{ "type": "entry", "published": "2018-11-03T21:13:06-04:00", "url": "https://eddiehinkle.com/2018/11/03/17/article/", "category": [ "indieweb", "tech" ], "syndication": [ "https://micro.blog/EddieHinkle", "https://news.indieweb.org/en", "https://twitter.com/eddiehinkle" ], "name": "Thinking through the IWC Berlin displaying responses session", "content": { "text": "I remotely attended the Displaying Responses session of IndieWebCamp Berlin 2018. It was very interesting and they made some good progress thinking though how to deal with how and when to display responses received to posts on your website.\nThey came to the conclusion that there are four groups of people that you want to treat their responses differently:\nAccepted / Immediate Connections\n2nd level connections\nEveryone\nMute or Blocked\nAccepted / Immediate Connections\nThese are essentially your friends on Facebook or your follow list on Twitter. These are people that you have chosen to connect with in some way and this logical conclusions can be drawn around the level of interactions you're willing to have.\nMy plan is to display these responses completely (name, photo and content of response). This list will be generated for me by adding anyone I follow, as well as anyone I have sent a reply to. This will NOT add people to whom I have liked, emoji reacted, quoted, or bookmarked. Those are lower level responses that do not indicate a deeper level of a desire to connect with that person.\n2nd Level Connections\nThese are \"friends of friends\". You can assume they won't do anything TOO bad, but you might not want them posting all over your site. There is a deeper level of trust here because of mutual connection but still some care should be taken. This can be determined through different ways. One way that has been brainstormed in the IndieWeb is Vouch.\nI don't currently track 2nd level connections but I liked how Tantek thought this through, so my plan is for replies to display their photo and name as \"other people that have responded to this post\", but not display the content of their reply. I also think if they send a like, emoji reaction or quote, I'll display it just like I would an Immediate Connection.\nEveryone\nThis is the World Wide Web, and anyone could send anything to my website via webmention. So this is a category you likely want to moderate.\nMy initial thought is I will accept likes, quotes and emoji reactions from them but I won't list attribution of who did it while moderated, just the reaction itself. For replies I am considering potentially listing the url of the author of the post under \"other people who have replied\" but no name, photo or content while moderated.\nMute or Blocked\nThese are people who you do not trust for whatever reasons have happened for you. You don't want to associate with them in any way.\nResponses are not displayed from these people and they are not listed in the moderation queue.\nSome thoughts on moderation\nThis means I'll need a moderation queue. Anything from a 2nd level connection or from the Everyone group will enter the moderation queue. Responses from 2nd level connections should appear higher in the queue than responses from the Everyone group. From there I can choose to:\napprove a response (display it like an immediate connection)\napprove response and accept author (makes this author an immediate connection so they aren't moderated anymore)\nignore response (this leaves the response as is, it leaves the queue but doesn't display additional details)\nremove response (this removes the response from my storage)\nremove response and block author (this both removes the response from my storage and makes sure I don't receive responses from them in the future)\nAll in all, it was a great session that I really enjoyed and I'm looking forward to actually working on implementing some of these features into my site.", "html": "I remotely attended the <a href=\"https://etherpad.indieweb.org/responses\">Displaying Responses session</a> of <a href=\"https://indieweb.org/2018/Berlin#Sessions\">IndieWebCamp Berlin 2018</a>. It was very interesting and they made some good progress thinking though how to deal with how and when to display responses received to posts on your website.\n<p>They came to the conclusion that there are four groups of people that you want to treat their responses differently:</p>\n<ul><li>Accepted / Immediate Connections</li>\n<li>2nd level connections</li>\n<li>Everyone</li>\n<li>Mute or Blocked</li>\n</ul><h2>Accepted / Immediate Connections</h2>\n<p>These are essentially your friends on Facebook or your follow list on Twitter. These are people that you have chosen to connect with in some way and this logical conclusions can be drawn around the level of interactions you're willing to have.</p>\n<p>My plan is to display these responses completely (name, photo and content of response). This list will be generated for me by adding anyone I follow, as well as anyone I have sent a reply to. This will NOT add people to whom I have liked, emoji reacted, quoted, or bookmarked. Those are lower level responses that do not indicate a deeper level of a desire to connect with that person.</p>\n<h2>2nd Level Connections</h2>\n<p>These are \"friends of friends\". You can assume they won't do anything TOO bad, but you might not want them posting all over your site. There is a deeper level of trust here because of mutual connection but still some care should be taken. This can be determined through different ways. One way that has been brainstormed in the IndieWeb is Vouch.</p>\n<p>I don't currently track 2nd level connections but I liked how <a href=\"http://tantek.com\">Tantek</a> thought this through, so my plan is for replies to display their photo and name as \"other people that have responded to this post\", but not display the content of their reply. I also think if they send a like, emoji reaction or quote, I'll display it just like I would an Immediate Connection.</p>\n<h2>Everyone</h2>\n<p>This is the World Wide Web, and anyone could send anything to my website via webmention. So this is a category you likely want to moderate.</p>\n<p>My initial thought is I will accept likes, quotes and emoji reactions from them but I won't list attribution of who did it while moderated, just the reaction itself. For replies I am considering potentially listing the url of the author of the post under \"other people who have replied\" but no name, photo or content while moderated.</p>\n<h2>Mute or Blocked</h2>\n<p>These are people who you do not trust for whatever reasons have happened for you. You don't want to associate with them in any way.</p>\n<p>Responses are not displayed from these people and they are not listed in the moderation queue.</p>\n<h2>Some thoughts on moderation</h2>\n<p>This means I'll need a moderation queue. Anything from a 2nd level connection or from the Everyone group will enter the moderation queue. Responses from 2nd level connections should appear higher in the queue than responses from the Everyone group. From there I can choose to:</p>\n<ul><li>approve a response (display it like an immediate connection)</li>\n<li>approve response and accept author (makes this author an immediate connection so they aren't moderated anymore)</li>\n<li>ignore response (this leaves the response as is, it leaves the queue but doesn't display additional details)</li>\n<li>remove response (this removes the response from my storage)</li>\n<li>remove response and block author (this both removes the response from my storage and makes sure I don't receive responses from them in the future)</li>\n</ul><p>All in all, it was a great session that I really enjoyed and I'm looking forward to actually working on implementing some of these features into my site.\n</p>" }, "author": { "type": "card", "name": "Eddie Hinkle", "url": "https://eddiehinkle.com/", "photo": "https://aperture-proxy.p3k.io/cc9591b69c2c835fa2c6e23745b224db4b4b431f/68747470733a2f2f656464696568696e6b6c652e636f6d2f696d616765732f70726f66696c652e6a7067" }, "post-type": "article", "_id": "1335053", "_source": "226", "_is_read": true }
{ "type": "entry", "published": "2018-11-04T10:38:33+0000", "url": "http://known.kevinmarks.com/2018/the-verify-me-plugin-is-now-approved-at", "category": [ "Indieweb", "Yesvember" ], "in-reply-to": [ "http://known.kevinmarks.com/2018/i-updated-the-verify-me-plugin-atindiewebverify-me-to" ], "content": { "text": "The verify-me plugin is now approved at the Chrome store: https://chrome.google.com/webstore/detail/verify-me/nnefkajddpfponfnmaflddipljfdlcjb/related?hl=en-G... \n\nNot sure how to get the firefox version updated. #Indieweb #Yesvember", "html": "The verify-me plugin is now approved at the Chrome store: <a href=\"https://chrome.google.com/webstore/detail/verify-me/nnefkajddpfponfnmaflddipljfdlcjb/related?hl=en-GB&gl=GB\">https://chrome.google.com/webstore/detail/verify-me/nnefkajddpfponfnmaflddipljfdlcjb/related?hl=en-G...</a> <br />\nNot sure how to get the firefox version updated. <a href=\"http://known.kevinmarks.com/tag/Indieweb\" class=\"p-category\">#Indieweb</a> <a href=\"http://known.kevinmarks.com/tag/Yesvember\" class=\"p-category\">#Yesvember</a>" }, "author": { "type": "card", "name": "Kevin Marks", "url": "http://known.kevinmarks.com/profile/kevinmarks", "photo": "https://aperture-proxy.p3k.io/ed7979fd10a648fc253eae0b54e66fb36e57d3d4/687474703a2f2f6b6e6f776e2e6b6576696e6d61726b732e636f6d2f66696c652f3932353536353636363931373362373836376162383339656536353536663965" }, "post-type": "reply", "_id": "1334012", "_source": "205", "_is_read": true }
{ "type": "entry", "published": "2018-11-04T03:08:30+0000", "url": "http://known.kevinmarks.com/2018/i-updated-the-verify-me-plugin-atindiewebverify-me-to", "category": [ "Indieweb", "Yesvember" ], "content": { "text": "I updated the verify-me plugin at\nhttps://github.com/indieweb/verify-me to use Martijn's local code instead of http://indiewebify.me - it's pending review at the chrome store #Indieweb #Yesvember", "html": "I updated the verify-me plugin at<br /><a href=\"https://github.com/indieweb/verify-me\">https://github.com/indieweb/verify-me</a> to use Martijn's local code instead of <a href=\"http://indiewebify.me\">http://indiewebify.me</a> - it's pending review at the chrome store <a href=\"http://known.kevinmarks.com/tag/Indieweb\" class=\"p-category\">#Indieweb</a> <a href=\"http://known.kevinmarks.com/tag/Yesvember\" class=\"p-category\">#Yesvember</a>" }, "author": { "type": "card", "name": "Kevin Marks", "url": "http://known.kevinmarks.com/profile/kevinmarks", "photo": "https://aperture-proxy.p3k.io/ed7979fd10a648fc253eae0b54e66fb36e57d3d4/687474703a2f2f6b6e6f776e2e6b6576696e6d61726b732e636f6d2f66696c652f3932353536353636363931373362373836376162383339656536353536663965" }, "post-type": "note", "_id": "1332941", "_source": "205", "_is_read": true }
Day one of Indie Web Camp Berlin is done, and it was great! Here’s Charlie’s recap of the sessions she attended.
