Recently, there was a discussion about generic #ActivityPub servers.
-
@steve @silverpill i assume the Undo would have a result that describes that? so Undo(Follow) might have a result of Remove from Follow.actor.following+Follow.object.followers in theory. for the other way around the Follow doesn't have a result but the Accept(Follow) has a result of Add to Follow.object.followers+Follow.actor.following
but i think Follow is a bad example because it really should be subscription record management instead, ideally.
@steve @silverpill the other question is if this level of explicitness is useful. the answer AP spec gives is "no, just assume every server SHOULD do this".
and a tangent for follows: they are too stateful. you send Follow and Accept and someone knowing about those two might assume you are a follower now but not be aware of later removal or undoing (of either the Follow or Accept). this is broken in practice for years because Follow/Accept follow is not expressive enough
-
@steve @silverpill i assume the Undo would have a result that describes that? so Undo(Follow) might have a result of Remove from Follow.actor.following+Follow.object.followers in theory. for the other way around the Follow doesn't have a result but the Accept(Follow) has a result of Add to Follow.object.followers+Follow.actor.following
but i think Follow is a bad example because it really should be subscription record management instead, ideally.
@trwnh @silverpill Yeah, it's not the only bad example of side effects specified in AP. Most of the side effects are optional (SHOULD) and outbox delivery (federated or local) isn't described as a side effect. I think that's one of most significant side effects of posting an activity to the outbox.
-
@steve @silverpill the other question is if this level of explicitness is useful. the answer AP spec gives is "no, just assume every server SHOULD do this".
and a tangent for follows: they are too stateful. you send Follow and Accept and someone knowing about those two might assume you are a follower now but not be aware of later removal or undoing (of either the Follow or Accept). this is broken in practice for years because Follow/Accept follow is not expressive enough
@steve @silverpill it's why mastodon went with the concept of "stamps" as http resources that could be fetched to retrieve latest state (200 / 404). you no longer need a complete ordered history of activities and you don't need to calculate the current state from those activities.
subscription records would work the same way and could be extended to allow subscribing only to certain activities instead of an unfiltered everything
-
@trwnh @silverpill Yeah, it's not the only bad example of side effects specified in AP. Most of the side effects are optional (SHOULD) and outbox delivery (federated or local) isn't described as a side effect. I think that's one of most significant side effects of posting an activity to the outbox.
@steve @silverpill in theory POST to outbox should publish the activity, and should trigger the delivery algorithm based on audience (which is another thing handled poorly compared to even smtp which it tried to copy...)
imo that should be part of the protocol contract, and the idea of "side effects" unfortunately muddles that. the guarantee should be built into the outbox delivery algorithm and an outbox should signal this algorithm is in effect.
-
@steve @silverpill in theory POST to outbox should publish the activity, and should trigger the delivery algorithm based on audience (which is another thing handled poorly compared to even smtp which it tried to copy...)
imo that should be part of the protocol contract, and the idea of "side effects" unfortunately muddles that. the guarantee should be built into the outbox delivery algorithm and an outbox should signal this algorithm is in effect.
@steve @silverpill now if only AP had officially defined conformance profiles to this effect... (the "activity publishing profile" and the "notification delivery profile", to be clear)
-
@trwnh @silverpill I agree about the name and the extraneous external FEP references. Even if focused on side-effects, a properly specified FEP on this topic would be a challenge.
I am not sure if generic server is even possible without FEP-2277 and FEP-fe34. Maybe duck typing (FEP-2277) could be replaced with hierarchical types, but that would require JSON-LD processing, and I don't want to make it mandatory.
If you're certain that a different flavor of generic server is possible, I can publish the side effects part as a separate FEP. This way we can focus on areas where we are in agreement.
-
I am not sure if generic server is even possible without FEP-2277 and FEP-fe34. Maybe duck typing (FEP-2277) could be replaced with hierarchical types, but that would require JSON-LD processing, and I don't want to make it mandatory.
If you're certain that a different flavor of generic server is possible, I can publish the side effects part as a separate FEP. This way we can focus on areas where we are in agreement.
@silverpill @steve the type information is largely unnecessary and shouldn't factor into handling CRUD, especially if the objects are managed by the client. the authorization/trust model for which activities are allowed to CRUD which objects is important but can be something other than fe34 (such as an explicit access control policy or authorization resource). also multiple CRUD mechanisms may be in use.
