Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

compare AP Notification with WebMention #1

Open
elf-pavlik opened this issue Nov 8, 2014 · 3 comments
Open

compare AP Notification with WebMention #1

elf-pavlik opened this issue Nov 8, 2014 · 3 comments

Comments

@elf-pavlik
Copy link

http://oshepherd.github.io/activitypump/ActivityPump.html#notification
On first sight it looks very similar to http://webmention.org/

Social WG charter lists it as one of possible inputs for Federation Protocol
http://www.w3.org/2013/socialweb/social-wg-charter.html#deliverables
@erincandescent
Copy link
Owner

They're broadly similar concepts, yes.

WebMention just carries the post's URI; AP notification requires that
the whole activity be conveyed. AP notification requires certain actions
on behalf of the receiver (e.g. further distribution), in line with AP
covering a whole social protocol rather than just a subset of it.

☮ elf Pavlik ☮ mailto:[email protected]
08 November 2014 21:23

http://oshepherd.github.io/activitypump/ActivityPump.html#notification
On first sight it looks very similar to http://webmention.org/

Social WG charter lists it as one of possible inputs for Federation
Protocol
http://www.w3.org/2013/socialweb/social-wg-charter.html#deliverables


Reply to this email directly or view it on GitHub
#1.

Sent using Postbox:
http://www.getpostbox.com

@elf-pavlik
Copy link
Author

WebMention lately adds Vouch extension for automated anti-spam http://indiewebcamp.com/Vouch
Do you have anything addressing this issue? Searching your draft for spam gives no results. I think that unless you can sign the payload, fat push will have security issues and receiving just URI (as webmention does) gives you chance to fetch it yourself.

@erincandescent
Copy link
Owner

ActivityPump requires strict validation of payloads outside of the
sending server's domain (i.e. fetching of them by the receiver). I plan
to add that senders SHOULD elide the contents of any such payloads
(substituting the URI of the object in their place, as AS2 permits).
However, there is attractiveness in the "just send the URI" model; I'm
not necessarily opposed to it.

As for spam... its' more difficult in our case than IndieWebCamp's,
because IWC assumes person per domain, etc, and there aren't (presently)
any open registration sites where spammers can setup camp.

I think we may wish to here suggest that implementations accept by
default all messages from the people you follow & the people they
follow, and then perhaps also implement some form of intelligent spam
filtering algorithm (Bayesian or similar) for the rest, with a similar
"spam folder."

We may note that Facebook implements similar logic with its' "Others"
messaging category (except theres no Bayesian algorithm there).

Really, I think the spam filtering method should be up to implementers,
but making suggestions about using "friends of friends" is probably a
good idea.

☮ elf Pavlik ☮ wrote:

WebMention lately adds /Vouch/ extension for automated anti-spam
http://indiewebcamp.com/Vouch
Do you have anything addressing this issue? Searching your draft for
/spam/ gives no results. I think that unless you can sign the payload,
fat push will have security issues and receiving just URI (as
webmention does) gives you chance to fetch it yourself.


Reply to this email directly or view it on GitHub
#1 (comment).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@erincandescent @elf-pavlik