I have returned, with tea
-
I have returned, with tea
I am still not reading notifications. Well, I have seen a few fly by on the fediverse which is blipping and blooping nonstop in the Mastodon UI so people are clearly reading it there
Bluesky says "30+". How big is the +?? I will resist temptation to look and assume "31"
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
"Where are we going with this Christine?"
Well you could have just read the blogpost but 3 more sections remain, we are approximately 2/3 there
I know, bear with me, what is left is:
- What should the fediverse do?
- Preparing for the organization as a future adversary
- Conclusions -
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Yes, I changed the order of the remaining sections, not from the blogpost but from the last time I said what was left on this thread
pray I do not reorder them again
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Before we get into the next section, earlier I left an easter egg, which you could reply to and say "I found the easter egg" or something
Now you can put 2 eggs
I 2 was once an egg
(Look I specifically transitioned so I could never be accused of making dad jokes again so that does not qualify)
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Alright you've heard enough critiques of Bluesky for a bit and I SAID I was gonna critique the fediverse and I am a WOMAN OF MY WORD
So let's get into it!
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
I have actually critiqued ActivityPub and the fediverse a lot! I have kind of never stopped critiquing it, ever since the spec was released. There's a lot that can be improved!
I have even gotten criticism from AT LEAST ONE ActivityPub spec author for critiquing AP-as-deployed but I do anyway
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Actually something that is funny about ActivityPub is that there's "ActivityPub the spec", which I think is pretty solid for the most part, and "ActivityPub-as-deployed"
Many of the critiques I'm about to lay out we left holes in the spec for which I hoped would be filled with the right answers
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
One thing we have already discussed so, before I will say anything else, I will repeat: content addressing is really good, and I'd like to see it happen in ActivityPub, and it's *possible to do*, I even wrote a demo of it https://gitlab.com/spritely/golem/blob/master/README.org
Bluesky does the right thing here, AP should too
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Content addressing is important. It should not matter where content "lives". It should be able to live anywhere.
A server should be able to go down, and content should survive.
Go content addressing!
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Actually with this and several other things I am going to bring up, I actually made sure there was space to do things right: there was a push to make ActivityPub "https-only"
I pushed back on that, I didn't want that requirement, and it was exactly for this reason: enabling content addressing
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
This isn't the only time I left a critique of ActivityPub-as-Deployed as opposed to ActivityPub-as-it-could-be: see also OCapPub, which critiques the anti-abuse tools of AP as inadequate and leading to "the nation-state'ification of the fediverse" https://gitlab.com/spritely/ocappub/blob/master/README.org
Oh, and ocaps!!!
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
ActivityPub left giant holes in the spec around two things which sound the same but which are not the same: Authentication and Authorization
Trying to mix these two, you accidentally get ACLs, and then you get confused deputies and ambient authority, plagues of the security world
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Anyway, if you know *anything* about me, you know I am a big fan of capability security (ocaps) and that's the foundation of our work over at @spritely
But we will come back to ocaps in a second because it turns out OCapPub is not the only time I proposed AP + ocaps!
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
The other time I wrote about ActivityPub + ocaps was in a proposal to, yes, Twitter's Bluesky process in 2020 with Jay Graber titled... "ActivityPub + OCaps"! https://gitlab.com/-/snippets/2535398
I think that document laid out all the right ideas for *the fediverse* (not saying bsky, the fediverse)
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Now I want to be clear here that I *don't* think that proposal was necessarily the right one for Bluesky, and I *do* think Jay Graber *was* the right person to lead Bluesky
What I wanted to do required a lot more research, and we have done that over at @spritely instead
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
The reason I bring up the proposal here is that I think it has all the right analysis of *what the fediverse should do*, if it was going to rise to the challenge of fulfilling its true potential
So let me lay out what the things in that proposal were:
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Here is your recipe for making the "Correct Fediverse IMO (TM)":
- Integrate ocaps, which is possible because actor model + ocaps compose
- Content addressed storage!
- Decentralized identity (notice the *y*, I did not say DIDs) on top of ~mutable CAS storage
- Petname system UX(cotd...)
-
Rocketmanreplied to Christine Lemmer-Webber on last edited by
People complain about threading on Mastodon not working right, and @cwebber is just out there like
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
(cotd ...)
- Better anti-spam / anti-harassment using OCapPub ideas
- Improved privacy with E2EE ("encrypted p2p" even a better goal)Whew! An improved fediverse?
"Uh, Christine, this sounds like a lot, do you think the fediverse can take this on?"
-
Christine Lemmer-Webberreplied to Christine Lemmer-Webber on last edited by
Spec-wise in ActivityPub, I think it's possible. The ecosystem, as deployed? I think the ecosystem can and will only do part of it, if we really get everyone excited, maybe the content addressed storage and decentralized identity parts, in which case the fediverse will also survive nodes going down