What the F*%#K is a Webmention ?: send_webmention(http://t.co/xBDxLQB0hT, http://christoph… http://t.co/UnBPfryOHx

— Frederic Dumeny (@dumeny) 3 Septembre 2014

@Fred,

J’essaye de retrouver la main sur ce vieux blog WordPress abandonné… sur lequel j’étais parvenu non sans peine à implémenter webmention.

Pour ton information, je n’ai pas activé le plugin IndieWeb. Juste le plugin Webmention.

En attendant le prochain indiewebcamp Paris, puis-je te recommander de monter calmement sur l’échelle l’indiemark et de passer par les niveaux 1 et 2 réservés aux débutants comme nous ! (Je peine encore…)

Tout prêt à t’aider sur ce que je maîtrise à peu près à cette heure : les microformats2 et l’implémentation IndieAuth.

Rien ne presse, mais tu pourrais essayer de mettre les mains dans le code de ton éditeur de thème pour :

• Placer des microformats2 sur tes sites. Regarde ce tutoriel de Barnaby Walters)
• et avancer pas à pas avec cet autre tutoriel pour vérifier tes passages d’étapes : http://indiewebify.me/

Source indiewebify.me

Reparlons-en de vive voix quand tu veux. Si tu es vraiment pressé, pose directement tes questions aux connaisseurs présents sur l’irc : canal #indieweb sur freenode.

Impatient d’imaginer nos prochains échanges avec webmention !

Bon dimanche.

Ailleurs : cette note a été POSSÉe sur twitter

@BarnabyWalters aw man! Looking awesome! :-D Thanks for sharing. Any videos available of your performance? ;)

favorited this.

@BarnabyWalters actually PSR-5 formalizes existing practices and focuses on being tool-agnostic. Anything tool specific is omitted

favorited this.

@BarnabyWalters: I'll fix the layout :-)

As mentioned yesterday I’ve enabled webmentions on this site. Now, webmentions could have the same spam problem that Pingback has, and so one of the proposed solutions is Vouch, where when you send a webmention you also include with it a “vouch URL”. That URL is a page which (a) links to you, and (b) is trusted by the person you’re linking to. That way, the receiver can say: OK, I don’t know this person who’s linking to me, but I do know this other person, and she knows the first person, so I reckon they’re probably OK. You can see an example of this on Aaron Parecki’s “replies” site; one of the comments says “(vouched for by waterpigs.co.uk)”.

Put your hand up if you can see a problem with this approach.

I think there are two problems; neither are insurmountable, but both are problems. The first is: how do you find a person who will vouch for you and whom the recipient trusts? I think of this like, say, the problem of you, gentle reader, finding out what my mobile phone number is. If you’re reading this, then we’re probably vaguely connected; we both work on the web, or on Ubuntu, or both like Portishead, or something; we probably have some friends in common; there are lots of people out there who know my mobile number; therefore, if you really wanted my number, you could play the “six degrees of Kevin BaconStuart Langridge” game and find someone who knows that number and trusts you enough to give it over. But it’s a really annoying task, because you don’t know who to ask; all you can do is basically ping friends at random. In particular, if there is actually nobody you know who knows my phone number, then you can’t tell that; all you can do is keep asking people and you’ll never know whether you haven’t found anyone because you haven’t looked hard enough, or because we’re not good enough friends and so there’s nobody out there to find. You could look for an unlimited time.

I do not like things that could make me work for an unlimited amount of time.

Second issue: the clique problem. If you only accept vouches from people you trust, then there’s no easy way to get trusted. It makes it much, much harder for an outsider with something to say to get themselves heard. Now, some people like that: they want discussions to be among known people only, and that’s fine. But I don’t really like the idea of institutionalising that by baking it into the core protocol.

Since Vouch exists in large part to avoid spam, I thought: hey, what if we build a thing which will vouch for you if you prove you’re not a spammer?¹ And then people will hopefully learn over time that being thus vouched for is valid, and then everyone wins. If you know someone who will vouch for you, then use them to do so; if you don’t, prove you’re not a spammer and have the service vouch for you. If you receive a vouched for webmention from someone you trust, great; if you receive one vouched for by the service, then satisfy yourself that the service works and then you can give it some limited degree of trust. So it’s not necessary to use this sort of service, but it can help to make a bridge from one “circle of trust” to another, or to help someone get involved in the conversation even if they’re new to the group. We had a really interesting discussion about all this on the #indiewebcamp IRC channel yesterday.

So I built Hash for Vouch. A simple service: you do a little bit of computational work (a hashcash-style algorithm), and the service verifies that you did the work and then puts up a page which vouches for you, which you can send along with your webmention. There’s an API so you can do the work and then prove it to get a vouch URL programmatically, or you can use the form on the front page to do that work in your browser and get a vouch URL that way. Spammers can’t do the work because it makes spam uneconomical if each one takes five seconds to send. And anyone real can join the conversation.

