpk]
17:05:40 [tsyesika]
17:05:44 [annbass]
tantek clarifying when resolved to take micropub to CR
17:05:53 [annbass]
aaronpk: we did that last week
17:06:02 [rhiaro]
We checked the mintues but we basically just screwed up the wording of the proposal
17:06:04 [aaronpk]
that wasn't me
17:06:13 [annbass]
<discussion and clarification>
17:06:19 [aaronpk]
ugh having more audio issues. trying again.
17:06:37 [annbass]
tantek: any other questions or issues?
17:06:42 [rhiaro]
17:06:42 [bengo]
17:06:44 [tsyesika]
17:06:44 [annbass]
vote to approve ..
17:06:45 [KevinMarks]
17:06:46 [annbass]
17:06:50 [KevinMarks]
+1 even
17:06:59 [cwebber2]
17:07:09 [annbass]
minutes approved
17:07:45 [annbass]
next: minutes from 6/21 meeting...
17:07:53 [annbass]
(last week)
17:07:57 [tantek]
17:07:58 [shepazu]
shepazu has joined #social
17:08:04 [rhiaro]
17:08:11 [annbass]
17:08:14 [tsyesika]
17:08:19 [cwebber2]
17:08:34 [bengo]
17:09:12 [KevinMarks]
17:09:45 [annbass]
minutes approved
17:09:49 [tantek]
17:10:36 [annbass]
Topics: AS2 and Micropub transitions
17:10:43 [annbass]
sandro: people are slow...
17:11:04 [annbass]
... I need to send transition request emails out tomorrow morning at latest
17:11:27 [annbass]
tantek: wou ld it help if we tracked the outstanding items?
17:11:33 [annbass]
sandro: not sure that'd help
17:12:23 [annbass]
... no actions for group;
17:12:50 [annbass]
... aaronpk, hold off on formatting if you can and please respond promptly if I ping you in next few hours
17:13:41 [annbass]
tantek: for the record, seeking publication date of 7/7 or 7/12
17:14:02 [annbass]
... ok, the date is pending;
17:14:23 [annbass]
... waiting for some info from Evan (who sent regrets for today)
17:15:07 [annbass]
Topic: JS2 and Post Type Discovery
17:15:19 [annbass]
... short names approved and publication request approved
17:15:38 [annbass]
... editors need to process HTML output into proper location
17:15:54 [annbass]
... (manual process)
17:16:06 [annbass]
sandro: helpful if it could be done today
17:16:18 [tantek]
zakim, who is here?
17:16:18 [Zakim]
Present: sandro, annbass, tantek, akuckartz, rhiaro, aaronpk, cwebber, bengo, tsyesika, !
17:16:20 [Zakim]
On IRC I see shepazu, bengo, akuckartz, Zakim, RRSAgent, KevinMarks2, annbass, tantek, jasnell_, Arnaud, jet, cwebber2, KevinMarks, ben_thatmustbeme, rrika, rhiaro, wilkie, raucao,
17:16:20 [Zakim]
... pdurbin, dwhly, bigbluehat, bitbear, ElijahLynn, tsyesika, Loqi, strugee, aaronpk, wseltzer, sandro, trackbot
17:16:22 [annbass]
tantek: I can do that for Post Type Discovery
17:16:40 [annbass]
... is Ben Roberts (benthatmustbeme) here?
17:16:42 [annbass]
... no
17:16:48 [annbass]
... for JS2
17:16:55 [rhiaro]
17:17:03 [annbass]
... let's aim for 7/30 publication date
17:17:10 [ben_thatmustbeme]
can hear only, conference room is ocupied,
17:17:13 [ben_thatmustbeme]
just got on
17:17:28 [tantek]
17:17:48 [annbass]
... date should be 6/30
17:18:22 [annbass]
tantek: asking ben what needs to be done
17:18:39 [ben_thatmustbeme]
okay, i have them passing tests, its just i need to finish up one minor piece
17:18:50 [ben_thatmustbeme]
and yes, today I should be able to do that
17:18:57 [annbass]
tantek:; OK, thanks
17:19:03 [ben_thatmustbeme]
17:19:07 [tantek]
Topic: Follow up on AS2 closed issues labelled 'waiting for commenter'
17:19:14 [rhiaro]
17:19:38 [annbass]
rhiaro gets massive kudos for contacting all commenters!