{ "type": "entry", "published": "2018-11-03T23:10:53Z", "url": "https://adactio.com/links/14474", "category": [ "indieweb", "iwc", "berlin", "indiewebcamp", "microsub", "microformats", "webmentions" ], "bookmark-of": [ "https://www.sonniesedge.co.uk/notes/1548" ], "content": { "text": "2018-11-03, 21:54 - sonniesedge.co.uk\n\n\n\nDay one of Indie Web Camp Berlin is done, and it was great! Here\u2019s Charlie\u2019s recap of the sessions she attended.", "html": "<h3>\n<a class=\"p-name u-bookmark-of\" href=\"https://www.sonniesedge.co.uk/notes/1548\">\n2018-11-03, 21:54 - sonniesedge.co.uk\n</a>\n</h3>\n\n<p>Day one of Indie Web Camp Berlin is done, and it was <em>great</em>! Here\u2019s Charlie\u2019s recap of the sessions she attended.</p>" }, "post-type": "bookmark", "_id": "1331822", "_source": "2", "_is_read": true }
{ "type": "entry", "published": "2018-11-03T11:18:19-04:00", "url": "https://eddiehinkle.com/2018/11/03/4/photo/", "category": [ "indieweb", "family", "tech" ], "photo": [ "https://aperture-proxy.p3k.io/512389da5b462c6f90d379385d84222e93c48580/68747470733a2f2f656464696568696e6b6c652e636f6d2f6d656469612f36316161343161623863303437623865626336353831343264396565366435362e6a706567" ], "syndication": [ "https://micro.blog/EddieHinkle", "https://twitter.com/eddiehinkle" ], "content": { "text": "The youngest IndieWebCamp remote attendee at IndieWebCamp Berlin: 3 months and 6 days old and already learning how to display responses on his website." }, "author": { "type": "card", "name": "Eddie Hinkle", "url": "https://eddiehinkle.com/", "photo": "https://aperture-proxy.p3k.io/cc9591b69c2c835fa2c6e23745b224db4b4b431f/68747470733a2f2f656464696568696e6b6c652e636f6d2f696d616765732f70726f66696c652e6a7067" }, "post-type": "photo", "_id": "1329029", "_source": "226", "_is_read": true }
{ "type": "entry", "published": "2018-11-03T03:50:54+0000", "url": "http://known.kevinmarks.com/2018/how-do-we-replace-flickr-indieweb-yesvember", "name": "How do we replace Flickr? #Indieweb #Yesvember", "content": { "text": "Flickr, like all successful social software, is different things to different people. When something is done well, we internalize the communities that we interact with on it as part of the character of the place.\nFlickr was intentionally built as a community - it had\u00a0community guidelines\u00a0and a welcoming presence from Heather Champ and George Oates, who tummelled it brilliantly, welcoming new people and setting the tone.Don MacAskill,\u00a0Smugmug CEO and new owner of Flickr,\u00a0wants to retain this:We bought Flickr because it\u2019s the largest photographer-focused community in the world. I\u2019ve been a fan for 14 years. There\u2019s nothing else like it. It\u2019s the best place to explore, discover, and connect with amazing photographers and their beautiful photography. Flickr is a priceless Internet treasure for everyone and we\u2019re so excited to be investing in its future. Together, hand-in-hand with the the most amazing community on the planet, we can shape the future of photography.\u00a0\u00a0However, he also wants to change things, in particular he wants to\u00a0undo Yahoo's 'Free TB of storage' model:\nIn 2013, Yahoo lost sight of what makes Flickr truly special and responded to a changing landscape in online photo sharing by giving every Flickr user a staggering terabyte of free storage. This, and numerous related changes to the Flickr product during that time, had strongly negative consequences.\nFirst, and most crucially, the free terabyte largely attracted members who were drawn by the free storage, not by engagement with other lovers of photography. This caused a significant tonal shift in our platform, away from the community interaction and exploration of shared interests that makes Flickr the best shared home for photographers in the world. We know those of you who value a vibrant community didn\u2019t like this shift, and with this change we\u2019re re-committing Flickr to focus on fostering this interaction.\nI get this, but the heuristic that Don has chosen\u2014free photos will be limted to 1000, and the oldest ones will be deleted first\u2014is likely to damage the original community feeling that he wants to preserve.\u00a0Ton\u00a0points out the Creative Commons ethos, but it is an earlier mode that I want to point to.In the early years, before cameras in cellphones and huge bandwidth became commonplace enough that we all had phtostreams, Flickr was the place where we shared a community record of events. We'd\u00a0upload our photos and tag them together to make a shared sense of occasion.\u00a0I know if I want to remember etech,\u00a0microformats\u00a0first anniversary or\u00a0the\u00a0vloggies, the photos will be there.However, a lot of these photos are from free users, and they may have gone over 1000, so the collages will be ruined.I'd like to suggest a more subtle heuristic. If images are public, and tagged, and especially if they are creative commons, Flickr should retain them to preserve this archive. If as Don says there are 3% of users with many thousands of photos that are private, they will still be hit by this without enclosing the commons.On the creative commons side, the Internet Archive can download those:\nWe are definitely thinking creatively and engaging directly with Creative Commons. I love CC. See here: https://t.co/Z9aksDbbSB\n\u2014 Don MacAskill (@DonMacAskill) November 1, 2018\n\nAs for the pople who want a big private archive of photos for free, send them to Google Photos, who love users like that (and will run machine learning over them for fun and profit).\nSounds like a great use case for datatransferproject.dev/ to me - wire that up and let people who want to keep big private photo libraries move off flickr\n\u2014 Kevin Marks (@kevinmarks) November 2, 2018\nMeanwhile, over in the fediverse,\u00a0pixelfed\u00a0is just getting started.", "html": "<p>Flickr, like all successful social software, is different things to different people. When something is done well, we internalize the communities that we interact with on it as part of the character of the place.</p><p><a title=\"Just two average guys, minding their own business, walking down the street in SF. The usual. This is usual, right?\" href=\"https://www.flickr.com/photos/maryhodder/49958404/in/photolist-9yZrK-5q3TN-6xd92E\"><img src=\"https://aperture-proxy.p3k.io/1705641848c0f7f4fd8afee25781f7595cef3311/68747470733a2f2f6661726d312e737461746963666c69636b722e636f6d2f33332f34393935383430345f646437343636333165335f622e6a7067\" alt=\"Just two average guys, minding their own business, walking down the street in SF. The usual. This is usual, right?\" /></a></p><p>\n</p><p>Flickr was intentionally built as a community - it had\u00a0<a href=\"https://www.flickr.com/help/guidelines\">community guidelines</a>\u00a0and a welcoming presence from <a href=\"http://tummelvision.tv/2010/01/29/tummel-vision-episode-3-wheather-champ-and-george-oates-theyre-watching-you/\">Heather Champ and George Oates</a>, who tummelled it brilliantly, welcoming new people and setting the tone.</p><p>Don MacAskill,\u00a0Smugmug CEO and new owner of Flickr,\u00a0<a href=\"http://blog.flickr.net/2018/11/01/a-sharper-focus-for-flickr/\">wants to retain this</a>:</p><blockquote><p>We bought Flickr because it\u2019s the largest photographer-focused community in the world. I\u2019ve been a fan for 14 years. There\u2019s nothing else like it. It\u2019s the best place to explore, discover, and connect with amazing photographers and their beautiful photography. Flickr is a priceless Internet treasure for everyone and we\u2019re so excited to be investing in its future. Together, hand-in-hand with the the most amazing community on the planet, we can shape the future of photography.\u00a0\u00a0</p></blockquote><p>However, he also wants to change things, in particular he wants to\u00a0<a href=\"https://blog.flickr.net/en/2018/11/01/changing-flickr-free-accounts-1000-photos/\">undo</a> Yahoo's 'Free TB of storage' model:</p><blockquote>\n<p style=\"color:#212124;\">In 2013, Yahoo lost sight of what makes Flickr truly special and responded to a changing landscape in online photo sharing by giving every Flickr user a staggering terabyte of free storage. This, and numerous related changes to the Flickr product during that time, had strongly negative consequences.