Conversation

Notices

1. Hannes (hannes2peer@quitter.se)'s status on Monday, 26-Jan-2015 01:04:04 UTC Hannes
   can someone who's more skilled in ostatus than me write a plugin that makes repeats federate (securely)? pleeeeeease :)
   • Claes Wallin (韋嘉誠) repeated this.
   • Claes Wallin (韋嘉誠) (clackemovedtoheldscalla@quitter.se)'s status on Tuesday, 27-Jan-2015 11:26:47 UTC Claes Wallin (韋嘉誠)

     in reply to
     @hannes2peer Repeats don't federate?
   • MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Tuesday, 27-Jan-2015 13:04:06 UTC MMN-o ✅⃠

     • pettter ✅
     ........yeah. If it wouldn't mess up all the #StatusNet instances out there that will never upgrade (and expect the insecure behaviour).
   • MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Tuesday, 27-Jan-2015 13:10:08 UTC MMN-o ✅⃠

     • pettter ✅
     That'd be solved using the extensibility of XML, rather than versioning :]
     One feed can support all versions at the same time.
   • MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Tuesday, 27-Jan-2015 14:45:33 UTC MMN-o ✅⃠

     • pettter ✅
     Assuming the notice is accessible yes. Might be so that the original is gone and people are repeating because the notice should be shared. (consider that it might have been deleted from its source or is unaccessible because of censorship, and we still want a reliable distribution which we can validate).
   • MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Tuesday, 27-Jan-2015 14:53:53 UTC MMN-o ✅⃠

     • pettter ✅
     Afaik the link is already transmitted, together with a URI. ;)
     But there are subtle issues with this that need careful thought so as not to break either StatusNet, PuSH or generic third party implementation support.
   • MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Tuesday, 27-Jan-2015 15:01:02 UTC MMN-o ✅⃠

     • pettter ✅
     ...that the implementation from #StatusNet simply takes the attached repeat without retrieving or verifying its authenticity in any way.
   • MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Tuesday, 27-Jan-2015 15:39:57 UTC MMN-o ✅⃠

     • pettter ✅
     • ostatus
     Except that it's on the web. HTTP sucks pretty hard. (no requirement on HTTPS in !ostatus :P)
   • kat (boneidol@indy.im)'s status on Tuesday, 27-Jan-2015 16:08:15 UTC kat

     in reply to
     Arent ostatus posts signed with a rsa key pair ? Salmon slap ??? surely that authenticates the post #justasking
   • kat (boneidol@indy.im)'s status on Tuesday, 27-Jan-2015 16:10:38 UTC kat

     in reply to
     @mmn http://en.wikipedia.org/wiki/Salmon_%28protocol%29 RSA signature on posts ?
   • MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Tuesday, 27-Jan-2015 17:39:18 UTC MMN-o ✅⃠

     • pettter ✅
     Doable? Yes. When anyone feels they have time for it? No idea. :)
     But given the newfound popularity (and since repeats are now federated again like that, they weren't for a while), it's definitely higher in my priority list. I do a bunch of quicker, relatively necessary, fixes first though.