17:19:40 [bengo]
17:19:42 [annbass]
17:19:42 [Loqi]
rhiaro has 208 karma
17:19:44 [Loqi]
rhiaro has 209 karma
17:20:04 [annbass]
rhiaro: contacted everyone via email; gave them a deadline of today
17:20:24 [annbass]
... bunch of no replies; those are presumed to be time-outs
17:20:46 [annbass]
... dret (Erik Wilde) had one hesitation
17:20:56 [annbass]
... wonders if we should give a little more time
17:21:08 [annbass]
sandro: technically one week left
17:21:27 [annbass]
rhiaro: could use help finding email address for 3 people she couldn't find
17:21:37 [KevinMarks]
if only you could webmention them
17:22:04 [annbass]
sandro: issue 284 ... <that person> didn't actually raise the issue, KevinMarks did
17:22:06 [KevinMarks]
I'll have a look
17:22:15 [KevinMarks]
I copied it in
17:22:42 [annbass]
tantek: (clarifying) .. external comment, that KevinMarks brought into github?
17:22:46 [annbass]
17:23:28 [annbass]
<discussion about who gets contacted when there's discussion on github... opinions that is definitely not a reliable way for people to be informed>
17:23:37 [ben_thatmustbeme]
rhiaro, annando is pretty active on github, but we can try in #friendica on freenode to see if anyone has contact info there
17:23:45 [annbass]
KevinMarks: I'll try to get in contact with <that person>
17:24:05 [KevinMarks]
Cathal Garvey
17:24:08 [rhiaro]
@ cathalgarvey
17:24:38 [KevinMarks]
hm, is down
17:24:45 [annbass]
sandro: just found email for one of them .. will send to rhiaro
17:25:27 [rhiaro] bengo
17:25:48 [annbass]
rhiaro: next issue .. <something> .. jasnell and Evan aren't here today .. need their inputs
17:26:04 [annbass]
bengo: explains
17:26:45 [annbass]
(would be helpful if bengo could put a small summary in IRC)
17:26:58 [annbass]
tantek: sounds like an editorial fix ... true?
17:27:02 [annbass]
bengo: yes
17:27:29 [annbass]
tantek: functionality was already there, but not adequately described .. this improves understanding
17:27:35 [bengo]
It explicitly lists the 'id' property as being allowed on Link object in core.
17:27:48 [annbass]
... asks sandro if we can make editorial fixes after CR
17:27:51 [annbass]
sandro: yes, we can
17:28:09 [annbass]
tantek: <clarifying timing on when the fix is made, and when it will show up>
17:29:27 [annbass]
... if it's not a normative change, group can choose to make the change before CR
17:29:47 [annbass]
... asks rhiaro if she has opinion / ditto Ben
17:29:52 [annbass]
rhiaro: don't care
17:30:27 [annbass]
ben_thatmustbeme: see if we can make change before CR
17:30:40 [tantek]
PROPOSED: Accept editorial change from bengo to AS2 in pull request pending spec editor approval with the intent of making this fix for CR.
17:30:51 [bengo]
17:30:58 [ben_thatmustbeme]
17:31:02 [bengo]
17:31:04 [rhiaro]
17:31:06 [sandro]
17:31:10 [annbass]
17:31:11 [ben_thatmustbeme]
17:31:15 [akuckartz]
17:31:27 [rhiaro]
bengo++ for PR
17:31:29 [Loqi]
bengo has 16 karma
17:31:30 [annbass]
tantek: resolved
17:31:30 [tantek]
RESOLVED: Accept editorial change from bengo to AS2 in pull request pending spec editor approval with the intent of making this fix for CR.
17:31:59 [annbass]
rhiaro: 2 issues raised by dret (Erik Wilde)
17:32:03 [annbass]
... one closed
17:32:05 [rhiaro]
17:32:17 [annbass]
... the other is an editorial change, but it's significant
17:32:42 [annbass]
... he notes he has not seen a good explanation of why this change shouldn't be made
17:33:02 [annbass]
... but he'll approve if the group has decided not to do it
17:33:22 [annbass]
tantek: requires addition of non-trivial text?