</p>\n<p style=\"color:#212124;\">First, and most crucially, the free terabyte largely attracted members who were drawn by the free storage, not by engagement with other lovers of photography. This caused a significant tonal shift in our platform, away from the community interaction and exploration of shared interests that makes Flickr the best shared home for photographers in the world. We know those of you who value a vibrant community didn\u2019t like this shift, and with this change we\u2019re re-committing Flickr to focus on fostering this interaction.</p>\n</blockquote><p style=\"color:#212124;\">I get this, but the heuristic that Don has chosen\u2014free photos will be limted to 1000, and the oldest ones will be deleted first\u2014is likely to damage the original community feeling that he wants to preserve.\u00a0<a href=\"https://www.zylstra.org/blog/2018/11/flickr-account-changes-and-bringing-things-home/\">Ton</a>\u00a0points out the Creative Commons ethos, but it is an earlier mode that I want to point to.</p><p style=\"color:#212124;\">In the early years, before cameras in cellphones and huge bandwidth became commonplace enough that we all had phtostreams, Flickr was the place where we shared a community record of events. We'd\u00a0upload our photos and tag them together to make a shared sense of occasion.\u00a0I know if I want to remember <a href=\"https://www.flickr.com/search/?sort=interestingness-desc&safe_search=1&text=etech05&view_all=1\">etech</a>,\u00a0<a href=\"https://www.flickr.com/search/?sort=interestingness-desc&safe_search=1&text=microformats1&view_all=1\">microformats</a><span style=\"color:#000000;\">\u00a0first anniversary or\u00a0</span>the\u00a0<a href=\"https://www.flickr.com/search/?text=vloggies&view_all=1\">vloggies</a>, the photos will be there.</p><p><a title=\"DSCN0375\" href=\"https://www.flickr.com/photos/olivepress/6549788/in/photolist-zz2o-zBm9-Gtzf-CpTM-AsE4-AiHr-AiMq-AxrP-Cqm3-zDQE-27vhU-AGhC-AxrD-CquE-Cqa7-zBpT-zjmH-zBxj-yNEj-zjmY-zjkc-AGtR-A5m3-A4Vm-C6PR-CrcY-zXv2-Ai9N-C5Ya-AGqD-zBpC-AhH8-Athi-Cqef-Crcz-Axrg-AhNP-AGr3-AGtG-zjmy-zDP8-C6FV-zXvu-Cqrx-27uUf-A4TQ-zDNW-AGk5-Aour-AsCP\"><img src=\"https://aperture-proxy.p3k.io/221f1bb1ac8388e9b37e7df9202839e9799e51bd/68747470733a2f2f6661726d312e737461746963666c69636b722e636f6d2f332f363534393738385f383762326661633238375f6d2e6a7067\" alt=\"DSCN0375\" width=\"174\" height=\"240\" /></a><a title=\"Microformats One Year Anniversary Party\" href=\"https://www.flickr.com/photos/laughingsquid/171847277/in/photolist-gbSHu-gbL8f-gg12Z-gbLdm-gbL6w-gbLd6-geiRW-gbL9d-gbLbj-gbL7r-ggbj5-goor2-gbTcf-gtmKk-gtmFy-gbL4H-gbSBY-gbTcZ-gokQ1-gej34-gbSMQ-ggbhR-gooen-gomiR-gmiZq-gokPV-gbSLo-gomiL-go7E3-gbSPY-gbSZQ-gomiX-gbSDk-gbSX2-gokQ3-gbSDV-go8Lc-gokPW-go8Lb-gtmPB-gokPZ-gmiZs-gbLcf-gbL9K\"><img src=\"https://aperture-proxy.p3k.io/8b57b71a3569b718d80dc9765205cec1e06a8efa/68747470733a2f2f6661726d312e737461746963666c69636b722e636f6d2f35382f3137313834373237375f333036633630326239625f6d2e6a7067\" alt=\"Microformats One Year Anniversary Party\" height=\"240\" /></a><a title=\"Like Father, Like Son\" href=\"https://www.flickr.com/photos/thomashawk/416449908/in/photolist-CNq3Q-sMMY9-KRr3Q-6i4w5C-5uTDpP-72oEHP-rHkNX-D9Aw5-5PwFF9-D6MLZ-6DUJof-rEamW-sfYEW-CWUkh-tLjMR-rD2tg-ryHDk-rCWK6-rFXyb-rFR9S-qHz9j-ryGFU-rDRcq-rHZPg-rA4J9-rB8rL-ryxs5-rFZuD-tLkR8-ryGQt-Fi8X7-rCZDE-rCViR-rABzN-ryGEo-rHZk8-rEamP-CYyPw-rCY1p-rAGzY-ru5ZU-rC1Rc-rA7TZ-FXeqj-ryGHk-CWSRD-rCW8H-tLjMx-ryyB3-ryHCo\"><img src=\"https://aperture-proxy.p3k.io/012c628fba543f0e37539fd29e22f5406fe54204/68747470733a2f2f6661726d312e737461746963666c69636b722e636f6d2f3138342f3431363434393930385f353066383166663035625f6d2e6a7067\" alt=\"Like Father, Like Son\" width=\"148\" height=\"240\" /></a></p><p>However, a lot of these photos are from free users, and they may have gone over 1000, so the collages will be ruined.</p><p>I'd like to suggest a more subtle heuristic. If images are public, and tagged, and especially if they are creative commons, Flickr should retain them to preserve this archive. If as Don says there are 3% of users with many thousands of photos that are private, they will still be hit by this without enclosing the commons.</p><p>On the creative commons side, the Internet Archive can download those:</p><blockquote>\n<p dir=\"ltr\" lang=\"en\" xml:lang=\"en\">We are definitely thinking creatively and engaging directly with Creative Commons. I love CC. See here: <a href=\"https://t.co/Z9aksDbbSB\"></a><a href=\"https://t.co/Z9aksDbbSB\">https://t.co/Z9aksDbbSB</a></p>\n<p>\u2014 Don MacAskill (@DonMacAskill) <a href=\"https://twitter.com/DonMacAskill/status/1058145086821683200?ref_src=twsrc%5Etfw\">November 1, 2018</a></p>\n</blockquote><p>\n</p><p>As for the pople who want a big private archive of photos for free, send them to Google Photos, who love users like that (and will run machine learning over them for fun and profit).</p><blockquote>\n<p dir=\"ltr\" lang=\"en\" xml:lang=\"en\">Sounds like a great use case for <a href=\"https://datatransferproject.dev/\">datatransferproject.dev/</a> to me - wire that up and let people who want to keep big private photo libraries move off flickr</p>\n<p>\u2014 Kevin Marks (@kevinmarks) <a href=\"https://twitter.com/kevinmarks/status/1058465840511754240?ref_src=twsrc%5Etfw\">November 2, 2018</a></p>\n</blockquote><p>Meanwhile, over in the fediverse,\u00a0<a href=\"https://pixelfed.org/\">pixelfed</a>\u00a0is just getting started.</p>" }, "author": { "type": "card", "name": "Kevin Marks", "url": "http://known.kevinmarks.com/profile/kevinmarks", "photo": "https://aperture-proxy.p3k.io/ed7979fd10a648fc253eae0b54e66fb36e57d3d4/687474703a2f2f6b6e6f776e2e6b6576696e6d61726b732e636f6d2f66696c652f3932353536353636363931373362373836376162383339656536353536663965" }, "post-type": "article", "_id": "1326497", "_source": "205", "_is_read": true }
{ "type": "entry", "published": "2018-11-02T15:21:47-04:00", "url": "https://eddiehinkle.com/2018/11/02/8/note/", "category": [ "tech", "indieweb" ], "syndication": [ "https://micro.blog/EddieHinkle" ], "content": { "text": "Oops! I realized that when I added a new post, the new posts weren't updating my database cache \ud83d\ude01 Hopefully this post updates correctly! \ud83e\udd1e" }, "author": { "type": "card", "name": "Eddie Hinkle", "url": "https://eddiehinkle.com/", "photo": "https://aperture-proxy.p3k.io/cc9591b69c2c835fa2c6e23745b224db4b4b431f/68747470733a2f2f656464696568696e6b6c652e636f6d2f696d616765732f70726f66696c652e6a7067" }, "post-type": "note", "_id": "1324440", "_source": "226", "_is_read": true }
{ "type": "entry", "published": "2018-11-02T13:11:36-04:00", "url": "https://eddiehinkle.com/2018/11/02/7/note/", "category": [ "tech", "indieweb" ], "syndication": [ "https://micro.blog/EddieHinkle", "https://news.indieweb.org/en" ], "content": { "text": "Just flipped the switch and now main feeds on my website are powered by my new database cache and my js server. \ud83e\udd1e Hopefully nothing breaks! Now every feed page should have a JSONFeed, by adding .json even tag pages (ex Apple tag page has a JSONFeed)", "html": "Just flipped the switch and now main feeds on my website are powered by my new database cache and my js server. \ud83e\udd1e Hopefully nothing breaks! Now every feed page should have a JSONFeed, by adding .json even tag pages (ex <a href=\"https://eddiehinkle.com/tag/apple\">Apple tag page</a> has a <a href=\"https://eddiehinkle.com/tag/apple.json\">JSONFeed</a>)" }, "author": { "type": "card", "name": "Eddie Hinkle", "url": "https://eddiehinkle.com/", "photo": "https://aperture-proxy.p3k.io/cc9591b69c2c835fa2c6e23745b224db4b4b431f/68747470733a2f2f656464696568696e6b6c652e636f6d2f696d616765732f70726f66696c652e6a7067" }, "post-type": "note", "_id": "1324070", "_source": "226", "_is_read": true }
