Back

the main contention is a disconnect between #ActivityPub as a spec and #fediverse as a protocol/network. a lot of problems cited were with the fediverse as implemented, wishful thinking about what could be changed in spec, many backwards-incompatible, mostly in service of making fediverse impl less painful.

there is a recurring refrain about implementers deciding they don't care to implement AP as specified, and that this indicates a problem with the spec, not a problem with implementers.

2/?

i think this disconnect between #ActivityPub and #fediverse honestly goes a lot deeper than people might realize. and that is because the problem AP tries to solve is actually completely different from what fedi is trying to do.

the concept of a nebulous but mostly singular "network" or "protocol" (made up of partially overlapping parts) is core to what i'll call "fedi mindset". the assumption is that you can join the fedi "network" by implementing the fedi "protocol". and that AP is this.

3/?

but this assumption starts to break down when you look a little closer.

first, consider #ActivityPub C2S. why is there close to zero usage of this in #fediverse software? simple: it doesn't solve any needs for building a "network" "protocol".

now consider S2S. why are there zero compliant impls in fedi? because AP as specified doesn't address the needs of fedi. what does fedi need? well, i find it telling that the "real" reason AP was adopted was... to implement followers-only posts.

4/?

which is to say: the primary reason that #ActivityPub is used (to the extent you can say it is being used at all) in the #fediverse is mostly historical.

fedi grew out of a long line of open protocols, and before AP was adopted, it was at the point where people primarily used "activity streams" as their vocabulary and data model, stuffed into atom feeds. atom feeds don't do private posts unless you make an entirely new access-controlled feed, possibly with a token of some sort. hence, AS2.

5/?

when #ActivityPub was being standardized alongside AS2 it basically had two compelling reasons for what would become the #fediverse to adopt it:

- it was built on AS2, which was an evolution of AS1, which was already being used. so it wasn't hard to make the jump.

- it made followers-only posts possible, because while atom feeds *could* do this, it was wildly inconvenient to actually do it that way. posting something private to an inbox is a lot simpler, no juggling access control tokens.

6/?

but beyond that, what does #ActivityPub actually do for #fediverse as a "network" "protocol"? basically nothing. you have a basic mechanism for delivering activities directly to subscribers, but no specified shape or structure for that payload. and you still need a lot of other specs to end up with something that talks to the "network". even with AS2 vocab, you need more vocab extensions to express things you want to.

simply put, AP is not enough for a "protocol" to build a "network".

7/?

but before you build a "protocol" for a "network", consider: what even is a "network", in this context? and, here's the hot take: do you even *want* that kind of "network"? do you want a separate reified #fediverse network?

because the answer that #ActivityPub gives is actually a different one. There is no "AP network", because AP as a protocol is not enough to build a concrete network. it is intended to provide, and exists in context of, the larger #Web.

8/?

this is the fundamental divide between #fediverse thinking and #Web thinking, where #ActivityPub straddles the line between both.

i've seen it said that the "open-world assumption" at the foundation of the Web is actually an undesirable thing for a "social networking protocol", and as a consequence, specs built on that open-world assumption are "completely unsuitable" for that "protocol".

but do we need a "social networking protocol"? do we even need "social networks" in the first place?

9/?

to build the #fediverse as its own "social networking protocol" then seemingly requires that we instead go with the closed-world assumption, contrary to the #Web

it requires ahead-of-time communication and coordination, where implementers need to be willing and available to talk to any other implementer, and this load grows with every new implementer.

it requires you to be aware of other extensions, present and future, because your extension might conflict with someone else's extension.

10/?

the way extensibility works in a closed-world #fediverse is that "every implementer talks to every other implementer". or maybe there is a central registry of extensions that everyone submits to their authority, as stewards of the "protocol" that is used to build the "network". this trades out the n:n relation between implementers and other implementers, for an n:1 relation between implementers and the central registry.

the way extensibility works in an open-world #Web is you just do it.

11/?

the challenge in closed-world systems is how to scale communication and coordination as the number of implementers grows. without a central authority, it almost inevitably leads to power coalescing in the hands of the few most popular or largest implementations, who become the "de facto" standard and get to mostly do what they want, and everyone else mostly has to follow if they want to be compatible.

sound familiar? it should, because this is the model that the #fediverse follows today.

12/?

indeed, the #fediverse is more closed-world than open-world. you see this in the so-called "rejection" of json-ld among presumably the majority of fedi implementations. because for the most part, AS2 lets you ignore json-ld. it only matters for extensibility, and (specific criticisms of json-ld aside) json-ld also mostly allows you to ignore it.

so why do people still complain about it?

well, there is the concept of "context" in json-ld, which represents shared understanding.

