Notices by silverpill (silverpill@mitra.social)

@citc I don't have a Hubzilla account. Does it support changing reaction visibility?

Like / EmojiReact activity audience:

- Mastodon, Misskey, Hollo, Mbin, Lemmy: audience is not specified, for some reason
- Pleroma, Akkoma: some instances use followers, others use Public
- GoToSocial: direct

#Mitra currently uses Public, but delivers only to the post author. I am going to fix this inconsistency and make activities direct by default, but also add an option to generate public reactions (like Pleroma).

Is there another platform that supports this (choosing the reaction visibility)?

@steve I don't have that book and I don't see how it could be relevant. "Intent" doesn't matter here, only text matters, and the text is quite clear. Obviously, you can't attach id without replacing it. If the book says something different, it's bullshit.

@fentiger @rfc9421 Caching results might help, but either way, not all servers validate signatures synchronously, so this method is not reliable.
It is much better if you know what to send in advance.

In the "Capability detection" section, it is written that "Protocol-specific capability discovery mechanisms could be used instead."

Such mechanism has not been proposed yet for ActivityPub, so started to write a FEP about it:

https://codeberg.org/silverpill/feps/src/branch/main/844e/fep-844e.md

@steve Non-activity objects are wrapped in Create and their identifiers are replaced. This requirement is not vague, it's an RFC-2119 MUST:

https://www.w3.org/TR/activitypub/#object-without-create

What is "conceptual trickiness" and how it is related to this case?

@fentiger @rfc9421 I don't know how it is supposed to work.

@picofarad @rfc9421 It's for signing HTTP requests, not content (activities). Until recently, we used a draft of RFC-9421, but now RFC-9421 is final and developers are starting to upgrade (draft and final versions are incompatible).
Don't know about routers/proxies.

Depends on what is being stripped. Does it completely remove all HTML content, including text paragraphs, or just sanitizes it?

ActivityStreams vocabulary defines summary as "A natural language summarization of the object encoded as HTML":

https://www.w3.org/TR/activitystreams-vocabulary/#dfn-summary

I think that means images and other media shouldn't appear in summary, because they are not natural language.

@steve What else could it be?

ActivityPub talks about POSTing activities and objects, in both cases the id MUST be replaced.

@steve In ActivityPub, it can't:

If an Activity is submitted with a value in the id property, servers MUST ignore this and generate a new id for the Activity.

-- https://www.w3.org/TR/activitypub/#client-to-server-interactions

But if the server is not strictly compliant, then yes, it can treat the object as an inbox delivery and retrieve it from origin.

@steve The server can't do anything with it (because type and/or other properties are not present), and can't deliver it to other servers (because audience is not specified). It is useless, but probably valid.

@julian

summary gets you part of the way there, but Mastodon would still strip out the inline images, and I don't want to add image assets to Article in attachment because I want to promote the support for inline images for non-Notes.

If Mastodon can display summary, why inline images are a concern? Summary with a link should be enough for previewing.

@suwako

https://codeberg.org/silverpill/mitra/src/branch/main/docs/post_markup.md

ActivityPub and HTTP Signatures recommends double-knocking to those who want to produce RFC 9421 signatures.

This is ridiculous because it means making ~2x more POST requests to deliver an activity. And eventually there will be another upgrade. Then what, triple-knocking?

I think capabilities like RFC-9421 support can advertised via actor properties.

It can look like this:

Here is a FEP draft:

https://codeberg.org/silverpill/feps/src/branch/main/844e/fep-844e.md

@rfc9421

@lsn Admittedly, "some strongman" is a lesser evil than a nebulous web of transnational corporations and NGOs. Easier to deal with.

@by_caballero @tchambers @benpate @samsethi So Ethereum guys made X402 and Bitcoin guys made L402? 😆

@tchambers @benpate @samsethi I would add that FEP-0837 is not solely about payments. It is about exchanging one thing for another thing.

Specific payment methods are not defined in that FEP, and neither are access control mechanisms.

@ps @harblinger

I know @madamada (the second node from your list) and @flint

@benpate @tchambers @samsethi Fedi devs should keep in mind that FEP-0837 exists, which is basically the same protocol but built on top of ActivityPub instead of HTTP.
It is also not limited to paywalling.