{ "type": "entry", "published": "2018-11-01T22:55:35+01:00", "url": "https://david.shanske.com/2018/11/01/syndication-links-4-0-0-released/", "syndication": [ "https://news.indieweb.org/en/david.shanske.com/2018/11/01/syndication-links-4-0-0-released/", "https://twitter.com/dshanske/status/1058115454676426753" ], "name": "Syndication Links 4.0.0 Released", "content": { "text": "Today, from my hotel room in Berlin, Germany, where I am preparing to attend Indiewebcamp Berlin, my first European Indiewebcamp, I released Syndication Links 4.0.0.\nThe major version number change is because in this version, Syndication Links takes on a new role. As promised previously, I\u2019ve built new syndication code and added supported for Bridgy and Indienews, which both uses Webmentions to trigger a syndication action. This is disabled by default.\nAs my first live use outside of testing, I\u2019m using the plugin to send this post to Indienews and Twitter(via Bridgy).\nThe new code adds the concept of a syndication provider, which, when registered, adds the provider as a syndication target for Micropub clients as well as adds it to the WordPress classic editor as a series of checkboxes, er postone for each service.\nThe Bridgy Publish plugin I announced deprecation on had additional options on a per post and a global level. While the global settings will be coming back in a future version, I likely will not bring back the per-post settings.\nInstead, I\u2019d like to add more intelligence behind these decisions, based on other properties of the post. A checkbox is all you should need. The same with auto-syndication. If you decide you want everything to go to Twitter or some site, it shouldn\u2019t check the box\u2026there shouldn\u2019t be a box at all. It should just go, even if there are some more parameters to make that decision\u2026type of post, etc.\nSo, you are either all in, or in on a per post basis.\nI look forward to feedback. This is only the beginning. I hope to do what I did for displaying syndication links, and interface with existing plugins in addition to writing my own integrations.", "html": "Today, from my hotel room in Berlin, Germany, where I am preparing to attend Indiewebcamp Berlin, my first European Indiewebcamp, I released Syndication Links 4.0.0.\n<p>The major version number change is because in this version, Syndication Links takes on a new role. As promised previously, I\u2019ve built new syndication code and added supported for Bridgy and Indienews, which both uses Webmentions to trigger a syndication action. This is disabled by default.</p>\n<p>As my first live use outside of testing, I\u2019m using the plugin to send this post to Indienews and Twitter(via Bridgy).</p>\n<p>The new code adds the concept of a syndication provider, which, when registered, adds the provider as a syndication target for Micropub clients as well as adds it to the WordPress classic editor as a series of checkboxes, er postone for each service.</p>\n<p>The Bridgy Publish plugin I announced deprecation on had additional options on a per post and a global level. While the global settings will be coming back in a future version, I likely will not bring back the per-post settings.</p>\n<p>Instead, I\u2019d like to add more intelligence behind these decisions, based on other properties of the post. A checkbox is all you should need. The same with auto-syndication. If you decide you want everything to go to Twitter or some site, it shouldn\u2019t check the box\u2026there shouldn\u2019t be a box at all. It should just go, even if there are some more parameters to make that decision\u2026type of post, etc.</p>\n<p>So, you are either all in, or in on a per post basis.</p>\n<p>I look forward to feedback. This is only the beginning. I hope to do what I did for displaying syndication links, and interface with existing plugins in addition to writing my own integrations.</p>" }, "author": { "type": "card", "name": "David Shanske", "url": "https://david.shanske.com/", "photo": "https://david.shanske.com/wp-content/uploads/avatar-privacy/cache/gravatar/2/c/2cb1f8afd9c8d3b646b4071c5ed887c970d81d625eeed87e447706940e2c403d-125.png" }, "post-type": "article", "_id": "1317223", "_source": "5", "_is_read": true }
{ "type": "entry", "published": "2018-11-01T17:30:00+01:00", "summary": "Almost two weeks have gone by since the IndieWebCamp in N\u00fcrnberg, and as everyone is gearing up for IWC Berlin it is about time I wrote up what a good time I had and what I did.\nThe good time is simple. It is so energising to meet, in the flesh, with people who have very similar sorts of ideas and who are in addition so much more knowledgeable than I am. Just sitting in on discussions and absorbing what I can makes me feel that much closer to understanding. Being occasionally able to make a useful contribution is also rewarding. Even a couple of days is very worthwhile, and this being my second IWC I felt much more relaxed about knowing the ropes and some of the people.\nMore this way ...", "url": "https://www.jeremycherfas.net/blog/indiewebcamp-nurnberg-2018", "name": "IndieWebCamp N\u00fcrnberg 2018", "content": { "text": "Almost two weeks have gone by since the IndieWebCamp in N\u00fcrnberg, and as everyone is gearing up for IWC Berlin it is about time I wrote up what a good time I had and what I did.\nThe good time is simple. It is so energising to meet, in the flesh, with people who have very similar sorts of ideas and who are in addition so much more knowledgeable than I am. Just sitting in on discussions and absorbing what I can makes me feel that much closer to understanding. Being occasionally able to make a useful contribution is also rewarding. Even a couple of days is very worthwhile, and this being my second IWC I felt much more relaxed about knowing the ropes and some of the people.\n\n More this way ...", "html": "<p>Almost two weeks have gone by since the IndieWebCamp in N\u00fcrnberg, and as everyone is gearing up for IWC Berlin it is about time I wrote up what a good time I had and what I did.</p>\n<p>The good time is simple. It is so energising to meet, in the flesh, with people who have very similar sorts of ideas and who are in addition so much more knowledgeable than I am. Just sitting in on discussions and absorbing what I can makes me feel that much closer to understanding. Being occasionally able to make a useful contribution is also rewarding. Even a couple of days is very worthwhile, and this being my second IWC I felt much more relaxed about knowing the ropes and some of the people.</p>\n\n <p><a href=\"https://www.jeremycherfas.net/blog/indiewebcamp-nurnberg-2018\">More this way ...</a></p>" }, "author": { "type": "card", "name": "Jeremy Cherfas", "url": "https://jeremycherfas.net", "photo": "https://aperture-proxy.p3k.io/d86af7b89af940fd08d45409035f1d24a547840a/68747470733a2f2f7777772e6a6572656d79636865726661732e6e65742f757365722f706c7567696e732f61626f75746d652f6173736574732f617661746172732f7a6f6f742e6a7067" }, "post-type": "article", "_id": "1314423", "_source": "202", "_is_read": true }
{ "type": "entry", "published": "2018-11-01T12:37:50+10:00", "url": "https://unicyclic.com/mal/2018-11-01-httpsunicycliccomindieweb_is_great_reading_at", "syndication": [ "https://twitter.com/malcolmblaney/status/1057824024305324032" ], "content": { "text": "https://unicyclic.com/indieweb is great reading at the moment, but got some serious Berlin FOMO...", "html": "<a href=\"https://unicyclic.com/indieweb\">https://unicyclic.com/indieweb</a> is great reading at the moment, but got some serious Berlin FOMO...<a href=\"https://brid.gy/publish/twitter?bridgy_omit_link=true\"></a><a href=\"https://twitter.com/malcolmblaney/status/1057824024305324032\" class=\"u-syndication\"></a>" }, "author": { "type": "card", "name": "Malcolm Blaney", "url": "https://unicyclic.com/mal", "photo": "https://aperture-proxy.p3k.io/4f46272c0027449ced0d7cf8de31ea1bec37210e/68747470733a2f2f756e696379636c69632e636f6d2f6d616c2f7075626c69632f70726f66696c655f736d616c6c5f7468756d622e706e67" }, "post-type": "note", "_id": "1313241", "_source": "243", "_is_read": true }
{ "type": "entry", "published": "2018-10-31T22:17:02+01:00", "url": "https://aaronparecki.com/2018/10/31/32/indieweb", "category": [ "indieweb" ], "content": { "text": "If you're in Berlin, a few of us who are here early for IndieWebCamp will be meeting at Estate Coffee at 10am on Thursday to get a head start on some hacking on our websites! \n\nMeet at 10am, we'll work there til about 1pm, then find lunch, then probably find another coffee shop or bar to work from in the afternoon! \n\nMore updates here: https://aaronparecki.com/2018/11/01/1/ and https://indieweb.org/2018/Berlin#Adjacent_Events", "html": "If you're in Berlin, a few of us who are here early for IndieWebCamp will be meeting at Estate Coffee at 10am on Thursday to get a head start on some hacking on our websites! <br /><br />Meet at 10am, we'll work there til about 1pm, then find lunch, then probably find another coffee shop or bar to work from in the afternoon! <br /><br />More updates here: <a href=\"https://aaronparecki.com/2018/11/01/1/\"><span>https://</span>aaronparecki.com/2018/11/01/1/</a> and <a href=\"https://indieweb.org/2018/Berlin#Adjacent_Events\"><span>https://</span>indieweb.org/2018/Berlin#Adjacent_Events</a>" }, "author": { "type": "card", "name": "Aaron Parecki", "url": "https://aaronparecki.com/", "photo": "https://aperture-media.p3k.io/aaronparecki.com/2b8e1668dcd9cfa6a170b3724df740695f73a15c2a825962fd0a0967ec11ecdc.jpg" }, "post-type": "note", "_id": "1309054", "_source": "16", "_is_read": true }