17:33:42 [annbass]
rhiaro: yes, I might be over-thinking it, but it's about how media type is explained
17:34:09 [annbass]
... would be really helpful if dret could join the call and explain more
17:34:31 [annbass]
sandro: given that the tight timing, and IF it is only editorial, then we could do that after CR
17:35:00 [akuckartz]
I do not think it is only editorial
17:35:12 [annbass]
rhiaro: I understand it's only editorial, but there are a lot of threads, so need to clarify
17:36:01 [annbass]
annbass: could dret propose some new language?
17:36:11 [annbass]
sandro: problem is, we don't have time
17:36:30 [annbass]
tantek: asking akuckartz for clarification
17:36:39 [annbass]
<sorry, I can't hear him>
17:37:24 [annbass]
akuckartz: I think this is important, but I don't want to hold up CR process
17:37:35 [ben_thatmustbeme]
i think it COULD be resolved as editorial
17:37:48 [ben_thatmustbeme]
or as non-editorial
17:38:06 [annbass]
tantek: we can still proceed .. but, if you end up thinking this is a serious implementation issue, you can block it .. then we would resolve the issue and can work toward a new CR
17:38:14 [annbass]
akuckartz: that's OK with me
17:39:09 [annbass]
tantek: resolve per this conversation, this is OK with akuckartz and dret .. and if they decide later this is significant, we will work to resolve and issue a new CR
17:39:46 [annbass]
tantek: notes that any objectors can file a new issue, which we can link back to this discussion
17:39:52 [sandro]
fwiw, reading over the issue, it looks editorial to me. Dret doesnt want to use profile.
17:40:14 [annbass]
tantek: clarifying this is true for anyone and all issues ..
17:40:29 [annbass]
<waiting for rhiaro to get reconnected>
17:40:36 [sandro]
( in he says, ""that would be against the intention of the profile parameter)
17:40:39 [rhiaro]
17:40:59 [tantek]
Topic: Authentication/Authorization decisions
17:40:59 [cwebber2]
I raised it
17:41:03 [annbass]
tantek: we'll proceed and then get back to AS2 when rhiaro reconnects
17:41:38 [sandro]
we're not hearing Chris
17:42:17 [sandro]
tantek, agenda+ Horizontal Reviews
17:42:26 [aaronpk]
17:42:39 [annbass]
cwebber2: I raised this issue bcuz I was implementing ActivityPub .. realized this was a hole .. we originally said this was out-of-scope, but then I worried re: what this will really mean for implementers
17:42:55 [annbass]
... various options IndieAuth or OAuth or ...
17:43:11 [annbass]
... do we need more specificity?
17:43:53 [tantek]
s/or OAuth/as one possible way of doing OAuth2 with bearer tokens
17:44:03 [tantek]
17:44:17 [KevinMarks]
micropub uses indieauth; webmention doesn't need auth
17:44:25 [sandro]
17:44:46 [annbass]
... I don't understand details of some of the proposed solutions; need more info; seems like a hole and not sure what to do
17:45:09 [annbass]
tantek: for context: last time this question was asked ..
17:45:24 [ben_thatmustbeme]
scribenick: ben_thatmustbeme
17:45:56 [ben_thatmustbeme]
tantek: back at f2f at MIT we came to an agreement that we would refer to oauth 2 with barer tokens and we would leave it at that
17:46:49 [ben_thatmustbeme]
tantek: a reasonable summary from cwebber is that that is insufficient
17:46:53 [ben_thatmustbeme]
cwebber2: thats issues 1
17:47:06 [tantek]
s/insufficient/insufficient to achieve interoperability
17:47:15 [ben_thatmustbeme]
... issue 2 is, for micropub we list indieauth as a SHOULD (i think)
17:47:16 [tantek]
17:47:22 [ben_thatmustbeme]
... is that okay for the group?