-
@silverpill @steve the type information is largely unnecessary and shouldn't factor into handling CRUD, especially if the objects are managed by the client. the authorization/trust model for which activities are allowed to CRUD which objects is important but can be something other than fe34 (such as an explicit access control policy or authorization resource). also multiple CRUD mechanisms may be in use.
@silverpill @steve regarding as:result itself there are some other ideas that have come up in past years so good to discuss those in a more focused thread:
- either marking activities as the "result of" (maybe "in response to"?) another activity could update the other activity to refer to the later activities, or the "result of" property is defined as a @\reverse property of as:result
- quote stamps currently use result for the stamp itself, not a Create activity for it -
@silverpill @steve regarding as:result itself there are some other ideas that have come up in past years so good to discuss those in a more focused thread:
- either marking activities as the "result of" (maybe "in response to"?) another activity could update the other activity to refer to the later activities, or the "result of" property is defined as a @\reverse property of as:result
- quote stamps currently use result for the stamp itself, not a Create activity for it@silverpill @steve also the server's main responsibility being publishing and therefore needing to mint an identifier for the top level activity, we should ask if the server is expected to assign any inner ids as well? assigning ids changes the graph so it's not clear cut. <how does the server know *which* ids to assign and which ones not to?> is an open question (and maybe blank node identifiers are actually in practice required to avoid ambiguity?)
-
@silverpill @steve also the server's main responsibility being publishing and therefore needing to mint an identifier for the top level activity, we should ask if the server is expected to assign any inner ids as well? assigning ids changes the graph so it's not clear cut. <how does the server know *which* ids to assign and which ones not to?> is an open question (and maybe blank node identifiers are actually in practice required to avoid ambiguity?)
@silverpill @steve so we might need to recommend that these "side effect" activities in as:result SHOULD have fragment identifiers, to be able to refer to them later? or do we intend to never refer to them later? we could say they're transient activities so don't need to be referred to later (only processed in-order).
lastly as:result itself maybe doesn't have these semantics defined, so should a subproperty or different property be used, or do we skip non-CRUD results?
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@silverpill @steve so we might need to recommend that these "side effect" activities in as:result SHOULD have fragment identifiers, to be able to refer to them later? or do we intend to never refer to them later? we could say they're transient activities so don't need to be referred to later (only processed in-order).
lastly as:result itself maybe doesn't have these semantics defined, so should a subproperty or different property be used, or do we skip non-CRUD results?
-
@silverpill @steve also the server's main responsibility being publishing and therefore needing to mint an identifier for the top level activity, we should ask if the server is expected to assign any inner ids as well? assigning ids changes the graph so it's not clear cut. <how does the server know *which* ids to assign and which ones not to?> is an open question (and maybe blank node identifiers are actually in practice required to avoid ambiguity?)
-
@silverpill @steve regarding as:result itself there are some other ideas that have come up in past years so good to discuss those in a more focused thread:
- either marking activities as the "result of" (maybe "in response to"?) another activity could update the other activity to refer to the later activities, or the "result of" property is defined as a @\reverse property of as:result
- quote stamps currently use result for the stamp itself, not a Create activity for it
-
@silverpill @steve the type information is largely unnecessary and shouldn't factor into handling CRUD, especially if the objects are managed by the client. the authorization/trust model for which activities are allowed to CRUD which objects is important but can be something other than fe34 (such as an explicit access control policy or authorization resource). also multiple CRUD mechanisms may be in use.
-
I am not sure if generic server is even possible without FEP-2277 and FEP-fe34. Maybe duck typing (FEP-2277) could be replaced with hierarchical types, but that would require JSON-LD processing, and I don't want to make it mandatory.
If you're certain that a different flavor of generic server is possible, I can publish the side effects part as a separate FEP. This way we can focus on areas where we are in agreement.
-
@steve @silverpill now if only AP had officially defined conformance profiles to this effect... (the "activity publishing profile" and the "notification delivery profile", to be clear)
-
@steve @silverpill in theory POST to outbox should publish the activity, and should trigger the delivery algorithm based on audience (which is another thing handled poorly compared to even smtp which it tried to copy...)
imo that should be part of the protocol contract, and the idea of "side effects" unfortunately muddles that. the guarantee should be built into the outbox delivery algorithm and an outbox should signal this algorithm is in effect.
-
@steve @silverpill it's why mastodon went with the concept of "stamps" as http resources that could be fetched to retrieve latest state (200 / 404). you no longer need a complete ordered history of activities and you don't need to calculate the current state from those activities.
subscription records would work the same way and could be extended to allow subscribing only to certain activities instead of an unfiltered everything
