I wrote up some Opinions™ about iterating on the protocol and how we can continue improving it without sacrificing compatibility or fracturing the network: Comments welcome here or on the post.

@jdormit I think you should join the preparation discussion for AP round table at FOSDEM.

@how So I just register for the forum? When is the round table, and is it okay if I participate if I'm not attending FOSDEM?

@jdormit Yes please, or simply pass me your email in a PM and I invite you. All the answers to your questions are in the welcome message :)

@jdormit your reasoning is quite sound and holds some merrit. it is a good base for discussion. And it solves the question of trow away and restart. It does not break current projects and they probably can easily implement future iterations.

Good thinking.
If everyoen agrees, the next discussion point should be what features to include. There are many shortcomings to cover. And the first of all is make AP implementation more uniform. Litepub, pleroma are signs AP has a tendency to splinter

Right, I think that @kaniini 's ideas have a lot of merit, as long as they can be implemented in a way that doesn't leave behind the existing network.

@jdormit @Steven_Vervaecke

at some point there has to be a flag day, sorry. projects which do not care about security should be defederated at some point.

Sure, I agree with that. But I think there's a way to implement security features which preserve the existing network in such a way that the more secure nodes can still communicate with out-of-date ones, e.g. HTTPS is built on top of HTTP but some websites redirect HTTP requests to HTTPS.

@jdormit @Steven_Vervaecke

that entire statement is the exact opposite of what i said.

my proposal is to run both versions of AP in parallel (like ipv4+ipv6 dual stack) and then have a flag day in the future where the current version of AP is switched off.

@kaniini @Steven_Vervaecke
So in this case, say you add a capability-based access system to ActivityPub, you could also define some default capabilities that existing nodes are understood to have, and then nodes that implement the capability system can choose the level of access they allow to the default capabilities.

@jdormit @Steven_Vervaecke

not interested, also not possible.

capability systems are all in, otherwise the security is degraded back to the original state.

a flag day is necessary, period.

all this argument is doing is convincing me that i should avoid recommending pterotype to people who want to join the AP network.

I wouldn't recommend Pterotype yet either, unless you want to be a beta tester on an early-stage product 😅

I'm definitely not trying to undermine your proposal before I've even seen it - looking forward to taking a look once you've published that follow-up post. I just want to make sure that the Fediverse doesn't sabotage its future by fragmenting before it really gets off the ground (and yes, it could also sabotage its future by not taking security seriously enough)

@jdormit i'm happy to let the parts of the fediverse which do not care about security fragment away.

@kaniini @jdormit Although i know nothing about capability systems or Pterotype(wth is that some kind of dinosaur?)

I do see some benefits for that flag day idea. I look at this from a functional standpoint. The dualstack idea is about as good as the backwards compatibility thing. It does not break the current network and it gives projects the time to implement the new AP version. Over time it will move to have AP 2 supersede the previous version

@kaniini @jdormit
I do know a knowledgable person when i see one. And i trust Kaniini on this

@jdormit These posts and the accompanying threads make me fear even more that the AP people are busy reinventing XMPP. Inviting expectations of privacy into the heads of this userbase head has been a mistake. I'm just waiting for some dolt to suggest AP needs E2EE
@jdormit .. and now @zash and @mmn inform me that this already exists in the form of Movim and XEP-0277
Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!