17:47:24 [bengo]
IMO it's good for these specs to say "The Server should explain it's authorization requirements via WWW-Authenticate response header"
17:47:27 [tantek]
ack aaronpk
17:47:52 [ben_thatmustbeme]
aaronpk: the reason that we decided oauth2 with barer tokens is acceptable is because it lets us avoid complicating these issues and these calls
17:48:07 [ben_thatmustbeme]
... in stark contrast to oauth 1 with ties requests to authentication
17:48:25 [ben_thatmustbeme]
... if you forget everything you know about oauth1, 2.0 becomes much easier
17:48:53 [ben_thatmustbeme]
... the important part is that it describes how to get a token. if both of these specs accept tokens, we don't really care how you get that token
17:49:43 [ben_thatmustbeme]
... as cwebber2 found, there are not really great solutions for that in desktop apps and hardward devices, they can still use the spec, but they just need a token in some way
17:50:02 [cwebber2]
that's helpful, thanks aaronpk
17:50:08 [cwebber2]
17:50:08 [bengo]
17:50:18 [ben_thatmustbeme]
... there isn't a good industry standard on that, so the best way for that is to just say 'use barer tokens' and it can be anything, oath2, indieauth, etc.
17:50:33 [KevinMarks]
a lot of oauth2 is documenting possible ways to get tokens
17:50:44 [ben_thatmustbeme]
tantek: it sounds like, you are saying that one way to get a token is indieauth, that sounds like an informative note rather than normative
17:51:02 [cwebber2]
I think right now micropub says "SHOULD" on indieauth
17:51:05 [rhiaro]
Me too re: hardcoding/copypasting tokens
17:51:07 [ben_thatmustbeme]
aaronpk: i will say that some of my implementations do not use indieauth, i just copy and paste, and thats a perfectly acceptable method
17:51:14 [cwebber2]
but I suspect it can be easily changed
17:51:22 [tantek]
17:51:25 [tantek]
ack sandro
17:51:26 [ben_thatmustbeme]
tantek: i think this avoids any issue of the stability of indieauth
17:51:33 [aaronpk]
17:51:55 [ben_thatmustbeme]
sandro: basically i agree, at some ponit somebody will come along with a better way to do authentication (i hope)
17:52:20 [ben_thatmustbeme]
sandro: will the specs need to be rewritten or not? i think the answer is not.
17:52:31 [bengo]
17:52:33 [ben_thatmustbeme]
... its a little bit frustrating when implementing, but thats reality
17:52:43 [bengo]
17:52:50 [ben_thatmustbeme]
tantek: it sounds like the state of the industry is messy no matter what we say
17:52:51 [tantek]
17:52:53 [tantek]
ack ben_thatmustbeme
17:52:58 [tantek]
ack bengo
17:53:11 [bengo]
17:53:45 [ben_thatmustbeme]
bengo: as far as the state of the industry is messy, in the last year or two there has been a lot of acceptance of oauth2. they have had a lot of implementations from <lists a bunch>
17:54:09 [aaronpk]
17:54:23 [tantek]
17:54:32 [cwebber2]
bengo, I've been looking at openid connect, I guess I got a bit overwhelmed because it looked like "layer on top of oauth 2". If you have a resource that's like "here's how to implement a bunch and *ignore* a lot of the huge set of options" would help me feel less overwhelmed :)
17:54:37 [ben_thatmustbeme]
... oauth2 barer tokens is compatable with that. saying "use barer tokens" is pretty generic, and it lets you use any string at all really
17:55:10 [cwebber2]
17:55:16 [tantek]
ack aaronpk
17:55:20 [cwebber2]
I'm ok with requireing a response that's informative
17:55:20 [ben_thatmustbeme]
... it could be a little more useful to have an error header to give hints on what is needed for getting that token
17:56:33 [ben_thatmustbeme]
aaronpk: oauth2 does have a header response for when a request requires a token. I agree the server needs a way to say they need a token. The token is opaque, and it is good that way. its up to the server and client to negotiate that. you don't need that in the spec because thats an implementation detail
17:56:57 [ben_thatmustbeme]
... its just saying, the client willg et a string, the client should not try to interpret that string
17:57:03 [tantek]
17:57:30 [ben_thatmustbeme]
tantek: cwebber2 you originally raised this, is this enough for you to follow up?