I'm giving my first tech talk next week, “An Introduction to Microformats.” Thanks to @SDPHP for giving me the opportunity! https://gregorlove.com/2018/11/an-introduction-to-microformats/
{ "type": "entry", "published": "2018-10-31 11:45-0700", "url": "https://gregorlove.com/2018/10/im-giving-my-first-tech/", "syndication": [ "https://twitter.com/gRegorLove/status/1057705266408550400" ], "content": { "text": "I'm giving my first tech talk next week, \u201cAn Introduction to Microformats.\u201d Thanks to @SDPHP for giving me the opportunity! https://gregorlove.com/2018/11/an-introduction-to-microformats/", "html": "<p>I'm giving my first tech talk next week, \u201cAn Introduction to Microformats.\u201d Thanks to @SDPHP for giving me the opportunity! <a href=\"https://gregorlove.com/2018/11/an-introduction-to-microformats/\">https://gregorlove.com/2018/11/an-introduction-to-microformats/</a></p>" }, "author": { "type": "card", "name": "gRegor Morrill", "url": "https://gregorlove.com/", "photo": "https://aperture-proxy.p3k.io/929c8777d059069a2a16a064d96f4c29b65548f8/68747470733a2f2f677265676f726c6f76652e636f6d2f736974652f6173736574732f66696c65732f333437332f70726f66696c652d323031362d6d65642e6a7067" }, "post-type": "note", "_id": "1308184", "_source": "95", "_is_read": true }
{ "type": "entry", "published": "2018-10-31T03:21:17+00:00", "url": "https://cleverdevil.io/2018/for-those-of-you-that-have-been", "category": [ "Indiepaper", "Micropub", "IndieWeb" ], "syndication": [ "https://twitter.com/cleverdevil/status/1057472556767371264" ], "content": { "text": "For those of you that have been asking, #Indiepaper for iOS is on the way, thanks to @EddieHinkle. Soon, you\u2019ll be able to save content for later using #Micropub natively on iOS. We are just waiting on Apple! #IndieWeb", "html": "For those of you that have been asking, <a href=\"https://cleverdevil.io/tag/Indiepaper\" class=\"p-category\">#Indiepaper</a> for iOS is on the way, thanks to @EddieHinkle. Soon, you\u2019ll be able to save content for later using <a href=\"https://cleverdevil.io/tag/Micropub\" class=\"p-category\">#Micropub</a> natively on iOS. We are just waiting on Apple! <a href=\"https://cleverdevil.io/tag/IndieWeb\" class=\"p-category\">#IndieWeb</a>" }, "author": { "type": "card", "name": "Jonathan LaCour", "url": "https://cleverdevil.io/profile/cleverdevil", "photo": "https://aperture-proxy.p3k.io/77e5d6e5871324c43aebf2e3e7a5553e14578f66/68747470733a2f2f636c65766572646576696c2e696f2f66696c652f66646263373639366135663733383634656131316138323863383631653133382f7468756d622e6a7067" }, "post-type": "note", "_id": "1303274", "_source": "71", "_is_read": true }
{ "type": "entry", "published": "2018-10-30 18:20-0700", "rsvp": "yes", "url": "http://tantek.com/2018/303/t2/indiewebcamp-berlin-this-weekend", "in-reply-to": [ "https://jkphl.is/events/indiewebcamp-berlin-2018/" ], "content": { "text": "co-organizing IndieWebCamp Berlin 2018 this weekend @MozillaBerlin!\n\nLooking forward to catching up with @jkphl, @ioctaptceb, and everyone else.\n\nStill a few spots left if you can be in Berlin Nov 3-4!\nTickets: http://jk.is/iwcber2018\nMore info: https://indieweb.org/2018/Berlin", "html": "co-organizing IndieWebCamp Berlin 2018 this weekend <a class=\"h-cassis-username\" href=\"https://twitter.com/MozillaBerlin\">@MozillaBerlin</a>!<br /><br />Looking forward to catching up with <a class=\"h-cassis-username\" href=\"https://twitter.com/jkphl\">@jkphl</a>, <a class=\"h-cassis-username\" href=\"https://twitter.com/ioctaptceb\">@ioctaptceb</a>, and everyone else.<br /><br />Still a few spots left if you can be in Berlin Nov 3-4!<br />Tickets: <a href=\"http://jk.is/iwcber2018\">http://jk.is/iwcber2018</a><br />More info: <a href=\"https://indieweb.org/2018/Berlin\">https://indieweb.org/2018/Berlin</a>" }, "author": { "type": "card", "name": "Tantek \u00c7elik", "url": "http://tantek.com/", "photo": "https://aperture-media.p3k.io/tantek.com/acfddd7d8b2c8cf8aa163651432cc1ec7eb8ec2f881942dca963d305eeaaa6b8.jpg" }, "post-type": "rsvp", "refs": { "https://jkphl.is/events/indiewebcamp-berlin-2018/": { "type": "entry", "url": "https://jkphl.is/events/indiewebcamp-berlin-2018/", "name": "jkphl.is\u2019s post", "post-type": "article" } }, "_id": "1303039", "_source": "1", "_is_read": true }
{ "type": "entry", "published": "2018-10-29T11:31:44+10:00", "url": "https://unicyclic.com/mal/2018-10-29-Hacking_on_the_IndieWeb", "photo": [ "https://aperture-proxy.p3k.io/e91f16bd9b940e875b35b7e0444cb1e5449f4af7/68747470733a2f2f756e696379636c69632e636f6d2f6d616c2f7075626c69632f6d6f6e6f636c652d6c6f67696e2e706e67", "https://aperture-proxy.p3k.io/4c46e4d3782ad6501382e82f2f8822b047a6136e/68747470733a2f2f756e696379636c69632e636f6d2f6d616c2f7075626c69632f7265616465722d73637265656e73686f742d312e706e67", "https://aperture-proxy.p3k.io/916df5d6fbf12a00c393442d233b9159666764b8/68747470733a2f2f756e696379636c69632e636f6d2f6d616c2f7075626c69632f7265616465722d73637265656e73686f742d322e706e67" ], "name": "Hacking on the IndieWeb", "content": { "text": "Finally found some time recently to work on projects I started at IndieWeb Summit 2018 in Portland. I say projects (plural) because I did just keep starting stuff based on different talks or chats that were going on... possibly not the best way to develop new features!\n\n\nBut anyone doing a deep dive on the \"IndieWeb Stack\" is going to notice that there's a huge number of features or protocols they might want to add or support, so where to start? I think wherever inspiration or enthusiasm hits is probably a good idea, so for me that was adding IndieAuth support to win a copy of Aaron's book, OAuth 2.0 Simplified. I also hacked in support for Microsub to my website, because you know, when you're talking about protocols anyway you might as well try and support those protocols.\n\n\nThat brings me to hacking on the IndieWeb. I already had a bunch of code in place, because there are already external services for adding things like IndieAuth support. The cool thing about hacking on new features is that you can swap out one thing at a time. This means even though the list of things you might want to add to your website is quite daunting, you can do this piece by piece.\n\n\nSo I switched over to my home grown authorization endpoint during the summit, and even though it was pretty clunky, never switched back. Having your own endpoint means no more RelMeAuth lookups, so it saves a few seconds when logging in to other sites. But since I was nowhere near finished my projects after the summit, this meant I was still using Aaron's token endpoint. And it's great that this still just works! A few months have gone by and I've now added my own token endpoint to Dobrado, but I'm very thankful to Aaron for providing services to use while we find the time to write our own.\n\n\nI've now also got better Microsub support, so if you've got an account on unicyclic.com you can log in to other readers like Monocle and see your feed there. Again it's not finished but it's nice to see progress as you complete smaller tasks (like h-app support):\n\n\n\n\nI've also cleaned up my own reader interface. There's just too many other nice looking IndieWeb readers these days, so need to try and keep up with how good things are getting! ;-)\n\n\n\n\n\n\u00a0", "html": "Finally found some time recently to work on projects I started at <a href=\"https://2018.indieweb.org/\">IndieWeb Summit 2018</a> in Portland. I say <em>projects</em> (plural) because I did just keep starting stuff based on different talks or chats that were going on... possibly not the best way to develop new features!<br /><br />\nBut anyone doing a deep dive on the \"IndieWeb Stack\" is going to notice that there's a huge number of features or protocols they might want to add or support, so where to start? I think wherever inspiration or enthusiasm hits is probably a good idea, so for me that was adding <a href=\"https://indieauth.net/\">IndieAuth</a> support to win a copy of <a href=\"https://aaronparecki.com/\">Aaron's</a> book, <a href=\"https://oauth2simplified.com/\">OAuth 2.0 Simplified</a>. I also hacked in support for <a href=\"https://indieweb.org/Microsub\">Microsub</a> to my website, because you know, when you're talking about protocols anyway you might as well try and support those protocols.<br /><br />\nThat brings me to hacking on the IndieWeb. I already had a bunch of code in place, because there are already <a href=\"https://indieauth.com/\">external services for adding things like IndieAuth support</a>. The cool thing about hacking on new features is that you can swap out one thing at a time. This means even though the list of things you <em>might</em> want to add to your website is quite daunting, you can do this piece by piece.