Aaron Parecki

Tara Vancil http://taravancil.com

Whoa, awesome! I see some familiar names on that page. This is my first exploration of the hobby. I've always felt like it'd be something I'd enjoy, and after reading that book, I'm certain of it :)

Portland, Oregon • 38°F

Mon, Jan 8, 2018 8:32am -08:00 (liked on Mon, Jan 8, 2018 8:33am -08:00)
Tara Vancil http://taravancil.com • Jan 6
Today’s library haul 📚

ooh nice, studying for the #hamradio test, or already have your license? I just got mine about a year ago! https://w7apk.com

Portland, Oregon, USA

1 like 1 reply

Mon, Jan 8, 2018 8:27am -08:00 #hamradio
Ben Werdmuller http://werd.io/ • Jan 7
So so so good, and it gives me hope. It’s my birthday and this feels like a present. Thank you.

😮🙈 Happy Birthday!! 🎉🥂🎂

Portland, Oregon, USA • 40°F

1 like

Sun, Jan 7, 2018 8:46am -08:00
@sivy@toot.cafe http://www.monkinetic.blog

"WebSub"

Portland, Oregon • 50°F

Tue, Nov 1, 2016 9:56am -07:00 (liked on Sat, Jan 6, 2018 3:38pm -08:00)
Ben Werdmüller https://werd.io/profile/benwerd

In just over a week I’ll turn 39. They say that your thirties are like your twenties but better; there’s been some truth to that. But what should I definitely do over the next year to close out this arbitrary decade of my life?

Portland, Oregon • 45°F

Thu, Dec 28, 2017 6:32pm +00:00 (liked on Sat, Jan 6, 2018 10:19am -08:00)
gRegor Morrill https://gregorlove.com/

Hello, 2018!

Portland, Oregon • 53°F

Fri, Jan 5, 2018 7:48pm -08:00 (liked on Fri, Jan 5, 2018 8:31pm -08:00)
Randall Degges https://www.rdegges.com • Jan 5
My buddy @aaronpk wrote OAuth 2.0 Servers: https://www.oauth.com/

@muloka print/electronic version available here! https://oauth2simplified.com/

Portland, Oregon, USA • 44°F

2 likes

Fri, Jan 5, 2018 1:51pm -08:00
My 2017 in review megapost: https://aaronparecki.com/2018/01/04/6/year-in-review-2017

Portland, Oregon, USA • 39°F

12 likes 4 replies

Fri, Jan 5, 2018 10:08am -08:00
samim http://www.samim.io/

It's 2018, and new "decentralised / indieweb" projects are still mostly using highly technical jargon / feature descriptions in their advertising & messaging. This has never, and will never work. Talk about values, design and experience instead and people might actually listen.

Portland, Oregon • 40°F

Fri, Jan 5, 2018 6:57pm +01:00 (liked on Fri, Jan 5, 2018 9:58am -08:00)
https://twitter.com/stickermule

@stickermule What happened to the @stickermarket? The site just redirects to the home page now! https://www.stickermule.com/marketplace

Portland, Oregon, USA • 44°F

1 like

Thu, Jan 4, 2018 2:28pm -08:00
Jesse Holden 2018 http://www.jesseholden.com

One more for good measure @spy30hq @SprocketPodcast @junicornmedic @nuggit

Portland, Oregon • 42°F

1 mention

Sat, Jul 8, 2017 2:14pm -08:00 (liked on Thu, Jan 4, 2018 11:01am -08:00) #spy30
Rick Holland https://www.digitalshadows.com/author/rick-holland/

I know we are “all processor vulns all the time right now” but don’t forget .@CES 2018 is coming & bringing with it both vulnerable #IoT devices & ridiculous AND vulnerable IoT devices. Example from last year - smart hair brushes. https://www.nytimes.com/2018/01/03/technology/personaltech/ces-2018.html

Portland, Oregon • 40°F

Thu, Jan 4, 2018 9:38am -06:00 (liked on Thu, Jan 4, 2018 7:50am -08:00) #IoT
Carol Nichols http://carol-nichols.com

┏┓
┃┃╱╲ in
┃╱╱╲╲ this
╱╱╭╮╲╲house
▔▏┗┛▕▔ we
╱▔▔▔▔▔▔▔▔▔▔╲
use ISO 8601
╱╱┏┳┓╭╮┏┳┓ ╲╲
▔▏┗┻┛┃┃┗┻┛▕▔

Happy 2018-01-01!

