Let's figure things out together instead of just in isolation.

@nutomic @rimu

Most importantly though it won't matter unless you get @nutomic@lemmy.ml and @rimu@piefed.social on board.

FEP-5219: Groups and permissions

It introduces a new collection called affiliations, which is intended as a single source of information on who is allowed to do what (within a specific domain).

The FEP is mainly concerned with FEP-1b12 groups, but the affiliations collection could also be attached to Application actors, and be used in a way you described in FEP-baf5: Administrator Collection

My understanding from a reading of the relevant section from fe34 suggests a claim of A → B is reciprocal if there is an inverse claim B → A.

Yes, and in my understanding these claims are:

- This actor is authorized to delete/update this object.
- This object is hosted on the server where this actor is an administrator.

But I don't insist on importing this concept.

I would want to point out that keeping with prior art has the benefit of making this FEP much easier to adopt by threadiverse implementors.

I consider myself a threadiverse implementer too, and I don't really like the idea of dealing with ambiguous properties :)

At the very least, could you add inbox and outbox properties to the Application actor example? https://codeberg.org/devnull/feps/src/branch/instance-admins/fep/baf5/fep-baf5.md#instance-actor-and-application-actor

Correction: it's just a single mention that makes me appear, people tend to confuse me with a genie but we're quite different.

(Also I saw other replies here but had an MCAS attack hangover today so didn't have energy to reply. I'll try to reply soon)

While true, this is outside the scope of the FEP. Update/Delete were mentioned in the FEP as they are recognizable, but this sort of explicit authorization* is relevant to any activity type. Offer, Undo, Bite, Zooboomafoo, etc.

* I have to be careful when I use the term "authorization" because if I say it three times @thisismissem will show up and start talking about OAuth2/OIDC again.

I don't know if this is truly a reciprocal claim. My understanding from a reading of the relevant section from fe34 suggests a claim of A → B is reciprocal if there is an inverse claim B → A.

fe34 solidifies the concept of same-origin trust (which iirc is only something like a line or two in AP spec?). baf5 builds upon that with an additional opt-in specificity. So baf5 assumes fe34 compatibility, but not the inverse. But we're splitting hairs I think <img class="not-responsive emoji" src="https://activitypub.space/assets/plugins/nodebb-plugin-emoji/emoji/android/1f604.png?v=f187f9278b7" title=":smile:" />

The argument as to whether a custom property fits better is certainly valid, and worth debating. However, I would want to point out that keeping with prior art has the benefit of making this FEP much easier to adopt by threadiverse implementors.

Wasn't aware this was a problem? Figured the redirects would be okay.

The canonical location of a FEP is on Codeberg, but no, it is not a problem.

#2 I suppose supercedes is the incorrect term. It extends fe34, in a way. Would that be acceptable? Definitely not meaning to imply that fe34 is insufficient in any way.

"Extends" is fine, I just think you're describing a reciprocal claim from FEP-fe34, so you could use that term (or maybe FEP-fe34 needs to be updated if "reciprocal claim" is not a good name for this mechanism?)

#2 I suppose supercedes is the incorrect term. It extends fe34, in a way. Would that be acceptable? Definitely not meaning to imply that fe34 is insufficient in any way.

#3 <img class="not-responsive emoji" src="https://activitypub.space/assets/plugins/nodebb-plugin-emoji/emoji/android/2714.png?v=f187f9278b7" title=":heavy_check_mark:" /> okay

Wasn't aware this was a problem? Figured the redirects would be okay.