Figure I should post this here as well.
-
@evan @deadsuperhero One alternative.. talk about how the problems with #ActivityPub will be addressed in a reasonable time frame given it’s not actively maintained and the evolution of it is “closed” (tightly controlled by the W3C). I think this would be more effective for attracting developers than FUD and misinformation about other protocols and attacks on those with more inclusive perspectives. That strategy doesn’t help ActivityPub, in either the short or the long term.
-
@steve @deadsuperhero hey, Steve. Thanks for popping into the conversation.
It's simply untrue that ActivityPub is unmaintained. We handle reports of errors with errata and an editor's draft. The CG published reports on profiles for Webfinger and HTTP Signature this year, and we have task forces for forums, E2EE, data portability, trust and safety, and discovery open now.
We also have the FEP system for building new extensions, and a process for incorporating extensions into the main context.
-
Evan Prodromoureplied to Evan Prodromou last edited by [email protected]
@steve @deadsuperhero finally, the CG is working to create a charter for a new working group to develop a backwards-compatible, 1.1 revision of the spec. We'll have a discussion about it at tomorrow's meeting, which you should definitely attend!
-
@steve @deadsuperhero why do you think it's misinformation to point out that Bluesky is a venture-funded startup and that ActivityPub is an open standard from a recognized standards body? Those are straight-up facts.
It's also true that we need to be careful with patents on protocols from private companies. Even when developers have the best intentions, investors often try to squeeze value out of the company with patents. One of the benefits of open standards orgs is patent protection.
-
Nik | Klampfradler 🎸🚲replied to Evan Prodromou last edited by
@evan Thanks for keeping clarifying these things over and over again. I am myself somewhat tired of (knowledgeable) people not recognizing a corporate walled garden when they see one.
-
@steve @deadsuperhero You should check with the Bluesky team and their investors on their multiprotocol strategy. Do they really envision a future in which Bluesky is a small part of a larger Social Web, connected through bridges? Or is the point to be the *only* distributed social networking protocol? I don't see why investors would put $36M into the second- or third-place no-strings-attached open protocol, but maybe you've got a different set of experiences of venture capital than I do.
-
@evan @bnewbold @mmasnick My understanding (I am not a lawyer) is that pro-freedom patent pledges can be legally risky even for well-intentioned companies, unfortunately.
A company can make an internal decision to never enforce any of their patents, but then find themselves the target of incoming patent infringement claims for which the best defense is a counterclaim: "Oh yeah? Well, you're infringing some of ours. So how about we sit down and make a cross-licensing deal and call it even?"
Since competing companies tend to be in similar lines of business, the chances of them having mutually infringing patent claims are much better than random. Thus, having some patents in your back pocket -- even if you don't want nor intend to use them -- becomes a reasonable defensive tactic.
And it's not so simple to write a pledge that just says "We won't use our patents against anyone unless they use theirs against us first", either. What if another company uses patent infringement claims to restrict the options available to one of your partners / resellers / customers / whatever -- but it is you who have the patent portfolio that is able to make credible counterclaims? Since you weren't the one directly attacked, you'll now be violating your public pledge if you use your patents to protect freedom. Oops.
Mutual defense pools like OIN can help to address this transitive collective action dilemma, but they don't fully solve it. Fundamentally, the more legally binding public statements a company makes about what they won't do with their patents, the more they preëmptively tie their hands in some potential future patent-related dispute that is forced upon them by an outside party.
(There are, IIUC, other insidious things about the nature of patent law that make it hard for companies to even talk openly about what their plans are for their patents, or why they have acquired them, etc. Everything you say is there for your opponent's lawyers to pick apart some day, and it's hard to forecast the technical intricacies of every lawsuit or lawsuit-adjacent negotiation you might be involuntary involved in in the future. Open-ended promises are inherently risky.)
For these reasons, I am not judgemental about a company's patent portfolio, only about their actual patent behavior. It's wonderful & laudable when they make binding pro-freedom public promises -- but I hope that they do so with great care, and that they retain their ability to actually use whatever patent portfolio they may have to defend the commons when needed.
It's bad that we have a system that requires these counterintuitive tactics, but it's no particular company's fault that we're all operating in a bad system.