<br /><br />\nSo I switched over to my home grown authorization endpoint during the summit, and even though it was pretty clunky, never switched back. Having your own endpoint means no more <a href=\"https://indieweb.org/RelMeAuth\">RelMeAuth</a> lookups, so it saves a few seconds when logging in to other sites. But since I was nowhere near finished my projects after the summit, this meant I was still using Aaron's token endpoint. And it's great that this still just works! A few months have gone by and I've now added my own token endpoint to <a href=\"https://dobrado.net\">Dobrado</a>, but I'm very thankful to Aaron for providing services to use while we find the time to write our own.<br /><br />\nI've now also got better Microsub support, so if you've got an account on <a href=\"https://unicyclic.com\">unicyclic.com</a> you can log in to other readers like Monocle and see your feed there. Again it's not finished but it's nice to see progress as you complete smaller tasks (like h-app support):<br /><br /><br /><br />\nI've also cleaned up my own reader interface. There's just too many other nice looking IndieWeb readers these days, so need to try and keep up with how good things are getting! ;-)<br /><br /><br /><br /><br />\n\u00a0" }, "author": { "type": "card", "name": "Malcolm Blaney", "url": "https://unicyclic.com/mal", "photo": "https://aperture-proxy.p3k.io/4f46272c0027449ced0d7cf8de31ea1bec37210e/68747470733a2f2f756e696379636c69632e636f6d2f6d616c2f7075626c69632f70726f66696c655f736d616c6c5f7468756d622e706e67" }, "post-type": "photo", "_id": "1287481", "_source": "243", "_is_read": true }
{ "type": "entry", "author": { "name": null, "url": "https://herestomwiththeweather.com/", "photo": null }, "url": "https://herestomwiththeweather.com/2018/10/28/iiw-27-notes/", "published": "2018-10-28T16:00:41+00:00", "content": { "html": "<p>Last week was a particularly good <a href=\"http://www.internetidentityworkshop.com/\">Internet Identity Workshop</a> and I\u2019m looking forward to reading the <a href=\"http://iiw.idcommons.net/IIW_27_Session_Notes\">session notes</a> as they are published.</p>\n\n<p>Tuesday morning\u2019s icebreaker question was \u201cwhat was your first a-ha! moment in identity?\u201d I can recall a few I had in early 2001 and one was reading Simson Garfinkel\u2019s <a href=\"https://www.goodreads.com/book/show/846498.Database_Nation\">Database Nation</a>. After the opening circle, I attended a <a href=\"https://sovrin.org/\">Sovrin Network</a> demo (see Johannes Ernst\u2019s <a href=\"https://upon2020.com/blog/2018/10/pondrin-sovrin/\">post</a>) and some 101 sessions.</p>\n\n<p><img src=\"https://aperture-proxy.p3k.io/21dde878b138e710b1535762add76185d3ecf240/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f737461726b2d6d6f6f6e2d34362f696d616765732f6669646f5f3130312e6a7067\" alt=\"FIDO 101\" />\nAt the FIDO 101 session, Chris Streeks described the SMS 2-step verification phishing attack where a victim submits login creds to a fake web page and is redirected to another fake web page to enter the SMS code. Meanwhile, the attacker passes the victim\u2019s login creds to the real site which triggers the SMS message so that the victim submits SMS code to the attacker\u2019s fake website. FIDO 2 was also discussed which addresses fake keys and also supports origin bound keys. <a href=\"https://www.yubico.com/2018/09/introducing-the-yubikey-5-series-with-new-nfc-and-fido2-passwordless-features/\">Yubikey 5</a> supports FIDO 2. One feature that was new to me is \u201cpasswordless authentication.\u201d If your threat model includes the attacker having your key, it seems you do not want this. However, I see that there is an option to add a PIN to unlock the key.</p>\n\n<p><img src=\"https://aperture-proxy.p3k.io/fecb3c4e35acd323e3dc7ec1279ca01ed6cb3063/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f737461726b2d6d6f6f6e2d34362f696d616765732f73656c665f736f7665726569676e2e6a7067\" alt=\"Self-Sovereign Identity 101\" />\nAt the Self-Sovereign Identity 101 session, Kaliya Hamlin and Heather Vescent answered questions like \u201cHow do I show up with my identity?\u201d and \u201cHow do I control my identifier?\u201d and explained that no one can take your DID (decentralized identifier) away from you. I asked whether interoperability with the DID spec is a requirement to being a self-sovereign system. There didn\u2019t seem to be consensus.</p>\n\n<p>The first session I attended was \u201cBeyond OAuth: Transactional Authz\u201d by Justin Richer. This session was related to the article <a href=\"https://medium.com/@justinsecurity/moving-on-from-oauth-2-629a00133ade\">Moving On from OAuth 2?</a> and the Identiverse video <a href=\"https://www.youtube.com/watch?v=OLwz7pIXOWQ&t=6s\">What\u2019s Wrong with Oauth 2?</a>. The main idea was how, if we throw compatibility out, can we fix the problem of putting all those parameters in the front channel of OAuth 2.</p>\n\n<p>Then I attended Aaron Parecki\u2019s \u201cOAuth for Single-Page Apps\u201d and the idea was fixing OAuth in a compatible way so that single page apps don\u2019t have to return an access token in the front channel as that is susceptible to interception and replay attacks. Torsten L. mentioned that the notion of a nonce was not defined in the OAuth 2 spec which is why there is the PKCE document.</p>\n\n<p><img src=\"https://aperture-proxy.p3k.io/39e3082240b31759672ae0c05d7c4ab2b7db6055/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f737461726b2d6d6f6f6e2d34362f696d616765732f75626f73626f782e6a7067\" alt=\"UBOSBox\" />\nPart of Wednesday is speed demo hour and it was nice to see the UBOSbox from <a href=\"https://indiecomputing.com/\">Indie Computing</a> in person. If you have grown weary of the cloud, the UBOSbox is a nice alternative. It runs in your home and the software is open source.</p>\n\n<p><img src=\"https://aperture-proxy.p3k.io/c5537db97e89f4da9099443f7290fb530496b8b8/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f737461726b2d6d6f6f6e2d34362f696d616765732f7965735f69642e6a7067\" alt=\"Yes-ID\" />\nGoing back to IIW8, there was a session on <a href=\"http://iiw.idcommons.net/Financial_Institutions_as_Identity_Providers\">Financial Institutions as Identity Providers</a> but concern was expressed that banks might not want to deal with liability in case of mistakes. That is why I found the <a href=\"https://www.yes.com/\">yes ID</a> demo interesting. It is German only but it <a href=\"http://iiw.idcommons.net/IIW_27_Demo_Hour\">enables bank customers to use their online banking accounts for conducting various digital transactions, such as login, registration, identification, payment and signing.</a></p>\n\n<p><img src=\"https://aperture-proxy.p3k.io/5844fff4f49d44e5084b374b608ce7d74faab461/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f737461726b2d6d6f6f6e2d34362f696d616765732f6f617574685f6f70656e5f7765622e6a7067\" alt=\"OAuth for the Open Web\" />\nThe last Wednesday session I attended was \u201cMaking OAuth Work on the Open Web\u201d which is related to Aaron Parecki\u2019s article <a href=\"https://aaronparecki.com/2018/07/07/7/oauth-for-the-open-web\">OAuth for the Open Web</a>. Current identity standards on OAuth 2 are <a href=\"http://www.windley.com/archives/2016/05/i_am_sybil.shtml\">administrative identity systems</a> as they are built to administer identity in a specific domain. <a href=\"https://indieauth.net/\">IndieAuth</a> is an extension of OAuth 2 with a shared global namespace. Also, there was a particular focus on solving the problem of devs needing to preregister their client app on many instances of OAuth providers (for instance, Mastodon). Aaron described using the client app\u2019s url as the client id which seems like a good solution.</p>\n\n<p>On Thursday, in the \u201cOAuth Security 4 Dummies\u201d session, redirect url matching attack was mentioned and how you can drastically reduce your attack surface if you require exact matching for redirect urls. Otherwise, you better be extremely confident about the model for your entire domain. There was excitement expressed about Justin\u2019s proposal mentioned earlier. It was noted that scopes generally don\u2019t restrict by resource and it would be nice to have something in addition to scopes for this.