I’m now sending webmentions which are vouched for by Hash for Vouch when I link to URLs on this site. Feel free to do the same!

1. Actually, I didn’t quite think of this. I thought: why not prove you’re not a spammer directly? And Michiel de Jong thought of the idea of proving it to a service which then vouches for you, which is super clever because it piggybacks on the existing Vouch network, it allows people to trust “autovouched” mentions differently from “personally vouched” mentions, and it doesn’t require everyone with an endpoint to update it. ↩

Add to favorites

As mentioned yesterday I’ve enabled webmentions on this site. Now, webmentions could have the same spam problem that Pingback has, and so one of the proposed solutions is Vouch, where when you send a webmention you also include with it a “vouch URL”. That URL is a page which (a) links to you, and (b) is trusted by the person you’re linking to. That way, the receiver can say: OK, I don’t know this person who’s linking to me, but I do know this other person, and she knows the first person, so I reckon they’re probably OK. You can see an example of this on Aaron Parecki’s “replies” site; one of the comments says “(vouched for by waterpigs.co.uk)”.

Put your hand up if you can see a problem with this approach.

I think there are two problems; neither are insurmountable, but both are problems. The first is: how do you find a person who will vouch for you and whom the recipient trusts? I think of this like, say, the problem of you, gentle reader, finding out what my mobile phone number is. If you’re reading this, then we’re probably vaguely connected; we both work on the web, or on Ubuntu, or both like Portishead, or something; we probably have some friends in common; there are lots of people out there who know my mobile number; therefore, if you really wanted my number, you could play the “six degrees of Kevin BaconStuart Langridge” game and find someone who knows that number and trusts you enough to give it over. But it’s a really annoying task, because you don’t know who to ask; all you can do is basically ping friends at random. In particular, if there is actually nobody you know who knows my phone number, then you can’t tell that; all you can do is keep asking people and you’ll never know whether you haven’t found anyone because you haven’t looked hard enough, or because we’re not good enough friends and so there’s nobody out there to find. You could look for an unlimited time.

I do not like things that could make me work for an unlimited amount of time.

Second issue: the clique problem. If you only accept vouches from people you trust, then there’s no easy way to get trusted. It makes it much, much harder for an outsider with something to say to get themselves heard. Now, some people like that: they want discussions to be among known people only, and that’s fine. But I don’t really like the idea of institutionalising that by baking it into the core protocol.

Since Vouch exists in large part to avoid spam, I thought: hey, what if we build a thing which will vouch for you if you prove you’re not a spammer?¹ And then people will hopefully learn over time that being thus vouched for is valid, and then everyone wins. If you know someone who will vouch for you, then use them to do so; if you don’t, prove you’re not a spammer and have the service vouch for you. If you receive a vouched for webmention from someone you trust, great; if you receive one vouched for by the service, then satisfy yourself that the service works and then you can give it some limited degree of trust. So it’s not necessary to use this sort of service, but it can help to make a bridge from one “circle of trust” to another, or to help someone get involved in the conversation even if they’re new to the group. We had a really interesting discussion about all this on the #indiewebcamp IRC channel yesterday.

So I built Hash for Vouch. A simple service: you do a little bit of computational work (a hashcash-style algorithm), and the service verifies that you did the work and then puts up a page which vouches for you, which you can send along with your webmention. There’s an API so you can do the work and then prove it to get a vouch URL programmatically, or you can use the form on the front page to do that work in your browser and get a vouch URL that way. Spammers can’t do the work because it makes spam uneconomical if each one takes five seconds to send. And anyone real can join the conversation.

I’m now sending webmentions which are vouched for by Hash for Vouch when I link to URLs on this site. Feel free to do the same!

1. Actually, I didn’t quite think of this. I thought: why not prove you’re not a spammer directly? And Michiel de Jong thought of the idea of proving it to a service which then vouches for you, which is super clever because it piggybacks on the existing Vouch network, it allows people to trust “autovouched” mentions differently from “personally vouched” mentions, and it doesn’t require everyone with an endpoint to update it. ↩

never create a sour-dough starter with anything but flour and water. No yeast, sugar or fruit juices. It will get moldy.

P.S I don't know how to comment on your webpage

Original post by Barnaby: https://waterpigs.co.uk/notes/4Ye8wT/

@BarnabyWalters Hell yes I do!

favorited this.

favorited this.

@BarnabyWalters I'm glad someone else actually saw "Too Many Cooks" and I didn't just imagine it.

favorited this.

Liked waterpigs.co.uk/notes/4Z4Gz_ by Barnaby Walters on waterpigs.co.uk

retweeted this.

They need to do something about their release cycles though. I stopped using Aurora because bug-fixes were taking too long to be implemented. Here’s one of the Mozilla people talking about removing a release channel, but maybe instead of dropping the beta channel like he suggests, they’ll drop the Aurora channel in favour for this “Developer Edition”.

favorited this.