Beady Belle Fanchannel@Profpatsch@mastodon.xyz

Home | Notifications | New Note | Local | Federated | Search | Logout

Beady Belle Fanchannel@Profpatsch@mastodon.xyz

~ Kissed by a rose on the grey ~
Warrior / struggling / to remain / consequential (In my Raspberry Heaven〜)

home: https://profpatsch.de
check out: https://codeberg.org/flohmarkt/flohmarkt
Joined: 2026-03-26 04:54:27
14 notes, 0 following, 0 followers


Reply to @Profpatsch@mastodon.xyz
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-04-10 14:21:24)
Things that come to mind:

* Inbox signature validation is very vague
* jsonld is a complex standard that introduces a need for libraries, leads to slowdowns and blows up the implementation surface
* Interaction schemes like quoting requests lead to nontrivial state machines

In general: any MAY in a definition explodes the possible things that can go badly.
Which is why I think we need to use a different approach from how e.g. RFCs are structured


Reply to @Profpatsch@mastodon.xyz
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-04-10 14:14:43)
I'm thinking of replying in a blog post as someone who has spent the last three months actively developing a fediverse application (#flohmarkt).

But the most critical thought: I miss a discussion about reducing implementation complexity as much as possible. The standards leave much "wiggle room" for implementation, which I think is partly to blame for the "whack a mole" nature of support


Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-04-10 14:11:30)
Arnold Schrijver (@smallcircles) just published a fairly long thinkpiece on the future of ActivityPub and the fediverse and how we could achieve a grassroots improvement of the standards. It's well worth a read! 

https://coding.social/blog/grassroots-evolution/#fediverse-tomorrow

#activitypub #fediverse #FEPs #fep #fedidev


Reply to @silverpill@mitra.social
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-31 05:58:32)
@silverpill

 
@i

 That is very cool and I don’t know how I haven’t seen it before; it kinda invalidates part of the nlnet funding ideas that I wanted to apply for :)


Reply to @i@declin.eu
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-31 03:59:38)
@i The thing is that it’s really not useful to define super generic terms that are not even pointing to existing implementations, and could have any semantics.

We need a report about what is actually used, and exactly how.


Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-31 03:47:29)
The cool thing about the Activitystreams Activity Vocab RFC is that it’s nearly completely useless for any practical implementation purpose …

#activitypub


Reply to @silverpill@mitra.social
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-26 23:24:12)
@silverpill @liaizon Another issue I noticed: “set a max request/response size” means that we are essentially forced to implement paging of outboxes both on client and server


Reply to @silverpill@mitra.social
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-26 23:20:56)
@silverpill @liaizon What does this mean? “Follow redirects, but set a limit. Request must be re-signed after every redirect.”

do you mean I have to check the new http signature on every 30x response? I don’t believe that can work??


Reply to @Profpatsch@mastodon.xyz
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-25 23:20:51)
@liaizon @silverpill I want to write a blog post on this at one point, but I don’t know if I missed anything or misunderstand things.


Reply to @Profpatsch@mastodon.xyz
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-25 23:19:29)
@liaizon fwiw I made & deployed some security improvements, the current security mechanisms are documented in https://codeberg.org/Profpatsch/Profpatsch/src/commit/249aa389a2023814b328af8fc795750fd28d995d/users/Profpatsch/activitypub-go/security.md

maybe @silverpill wants to take a look at whether this all sounds sensible?


Reply to @liaizon@social.wake.st
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-25 08:33:36)
@liaizon Haha, that might be true. I did link it in the post, right now it lives at https://codeberg.org/Profpatsch/Profpatsch/src/branch/canon/users/Profpatsch/booster-bot and https://codeberg.org/Profpatsch/Profpatsch/src/branch/canon/users/Profpatsch/activitypub-go


Reply to @liaizon@social.wake.st
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-25 08:16:40)
@liaizon yeah, it’s published, but currently I’d not feel comfortable being listed anywhere, the code is really rough and I haven’t really made sure it’s free of security issues


Reply to @liaizon@social.wake.st
Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-25 07:54:17)
@liaizon Right now it’s two golang files that do a half-assed job at implementing activitypub


Beady Belle Fanchannel@Profpatsch@mastodon.xyz (2026-03-25 07:27:37)
New post: Can we have a more “social” media?

https://profpatsch.de/essays/a-more-social-media

On advertising, the Fediverse, and what a more human social web could look like.

Special mentions: @smallcircles, @phnt, @happy-programming 

#fediverse #activitypub #socialmedia #writing #essay