</p>\n\n<p>I also attended \u201cConsent Management: Receipts, Practices, Standards\u201d which is related to the <a href=\"https://kantarainitiative.org/\">Kantara Initiative</a>. There was a lot of good info but I\u2019ll just mention two good questions to consider: \u201cRevocation of consent - where is your page where a user can revoke data herself?\u201d and \u201cHow should the consent UX be different for connecting to wifi versus giving up my contacts?\u201d</p>\n\n<p>Thanks to Kaliya Hamlin, Phil Windley, Doc Searls and Heidi Nobantu Saul for another great IIW!</p>", "text": "Last week was a particularly good Internet Identity Workshop and I\u2019m looking forward to reading the session notes as they are published.\n\nTuesday morning\u2019s icebreaker question was \u201cwhat was your first a-ha! moment in identity?\u201d I can recall a few I had in early 2001 and one was reading Simson Garfinkel\u2019s Database Nation. After the opening circle, I attended a Sovrin Network demo (see Johannes Ernst\u2019s post) and some 101 sessions.\n\n\nAt the FIDO 101 session, Chris Streeks described the SMS 2-step verification phishing attack where a victim submits login creds to a fake web page and is redirected to another fake web page to enter the SMS code. Meanwhile, the attacker passes the victim\u2019s login creds to the real site which triggers the SMS message so that the victim submits SMS code to the attacker\u2019s fake website. FIDO 2 was also discussed which addresses fake keys and also supports origin bound keys. Yubikey 5 supports FIDO 2. One feature that was new to me is \u201cpasswordless authentication.\u201d If your threat model includes the attacker having your key, it seems you do not want this. However, I see that there is an option to add a PIN to unlock the key.\n\n\nAt the Self-Sovereign Identity 101 session, Kaliya Hamlin and Heather Vescent answered questions like \u201cHow do I show up with my identity?\u201d and \u201cHow do I control my identifier?\u201d and explained that no one can take your DID (decentralized identifier) away from you. I asked whether interoperability with the DID spec is a requirement to being a self-sovereign system. There didn\u2019t seem to be consensus.\n\nThe first session I attended was \u201cBeyond OAuth: Transactional Authz\u201d by Justin Richer. This session was related to the article Moving On from OAuth 2? and the Identiverse video What\u2019s Wrong with Oauth 2?. The main idea was how, if we throw compatibility out, can we fix the problem of putting all those parameters in the front channel of OAuth 2.\n\nThen I attended Aaron Parecki\u2019s \u201cOAuth for Single-Page Apps\u201d and the idea was fixing OAuth in a compatible way so that single page apps don\u2019t have to return an access token in the front channel as that is susceptible to interception and replay attacks. Torsten L. mentioned that the notion of a nonce was not defined in the OAuth 2 spec which is why there is the PKCE document.\n\n\nPart of Wednesday is speed demo hour and it was nice to see the UBOSbox from Indie Computing in person. If you have grown weary of the cloud, the UBOSbox is a nice alternative. It runs in your home and the software is open source.\n\n\nGoing back to IIW8, there was a session on Financial Institutions as Identity Providers but concern was expressed that banks might not want to deal with liability in case of mistakes. That is why I found the yes ID demo interesting. It is German only but it enables bank customers to use their online banking accounts for conducting various digital transactions, such as login, registration, identification, payment and signing.\n\n\nThe last Wednesday session I attended was \u201cMaking OAuth Work on the Open Web\u201d which is related to Aaron Parecki\u2019s article OAuth for the Open Web. Current identity standards on OAuth 2 are administrative identity systems as they are built to administer identity in a specific domain. IndieAuth is an extension of OAuth 2 with a shared global namespace. Also, there was a particular focus on solving the problem of devs needing to preregister their client app on many instances of OAuth providers (for instance, Mastodon). Aaron described using the client app\u2019s url as the client id which seems like a good solution.\n\nOn Thursday, in the \u201cOAuth Security 4 Dummies\u201d session, redirect url matching attack was mentioned and how you can drastically reduce your attack surface if you require exact matching for redirect urls. Otherwise, you better be extremely confident about the model for your entire domain. There was excitement expressed about Justin\u2019s proposal mentioned earlier. It was noted that scopes generally don\u2019t restrict by resource and it would be nice to have something in addition to scopes for this.\n\nI also attended \u201cConsent Management: Receipts, Practices, Standards\u201d which is related to the Kantara Initiative. There was a lot of good info but I\u2019ll just mention two good questions to consider: \u201cRevocation of consent - where is your page where a user can revoke data herself?\u201d and \u201cHow should the consent UX be different for connecting to wifi versus giving up my contacts?\u201d\n\nThanks to Kaliya Hamlin, Phil Windley, Doc Searls and Heidi Nobantu Saul for another great IIW!" }, "name": "IIW 27 Notes", "post-type": "article", "_id": "1286977", "_source": "246", "_is_read": true }
I love this example of paying it forward:
{ "type": "entry", "published": "2018-10-28T19:10:15Z", "url": "https://adactio.com/links/14458", "category": [ "serviceworkers", "debugging", "browsers", "safari", "video", "frontend", "development", "playback", "blogging", "sharing", "bugs" ], "bookmark-of": [ "https://ruk.ca/content/phil-nash-and-jeremy-keith-save-safari-video-playback-day" ], "content": { "text": "Phil Nash and Jeremy Keith Save the Safari Video Playback Day\n\n\n\nI love this example of paying it forward:\n\n\nPhil Nash wrote a post on his site that really helped me, so\n\nI wrote a post on my site, which helped Peter, so\nPeter wrote this post on his site, which showed up via webmention on my site, and now\nthis post will help somebody else \u2026who I hope will write about it.", "html": "<h3>\n<a class=\"p-name u-bookmark-of\" href=\"https://ruk.ca/content/phil-nash-and-jeremy-keith-save-safari-video-playback-day\">\nPhil Nash and Jeremy Keith Save the Safari Video Playback Day\n</a>\n</h3>\n\n<p>I love this example of paying it forward:</p>\n\n<ul><li>\n<a href=\"https://philna.sh/blog/2018/10/23/service-workers-beware-safaris-range-request/\">Phil Nash wrote a post on his site</a> that really helped me, so</li>\n<li>\n<a href=\"https://adactio.com/journal/14452\">I wrote a post on my site</a>, which helped Peter, so</li>\n<li>Peter wrote this post on his site, <a href=\"https://adactio.com/journal/14452#comment64243\">which showed up via webmention on my site</a>, and now</li>\n<li>this post will help somebody else \u2026who I hope will write about it.</li>\n</ul>" }, "post-type": "bookmark", "_id": "1284432", "_source": "2", "_is_read": true }
{ "type": "event", "name": "#MozFest: Decentralized Web Standards: From ActivityPub to Webmention", "summary": "Come discuss the alternative web protocols and standards that can enable the decentralized future we want to see. On Guidebook Wiki: indieweb/2018-10-27-mozfest\nRSVP: post an indie RSVP on your own site!", "published": "2018-10-28 07:00-0700", "start": "2018-10-28 14:00-0700", "end": "2018-10-28 15:00-0700", "url": "http://tantek.com/2018/301/e1/mozfest-decentralized-web-standards", "location": [ "https://mozillafestival.org/" ], "content": { "text": "When: 2018-10-28 14:00\u202615:00\nWhere: MozFest\n\nHost: Tantek \u00c7elik\n\n\n\nCome discuss the alternative web protocols and standards that can enable the decentralized future we want to see.\n\nOn Guidebook\n\nWiki: indieweb/2018-10-27-mozfest\n\n\nRSVP: post an indie RSVP on your own site!", "html": "<p>\nWhen: <time class=\"dt-start\">2018-10-28 14:00</time>\u2026<time class=\"dt-end\">15:00</time><span>\nWhere: <a class=\"u-location h-card\" href=\"https://mozillafestival.org/\">MozFest</a>\n</span>\nHost: <a class=\"u-organizer h-card\" href=\"http://tantek.com/\">Tantek \u00c7elik</a>\n</p>\n\n<p>\nCome discuss the alternative web protocols and standards that can enable the decentralized future we want to see.\n</p>\n<ul><li>On <a href=\"https://guidebook.com/guide/147793/event/21982867/\">Guidebook</a>\n</li>\n<li>Wiki: <a href=\"https://indieweb.org/events/2018-10-27-mozfest\">indieweb/2018-10-27-mozfest</a>\n</li>\n</ul><p>\nRSVP: post an <a href=\"https://indieweb.org/rsvp\">indie RSVP</a> on your own site!\n</p>" }, "post-type": "event", "refs": { "https://mozillafestival.org/": { "type": "card", "name": "MozFest", "url": "https://mozillafestival.org/", "photo": null } }, "_id": "1283349", "_source": "1", "_is_read": true }
