Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mitra.social/objects/0188ac3f-6bbf-b3e1-1774-b904d24d80d4">silverpill (silverpill@mitra.social)'s status on Monday, 12-Jun-2023 06:00:20 JST</a><a href="https://mitra.social/users/silverpill" title="silverpill@mitra.social"><img src="https://gnusocial.jp/avatar/85321-48-20230105202807.webp" width="48" height="48" alt="silverpill" style="position: absolute; left: 0; top: 0;">silverpill</a><div><a href="https://floss.social/@forgefed/110526944713344935" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://floss.social/@forgefed">@forgefed</a></p><p>&gt;It seemed that Fediverse apps are mostly in the field of personal content publishing and sharing, and ForgeFed is almost alone trying to use ActivityPub for collaborative resource access and complex distributed authorization.</p><p>I think content sharing services can also benefit from ocaps, in areas such as reply control or spam protection. I touched this topic here: <a href="https://socialhub.activitypub.rocks/t/fep-5624-per-object-reply-control-policies/2723/33">https://socialhub.activitypub.rocks/t/fep-5624-per-object-reply-control-policies/2723/33</a> (although something simpler, like a <a href="https://www.w3.org/TR/vc-data-model/">verifiable credential</a>, might be more appropriate for reply control use case).</p><p>&gt;ZCAP, while evolving over the years, is still a draft, still changing, and still relies on Linked Data signatures, which are a big burden, requiring an implementation of complicated JSON-LD algorithms</p><p>ZCAP spec seems to be aligned with Data Integrity spec, so it should be possible to use other signature suites like jcs-eddsa-2022 (as in FEP-8b32).</p><p>&gt;OCAPs have a start time and an expiration time</p><p>If your representations have Data Integrity proofs, you may use created and expires properties (related issue: <a href="https://github.com/w3c/vc-data-integrity/issues/78">https://github.com/w3c/vc-data-integrity/issues/78</a>)</p><p>cc <a href="https://mymath.rocks/endpoints/SYn3cl_N4HAPfPHgo2x37XunLEmhV9LnxCggcYwyec0">@h</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/1644623#notice-3235839">In conversation</a><time datetime="2023-06-12T06:00:20+09:00" title="Monday, 12-Jun-2023 06:00:20 JST">Monday, 12-Jun-2023 06:00:20 JST</time> <span>from <span><a href="https://mitra.social/objects/0188ac3f-6bbf-b3e1-1774-b904d24d80d4" rel="external" title="Sent from mitra.social via ActivityPub">mitra.social</a></span></span><a href="https://mitra.social/objects/0188ac3f-6bbf-b3e1-1774-b904d24d80d4">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: socialhub.activitypub.rocks</div><h5><a href="https://socialhub.activitypub.rocks/t/fep-5624-per-object-reply-control-policies/2723/33">FEP-5624: Per-object reply control policies</a></h5><div></div></header><div>Is it neccessary to request approval for every reply?  I think in many cases it would make more sense for authority to grant permission once. The representation of permission can be signed by the authority, so replier may simply add the signed representation to Note object under the replyApproval key.  This will reduce the number of network requests required to create and verify replies. In the best case the process would be the same as today, where replier simply sends Create() activity.  Permi...</div><footer></footer></article></li><li><article><header><div>Domain not in remote thumbnail source whitelist: opengraph.githubassets.com</div><h5><a href="https://github.com/w3c/vc-data-integrity/issues/78)cc">Issues · w3c/vc-data-integrity</a></h5><div></div></header><div>W3C Data Integrity Specification. Contribute to w3c/vc-data-integrity development by creating an account on GitHub.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
silverpill (silverpill@mitra.social)'s status on Monday, 12-Jun-2023 06:00:20 JSTsilverpill
in reply to
- ForgeFed
@forgefed
>It seemed that Fediverse apps are mostly in the field of personal content publishing and sharing, and ForgeFed is almost alone trying to use ActivityPub for collaborative resource access and complex distributed authorization.
I think content sharing services can also benefit from ocaps, in areas such as reply control or spam protection. I touched this topic here: https://socialhub.activitypub.rocks/t/fep-5624-per-object-reply-control-policies/2723/33 (although something simpler, like a verifiable credential, might be more appropriate for reply control use case).
>ZCAP, while evolving over the years, is still a draft, still changing, and still relies on Linked Data signatures, which are a big burden, requiring an implementation of complicated JSON-LD algorithms
ZCAP spec seems to be aligned with Data Integrity spec, so it should be possible to use other signature suites like jcs-eddsa-2022 (as in FEP-8b32).
>OCAPs have a start time and an expiration time
If your representations have Data Integrity proofs, you may use created and expires properties (related issue: https://github.com/w3c/vc-data-integrity/issues/78)
cc @h
In conversationMonday, 12-Jun-2023 06:00:20 JST from mitra.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: socialhub.activitypub.rocks
  FEP-5624: Per-object reply control policies
  Is it neccessary to request approval for every reply? I think in many cases it would make more sense for authority to grant permission once. The representation of permission can be signed by the authority, so replier may simply add the signed representation to Note object under the replyApproval key. This will reduce the number of network requests required to create and verify replies. In the best case the process would be the same as today, where replier simply sends Create() activity. Permi...
2. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
  Issues · w3c/vc-data-integrity
  W3C Data Integrity Specification. Contribute to w3c/vc-data-integrity development by creating an account on GitHub.

Public

Embed Notice

HTML Code

Corresponding Notice