#julianfIn Quill -- that's you aaronpk, isn't it? -- I'm a bit in the dark about what format the 'content' field accepts. Plain text? HTML? Markdown? Whatever the micropub endpoint accepts?
#Loqi[Tantek Çelik] h-entry is a simple, open format for episodic or datestamped content on the web. h-entry is often used with content intended to be syndicated, e.g. blog posts. h-entry is one of several open microformat standards suitable for embedding data in HTML/H...
#aaronpkjulianf: hm sorry it's not clear. the "content" field is from h-entry. in microformats, it can be either text or HTML, buf if it's html then the value of content will be {"html":"<b>foo</b>","value":"foo"} whereas when it's plain text it's just a string
#aaronpkso in micropub, it's plain text by default, and there's optionally a way to post HTML (if the endpoint supports it)
#aaronpkthe simple quill editor only posts the plaintext format, but there's also an HTML editor in Quill which will post that {"html":"..."} object
#julianfThanks. s/by default/in its lowest common denominator/ ?
#snarfedPSA: i'm not doing anything with the domain freedom.io right now, and it's up for renewal soon. anyone want it for a project?
#aaronpkwell, more like the UI of clients assumes plain text so they won't do anything fancy with it
ncollig joined the channel
#aaronpksome peoples' servers accept things like markdown or other variations of plaintext, and of course if you type markdown in quill's plaintext box and your server is expecting it, then it works fine.
#julianfHuh? Not sure what "client" you refer to. In my case the writing client software was Quill, and the reading client is WordPress's HTML rendition of the post on my blog.
#aaronpkthe micropub client, so in this case quill
#julianfquill.p3k.io/new is a micropub UI for composing plain text content, and quill.p3k.io/editor is a micropub UI for composing rich text content, and other UIs can do plain or rich content as they choose, right?
#julianfThey and IndieWeb should talk to each other if they're not already.
ncollig joined the channel
#julianfA 3-yr research project with money and big sponsors, and an intention to build an "open-source personal networked device ... that collates, curates, and mediates access to an individual’s personal data ...".
#bearmorning everyone, this is your friendly security ursine with a request that everyone on iOS update the the latest 10.1 version that dropped yesterday -- some important security fixes are in it
#snarfedone critical fixed exploit can get you owned remotely by just rendering a jpeg in the browser
#tantekgood, another reason I'm glad I didn't waste time upgrading to 10 :(
#snarfedwe can try to avoid the whether to upgrade software debate...but tantek it's likely that exploit was in 9 too
#aaronpki avoided the heartbleed bug on one of my super old servers because the bug hadn't been written yet in the version of openssl it had ?
#tanteksnarfed, yup, definitely a YMMV thing. In my experience, best not to to upgrade major (integer) versions unless there is a very specific strong positive reason you need to. Because they always break things you were depending on.
#tantekthe minor versions (decimal) versions however are always a good set of bug fixes, and I've never seen a decimal version upgrade break anything
#snarfedyup, it's a tradeoff of feature changes vs risk of getting hacked, losing accounts (/money), unknowingly letting your phone be part of a botnet like the one that took down Dyn the other day...
hs0ucy joined the channel
#snarfedsecurity is definitely a tragedy of the commons thing, like vaccinating. there's real value in helping herd immunity.
#tanteksnarfed, re: security, the decimal versions tend to fix those bugs
#tantekwithout actual citations, I will dispute that the major (integer) versions actually make security differences
#tantekalso re: the one that took down Dyn, that was cited as being IoT devices like security cameras, I didn't see any reference to phones in any of the articles I read
#snarfedoh agreed. the problem is that afaik there's no 9.x that includes these fixes for 9, since apple doesn't do long term support for older ios versions
#tanteksnarfed, there's no evidence these bugs were in 9. major security bugs often get introduce in integer version upgrades (another reason to avoid x.0 versions)
#snarfed(re Dyn, yes, hence the word "like." there definitely have been definitely phone updates.)
#snarfedtantek: there's no evidence that it wasn't in 9 either :P since apple doesn't say. other ios exploits have been reverse engineered and found in old major versions, though, so there's definitely precedent.
#tanteksnarfed, the evidence is that major versions add security bugs, e.g. the example aaronpk gave
#tantekso absent counter evidence I'm sticking with that
#snarfedoh definitely! bugs are added and found in all versions, new and old
#snarfedthe openssl exploits are a great example of bugs found in almost decades-old releases
#snarfedboth have happened in ios. we don't know when this specific one was introduced.