{ "type": "entry", "published": "2018-10-27T19:23:40-04:00", "url": "https://david.shanske.com/2018/10/27/simple-location-version-3-4-0-released/", "syndication": [ "https://twitter.com/dshanske/status/1056325603677388801", "https://news.indieweb.org/en/david.shanske.com/2018/10/27/simple-location-version-3-4-0-released/" ], "name": "Simple Location Version 3.4.0 Released", "content": { "text": "I released a new version of Simple Location this evening. I had to start this project, moving it up my list of things to do because Nominatim started blocking me. I used Nominatim for looking up addresses from coordinates.\nBecause of that, I completely rewrote the system that registers new location providers so I could more easily create new ones.\nThe Nominatim provider has been switched to now use the Nominatim API provided by MapQuest(Yes, they are still around).\nYou can now use Bing and Google to lookup addresses from coordinates\nBing, Google, and Mapquest will now fill in elevation/altitude data on posts if not supplied during lookup, based on their APIs for this.\nAltitude will display if it is over 500 meters. So, right now, basically if I post on a plane.\nLocation visibility, which is a feature now built into at least one Micropub client, has been enhanced in here. It should work more reliably now.\nMapquest and HERE are new static map providers.\nThe conflict with the Jetpack plugin, which added location services in 2017 unknown to me, has been resolved.\u00a0 If you activate this plugin, it unloads the conflicting Jetpack module.\nIf there is no address to display, it will now display the coordinates.\nDark Sky is now an alternate weather provider. I was going to add Weather Underground as well, but they apparently shut down their API.\nWhen publishing using Micropub, if coordinates are provided, it automatically generates a display address if none is provided and stores the current weather conditions.\nThe default location visibility checkbox now offers any three of the visibility options\u2026 Private, Public, or Protected. Protected is show the display address but not the map or the coordinates.\nWhat\u2019s next for this plugin? Well, better logic around location visibility. Right now, if you do not set it, it goes to a global default.\nSo, I\u2019d like to include geofencing. That would be a list of zones. Zones would be a location with a radius around it that if you are inside, it would automatically set to protected and/or replace the address with a generic one. For example, if you are within 50 meters of home, it would always use a pre-identified location of \u2018Home\u2019 and/or default to a city level description.\nThe plugin supports Location providers other than the browser. This means that the plugin could query a server to get the current location of the user.\nHowever, there aren\u2019t any I\u2019ve implemented yet really. But this would allow me to query an API to get my location, which has a lot of potential in future, especially if I want to look up my historical location.\nFor example, I\u2019ve let Google store some of my location history since March of 2013. There is no API I know of to poll the data, but you can export it. I would just have to find a place to import it to. 6 years, 50mb of data. If I had some way to load it up, query it by date and time, I would be able to add location to all posts and photos that didn\u2019t have it, based on the location of my phone at the time the post was made.\nI already have a program on my phone that sends my location periodically to my home automation system, but I\u2019d have to try something different to store historical data. There are several options for this. I\u2019m tempted to write something into WordPress, as I have a tendency to build things into my website. Not sure if there is an off the shelf project to suit my needs, though I\u2019ve looked at Aaron Parecki\u2019s Compass. I could build similar functionality into my site to accommodate this, but I think I need something that both my house and my website can query.\nEither way, look to see me testing this on my upcoming trip to Indiewebcamp Berlin.\n\u00a0\n\u00a0\n\u00a0", "html": "I released a new version of Simple Location this evening. I had to start this project, moving it up my list of things to do because Nominatim started blocking me. I used Nominatim for looking up addresses from coordinates.\n<p>Because of that, I completely rewrote the system that registers new location providers so I could more easily create new ones.</p>\n<ul><li>The Nominatim provider has been switched to now use the Nominatim API provided by MapQuest(Yes, they are still around).</li>\n<li>You can now use Bing and Google to lookup addresses from coordinates</li>\n<li>Bing, Google, and Mapquest will now fill in elevation/altitude data on posts if not supplied during lookup, based on their APIs for this.</li>\n<li>Altitude will display if it is over 500 meters. So, right now, basically if I post on a plane.</li>\n<li>Location visibility, which is a feature now built into at least one Micropub client, has been enhanced in here. It should work more reliably now.</li>\n<li>Mapquest and HERE are new static map providers.</li>\n<li>The conflict with the Jetpack plugin, which added location services in 2017 unknown to me, has been resolved.\u00a0 If you activate this plugin, it unloads the conflicting Jetpack module.</li>\n<li>If there is no address to display, it will now display the coordinates.</li>\n<li>Dark Sky is now an alternate weather provider. I was going to add Weather Underground as well, but they apparently shut down their API.</li>\n<li>When publishing using Micropub, if coordinates are provided, it automatically generates a display address if none is provided and stores the current weather conditions.</li>\n<li>The default location visibility checkbox now offers any three of the visibility options\u2026 Private, Public, or Protected. Protected is show the display address but not the map or the coordinates.</li>\n</ul><p>What\u2019s next for this plugin? Well, better logic around location visibility. Right now, if you do not set it, it goes to a global default.</p>\n<p>So, I\u2019d like to include geofencing. That would be a list of zones. Zones would be a location with a radius around it that if you are inside, it would automatically set to protected and/or replace the address with a generic one. For example, if you are within 50 meters of home, it would always use a pre-identified location of \u2018Home\u2019 and/or default to a city level description.</p>\n<p>The plugin supports Location providers other than the browser. This means that the plugin could query a server to get the current location of the user.</p>\n<p>However, there aren\u2019t any I\u2019ve implemented yet really. But this would allow me to query an API to get my location, which has a lot of potential in future, especially if I want to look up my historical location.</p>\n<p>For example, I\u2019ve let Google store some of my location history since March of 2013. There is no API I know of to poll the data, but you can export it. I would just have to find a place to import it to. 6 years, 50mb of data. If I had some way to load it up, query it by date and time, I would be able to add location to all posts and photos that didn\u2019t have it, based on the location of my phone at the time the post was made.</p>\n<p>I already have a program on my phone that sends my location periodically to my home automation system, but I\u2019d have to try something different to store historical data. There are several options for this. I\u2019m tempted to write something into WordPress, as I have a tendency to build things into my website. Not sure if there is an off the shelf project to suit my needs, though I\u2019ve looked at Aaron Parecki\u2019s Compass. I could build similar functionality into my site to accommodate this, but I think I need something that both my house and my website can query.</p>\n<p>Either way, look to see me testing this on my upcoming trip to Indiewebcamp Berlin.</p>\n<p>\u00a0</p>\n<p>\u00a0</p>\n<p>\u00a0</p>" }, "author": { "type": "card", "name": "David Shanske", "url": "https://david.shanske.com/", "photo": "https://david.shanske.com/wp-content/uploads/avatar-privacy/cache/gravatar/2/c/2cb1f8afd9c8d3b646b4071c5ed887c970d81d625eeed87e447706940e2c403d-125.png" }, "post-type": "article", "_id": "1281470", "_source": "5", "_is_read": true }