17:58:15 [ben_thatmustbeme]
cwebber2: i think so, i certainly feel like anything useful that could be said on this call has already been said and i can get more info and work on an issue for that
17:58:26 [ben_thatmustbeme]
tantek: its probably good to record an issue to them to clarify
17:58:36 [ben_thatmustbeme]
tantek: anything else for that item?
17:58:39 [ben_thatmustbeme]
cwebber2: no
17:58:44 [tantek]
17:58:47 [tantek]
17:59:33 [ben_thatmustbeme]
aaronpk: the person wants to only have a media endpoint
17:59:48 [ben_thatmustbeme]
... is this something we should do now or something we can do in CR
17:59:59 [ben_thatmustbeme]
sandro: we should do it now, as its not editorial right?
18:00:08 [ben_thatmustbeme]
aaronpk: it changes the conformance section
18:00:17 [ben_thatmustbeme]
tantek: the request is to make it optional?
18:00:32 [ben_thatmustbeme]
aaronpk: yes, make the direct uploads optional if there is a media endpoint
18:00:39 [ben_thatmustbeme]
sandro: only if there is a media server
18:01:00 [ben_thatmustbeme]
tantek: your options are to make it optional, or mark it at risk and dropping it in CR
18:01:15 [ben_thatmustbeme]
... have you thought about this enough to put forth a specific proposal
18:01:25 [ben_thatmustbeme]
... you can mark it optional AND at risk as well
18:01:56 [ben_thatmustbeme]
aaronpk: the text that would need to change is in the conformance classes section which is .... actually now i'm not seeing that there.
18:02:12 [ben_thatmustbeme]
... shoot ... (talks to self a little)
18:02:41 [ben_thatmustbeme]
sandro: technically we could wait until next week to solve this, even if we get it staged and approval, we could change it
18:03:00 [ben_thatmustbeme]
... send an email to the list as soon as you have some clarity to what you want to do here
18:03:26 [ben_thatmustbeme]
tantek: even better, if you are able to follow up with a PR that the person is ok with, that makes it clear we processed the issue before CR
18:03:47 [ben_thatmustbeme]
tantek: are there any at risk features in the current draft?
18:04:06 [ben_thatmustbeme]
aaronpk: i don't think so, the update and delete we implemented
18:04:28 [ben_thatmustbeme]
tantek: we had only one more explicity item
18:04:37 [ben_thatmustbeme]
aaronpk: i just wanted to drop links in
18:04:56 [ben_thatmustbeme]
sandro: you probably all saw a bunch of emails about getting replies from other groups
18:05:26 [ben_thatmustbeme]
... two groups replied saying they don't have much time, but there was a response with the security and privacy self review
18:05:41 [ben_thatmustbeme]
aaronpk: there was another for internationalization
18:06:16 [ben_thatmustbeme]
<ben_thatmustbeme> i remember looking over the internationalization one before, i think we discussed some time ago
18:06:36 [ben_thatmustbeme]
tantek: sandro, can you make sure the issues get filed for these
18:06:50 [tantek]
18:07:12 [ben_thatmustbeme]
... the response from the other groups was to get these questionaires filled out
18:07:35 [ben_thatmustbeme]
... they may cause changes later
18:07:54 [ben_thatmustbeme]
tantek: thanks everyone, next week, usual time, chair will be evan
18:08:00 [aaronpk]
fyi I did a talk at open source bridge last week summarizing the work this group is doing
18:08:05 [aaronpk]
18:08:12 [aaronpk]
my slides:
18:08:21 [aaronpk]
and video:
18:08:29 [annbass]
that'll be interesting, aaronpk, thanks
18:08:31 [aaronpk]
feel free to use the slides for your own presentations later!
18:08:43 [aaronpk]
and hopefully i accurately represented things here!
18:08:58 [ben_thatmustbeme]
trackbot, end meeting
18:08:58 [trackbot]
Zakim, list attendees
18:08:58 [Zakim]
As of this point the attendees have been sandro, annbass, tantek, akuckartz, rhiaro, aaronpk, cwebber, bengo, tsyesika, !, ben_thatmustbeme
18:09:06 [trackbot]
RRSAgent, please draft minutes
18:09:06 [RRSAgent]
I have made the request to generate trackbot
18:09:07 [trackbot]
RRSAgent, bye
18:09:07 [RRSAgent]
I see no action items