#snarfedyour stance is definitely important for security ppl to understand though. lots of people (maybe most) prioritize functionality over security. we have to figure out how to work with that and still keep software secure. we mostly don't know how to do that yet.
wolftune and shiflett joined the channel
#tanteksnarfed, indeed it's a challenging set of trade-offs for security people
#tantekI think a conservative security person stance here would be to insist on decimal security updates to software for the hardware lifetime of those devices.
#bearit's made harder when you have some items that can be updated on their own schedule and others that are part of a bundle (like all core iOS apps/features)
#tantek2. a proposal for how to minimally markup a checkin post such that the "check in" user intent is captured, with sufficient information, re-using existing formats / properties and only adding one property to h-entry, p-checkin: https://chat.indieweb.org/2016-10-24#t1477349895913000
#tantekso unless someone finds any gross flaws in the reasoning of those two brainstorms, I'm going to write them on the wiki as a next step. then once they're there, will attempt some prototyping of sorts.
#KartikPrabhutantek: one question, would it be better to use a more "Generic" name than "*-checkin", so that it might be reused in other things. For example "p-name" is generic enough to be used in "h-card" and also in "h-entry". Avoids proliferation of specialised properties
#KartikPrabhuright, there seems to many things like that "read", "watched", "listened"
#tantekaaronpk: agreed with the "forced on that use case" e.g. checking into beers (Untappd)
#tantekKartikPrabhu: yes - the general area of media consumption, whether passive or semi-passive seems like it could use additional brainstorming
snarfed joined the channel
#tantekas someone who posts /read/jam posts, I'm using plain text + emoji until there's a specific use-case that may require something more
#tantek(checkins do require something more since they have multiple pieces of information that need to be conveyed in a way that is otherwise ambiguous, e.g. photos/notes with location info)
#tantekone possible interesting case of the "checking into media" thing is the checking into a live broadcast case, where it is an actual "event" as it were, with a specific time (even start / end times) and a virtual "location" (whatever channel / frequency / URL the broadcast is occuring on)
#aaronpkoh speaking of which, some checkins on foursquare are checkins to events too!
#tantekinteresting - in that case, would a u-checkin that was a URL to the h-event be sufficient (and work?)
#tantekor is there a need to distinguish when the event started, and when you actually got there (checked into it)
#aaronpkthe venue manager can create events and when people check in at specific times, the app prompts the user to choose the event to check in to also
#tantekso... to answer your question aaronpk, if we wanted to capture ALL the information, e.g. what time you checked into the movie as distinct from when the movie *started*, your p-checkin h-event would have your actual checkin time and movie theater venue, then also have a u-* (TBD) property that would link to the actual Event (movie instance) you were checking into
renoirb joined the channel
#tanteknormally we try to re-use terms from iCalendar, however "related-to" is pretty useless, especially since the actual meaning is captured in the "reltype" param of the "related-to" property
#tantekwhich starts to smell a lot like microformats.org/wiki/existing-rel-values
#tantekwhich are by design global, rather than scoped to a specific property like "related-to" (even if generically named, is scoped to iCalendar)
#tantekso it would be reasonable to introduce a new rel value like "parent-event"
#tantekexcept that we now (and have for a while) frown upon mixing use of 'rel' and 'class' in a microformat (because it introduces sufficient confusion of when to use which attribute as to result in much more authoring confusing and bad data)
#tantek(same reason we switched from e.g. rel=in-reply-to to u-in-reply-to)
#tantek(and then didn't even bother with rel values for likes reposts etc. and use u-like-of etc.)
#gRegorLoveI don't think most 4sq events are associated with a specific time, though. Maybe a date or date range at best.
#tantekgRegorLove: they are, it's just not shown to you
#aaronpksetting the times there enables that event to appear in the app during those times
#tantekwhich then raises the question, can an event have a parent that is not just another event?
#tantekwould u-parent be sufficient as a property for h-event to refer to a containing h-event
#gRegorLoveFor movies I've definitely seen options that are not showing at that time, which is what made me think it's a date or date range granularity
#aaronpkour indiewebcamp events could be considered to be under the umbrella of the indieweb organization
#aaronpkgRegorLove: they probably just set the time wrong
#tantekor presumably if the event was already posted somewhere (like a movie or concert)
renoirb joined the channel
#tantekh-entry / p-checkin h-event / dt-start (checkin time), u-location (URL to the actual event, movie, concert etc.)
#tantekso then the question is, is that too loose a use of p-location / u-location, or does it completely make sense that a "location" could be a spacetime location, and thus an h-event?
wolftune joined the channel
#tantekok with that extended use question of p-location to the channel, off to do a few other things - discuss amongst yourselves!
KevinMarks, wolftune, mlncn, friedcell, snarfed, KevinMarks_, renoirb, shiflett and pindonga joined the channel