-
@kfogel @mmasnick @bnewbold One way that we do things in the protocol space is to participate in standards organizations that have a patent licensing process. You can see the W3C's here: https://www.w3.org/policies/patent-policy/ There's a lighter policy for W3C community group reports: https://www.w3.org/community/about/process/final/ The IETF is less particular; it has an informal goal of not using patented tech but does allow it in some cases: https://www.ietf.org/process/ipr/
-
@kfogel @mmasnick @bnewbold A patent pledge from Bluesky would make it possible for others to examine their work and apply their findings to other projects, which was the point of Mike's original post (that experimentation helps the whole ecosystem). The other option is to proactively bring their own work to a standards organization that has some patent pledge or disclosure framework. It'd be wonderful for the Bluesky team to bring ideas for improving ActivityPub directly to the SocialCG at W3C.
-
@kfogel @mmasnick @bnewbold All said, I think it's a hard decision on the part of Bluesky. The protocol is their whole raison d'etre and making this kind of proactive pledge would be difficult. However, for those who don't work for the company or have a financial stake in it, knowing that we can use their findings for other projects is very helpful. If that's a priority, and if there's money in the bank, it's probably worthwhile to use their immense font of patent openness experience.
-
@evan @deadsuperhero The "simple truth" is that no changes have been made to the AP Rec since 2018 despite numerous bug reports and extensive community feedback. There's currently no W3C group with the authority to make any changes. For at least those reasons, I think it's fair to say it's currently unmaintained. I know there has been some talk about chartering a WG to do a minor update. FEPs are not W3C, are not AP-specific and are a separate, informal process. But, of course, you know that.
-
@evan @deadsuperhero I haven't seen anything from the BlueSky team stating they have a mono-protocol strategy for the social web. Do you have a reference? I've only seen you promoting it for ActivityPub. Your VC fears may be similar to the suspicions some people have about the "Social Web" Foundation being partnered with and supported by Meta given their surveillance capitalist history. (The "partners" and "support" lists are from the SWF web site).
-
I wouldn't call it "unmaintained." I just gave examples of how it's maintained on a weekly basis.
There is a lively process both inside and outside the W3C for maintaining and growing the protocol.
Official standards don't change often. That's what makes them reliable.
-
Emelia 👸🏻replied to Evan Prodromou last edited by [email protected]
@evan @steve @deadsuperhero We need to get the CG/WG properly setup before we can start to claim “Maintained", until then, at best it's “issue triaged”
"Maintained" implies that we'd publish new versions or edits as necessary to clarify things. We can't currently do that without the WG
-
Tim Chambersreplied to The Nexus of Privacy last edited by
@thenexusofprivacy @hallenbeck @markdarb @mmasnick
"The share of fediverse population on instances that don't block Bridgy Fed is useful in that it tells us the percentage of people here who could opt in to Bridgy Fed ... but I'm not sure what it tells us beyond that."
Wouldn't it show the share of the Fedi that are at least OK with their social home being bridged to Bluesky and did not have a strong enough issue vote with their feet to go to a server that didn't? And vice versa?
-
@snarfed.org Thanks for doing this ... a thoughtful post as always. It's a great distinction between a (useful!) hobbyist project and a supported infrastrcture project. The open question of "who makes the decisions" relates to what I was discussing in the previous post.
Agreed with your suggestions of the kinds of entities that could be good homes for this. It looks different if it's at a for-profit corporation like Flipboard or a revenue-generating non-profit like Ghost as opposed to a multipolar non-profit organization like IFTAS (if it's in scope) or SWF. If and when soebody does take it over I think it's crucial to continue to prioritize safety, as you very much have been doing. Obviously that's IFTAS' charter, and @mallory@techpolicy's focus on minimizing harms aligns with that as well, so perhaps some kind of partnership makes sene
And in general I think bridging, as a mechanism to connect fediverses (and subnetworks within a fediverse), hasn't been explored much. For example bridging could be a good way to deal with the likely partition of today's Fedivese once Threads starts two-way federation. Of course the "Big Fedi" view of a partition is that it's a bad thing, but unless and until platforms such as Mastodon can provide better tools for people to protect themselves (which may or may not be on the horizon), LGBTQIA2S+ people at risk of being targeted from hate groups like Libs of Tik Tok that Meta gives free rein to will be safer on instances that are transitively defederated. Meta's asymmetrical bridge -- opt-in for people on Threads, opt-out for instances and people in the rest of the Fediverse -- doesn't address that risk; and making it opt-out in both directions wouldn't help. So either Big Fed cuts itself off from LBGTQIA2S+ people, or some other approach is needed. Bridging, perhaps? So I certainly hope whoever takes over Bridgy Fed is thinking about stuff like this.
@tchambers @mackuba @markdarb @mmasnick @mike @hallenbeck @evan @jaz @chrismessina @bnewbold
-