Portland, Oregon • 41°F

Mon, Jan 1, 2018 8:38pm -05:00 (liked on Wed, Jan 3, 2018 5:40pm -08:00)
The Apple Park Visitor Center is pretty neat. I do wish it was two floors taller so it had a better view of the space ship tho

Apple Park Visitor Center in Cupertino, California, USA

11 likes

Wed, Jan 3, 2018 12:33pm -08:00
Neat #AugmentedReality demo of the new Apple Park building. Pointing the iPad at the scale model on the table shows an animated overlay of what it looks like inside!

Apple Park Visitor Center in Cupertino, California, USA

10 likes 2 replies

Wed, Jan 3, 2018 12:32pm -08:00 #augmentedreality
Paul Frazee✌️ http://pfrazee.hashbase.io • Jan 3
That provides a practical solution to spam. You have to be in the recipient's network to reach them.

That sounds similar to Vouch, a Webmention extension https://indieweb.org/Vouch Would love your thoughts on that.

San Jose, California, USA • 52°F

1 like 1 reply

Wed, Jan 3, 2018 9:47am -08:00
at Gate 28

San Jose, California • Wed, January 3, 2018 9:40am

37.364393 -121.923909

San Jose, California

8 Coins

Wed, Jan 3, 2018 9:40am -08:00
Zegnat https://github.com/Zegnat • Jan 3

#12 Specify RelMeAuth as fallback.

This spec intentionally doesn't specify how users authenticate themselves to their server, it only deals with how third-party clients can authenticate users where their domain name is their identity.

The analogous version of this in RelMeAuth, with Google as an example, is such: as far as the RelMeAuth client is concerned, it sends the user over to Google, and expects Google to handle authenticating the user. This might involve entering their password, optionally followed by a 2fa mechanism like a Yubikey or TOTP code. That is all invisible to the site they're logging in to.

Similarly, IndieAuth clients do not know how users authenticate to their own server, the client just expects to send them off to the authorization endpoint and get back a response later that can be verified.

It is not a good idea for a spec to require any sort of authentication mechanism between the user and their own authorization server, which is something that the OAuth 2.0 spec has also made clear.

Now, the rest of this conversation is essentially continuing the naming debate of indieauth.com vs IndieAuth the spec vs other options we've considered.

I agree with many of @tantek's points, like

... should be it "just works" even if you only setup rel=me

However, that is describing RelMeAuth, not this spec. And as @Zegnat pointed out, even just adding rel=me isn't necessarily going to guarantee that you can sign in to an arbitrary site that supports RelMeAuth, since you need to add a rel=me link to a service that the site you're signing in to supports, which requires that site to register an OAuth application and deal with that service's API.

I'm in the middle of renaming indieauth.com, the goal is that the wiki will redirect users to indielogin.com to authenticate them using the existing mechanisms: RelMeAuth, email, PGP, and IndieAuth. Nowhere in that flow will users see the term "IndieAuth" unless they include a rel=authorization_endpoint link on their website to an IndieAuth server of their choosing.

I definitely agree that signing in to the wiki needs to be as simple as possible. That's the reason I added so many OAuth providers as well as alternate methods to indieauth.com (soon indielogin.com) in the first place. We've even had some people who want to sign in to the wiki but don't have a Twitter or GitHub account and don't want one, which is why I added things like email and PGP authentication options, which were not described by RelMeAuth.

This is all to say that it's not the goal of this spec to include RelMeAuth. This spec is intended to be just the URL-based extension to OAuth 2.0. If "IndieAuth" is not the right name for this spec, that's a different issue.

San Jose, California, USA • 52°F

Wed, Jan 3, 2018 9:16am -08:00 #indieauth
Angelina Fabbro https://twitter.com/hopefulcyborg

FOLKS I have a new favorite image recognition edge case sent to me by @Esquiring

I give you KITTEN or CARAMEL SWIRL ICE CREAM

San Jose, California • 52°F

Tue, Jan 2, 2018 1:41pm -08:00 (liked on Wed, Jan 3, 2018 9:02am -08:00)
at TSA Security

San Jose, California • Wed, January 3, 2018 8:31am

37.364906 -121.924157

San Jose, California

7 Coins

Wed, Jan 3, 2018 8:31am -08:00

older

Aaron Parecki

Hello, 2018!

#12 Specify RelMeAuth as fallback.