13/?

when i say "john knows sally", there are several ambiguities. we can solve ambiguities by disambiguating. one way to disambiguate is to be explicit about what any term or symbol means. one way to be explicit is to use uniform identifiers.

in particular, http/https uris have some convenient properties

- they have authority, so you can qualify an id based on who's assigning it.
- you can use the authority component as a namespace
- you can fetch the uri and it might return something useful

14/?

so let's say john is example.com/john and sally is example.com/sally

what do we use for "knows"?

well, there are multiple senses of the word "knows":

1) is aware of the existence of
2) is familiar with
3) is having sexual intercourse with

we mean definition 1. so we might use example.com/vocab/knows/1

now we have the statement:

<example.com/john> <example.com/vocab/knows/1> <example.com/sally>

this is unambiguous, but we can go one step further: we can provide definitions at the uri

15/?

say some random person sees the statement above. they don't know who john or sally are, and they don't know what "knows" means in this context.

well, if we do a little work upfront, they actually *can* know what all of these terms mean, **without ever asking us directly**

we put a resource on example.com for each of these terms, and each resource describes the subject of that identifier -- it is a "resource descriptor".

the resource for knows/1 can define itself explicitly with a schema

16/?

so at minimum we have the following schema for knows/1

- how to represent it in plain text: "knows"
- how to define it: "is aware of the existence of"

the RDF Schema gives us `label` and `comment`, as defined by the RDF Schema.

- :label "knows"
- :comment "is aware of the existence of"

but we need to know what "label" and "comment" mean as well! not to worry, we qualify those terms with the rdfs namespace:

- rdfs:label "knows"
- rdfs:comment "is aware of the existence of"

17/?

now at this point you're probably wondering what this has to do with social networking. and on a practical level, if you're just interested in building a "social networking protocol", this is mostly all extraneous.

the part that implementers have to deal with is the notion of "context" and, more specifically, how json-ld handles it, and even more specifically, what to do when two shorthand terms conflict.

remember, the open-world solution is namespacing. what does closed-world do?

18/?

well, let's look at `actor`. in AS2 terms it refers to the entity that performed an activity. but in schema.org terms it refers to someone playing a role in a movie or other performance.

in a closed-world sense, you don't want to be aware of context. you don't want to have to deal with it. but even so, you still have an "implicit context" that you are using, based on how you define each term in your own understanding, what you hardcode into your software.

19/?

what json-ld does, or what it allows you to do, is explicitly declare a `@context` that is equivalent to your "implicit context".

this works fine if there is only one declaration that is shared exactly between two parties, but it gets complicated when the "implicit context" differs or isn't an exact match.

this means that there cannot ever be a singular #fediverse network, because the "implicit context" differs between each software project. the only guaranteed overlap is the AS2 one.

20/?

but it's not like AS2 didn't think of this. they wrote in this requirement: https://www.w3.org/TR/activitystreams-core/#extensibility

> Activity Streams 2.0 implementations that wish to fully support extensions MUST support Compact URI expansion as defined by the JSON-LD specification.

note, you aren't required to implement all of json-ld. you just need to handle the bit where you can identify the equivalence between a uri and some arbitrary string.

but #fediverse mostly decided this is too hard, and ignore context.

21/?

now there's a few thoughts i have here:

#fediverse culturally seems to ignore a lot of other things as well. they ignore http caching for example. they ignore http status codes like 301 Permanent Redirect. these requirements are arguably more important than context, and they *still* get ignored.

in fact, most fedi software is mostly just reimplementing Web browsers, but with what they consider to be the "bare minimum" of compliance. and the web they let you browse is smaller than the Web

22/?

are these things part of the "protocol"? how far does the "protocol" extend to cover? because, as we established, #ActivityPub is not enough to build a fully functional #fediverse -- and a lot of extensions and additional specs are things that ought to be included in this "protocol", insofar as this "protocol" is desirable.

the other thought:

if you ignore things, that means there are cases you're not handling, losing out on robustness. ignoring context is to ignore shared understanding.

23/?

so what do you actually lose out on when you ignore json-ld context?

you first have to fall back to the "implicit context", where AS2 terms are generally agreed upon, but nothing else is guaranteed.

take something like `discoverable` from mastodon. what does it mean? well, it means whatever is defined in the mastodon codebase and documentation. so we could represent that as http://joinmastodon.org/ns#discoverable or shorten that with a prefix. but if we do, then most #fediverse will choke on that.

24/?

this is because #fediverse is ignoring context. the implicit context is that `discoverable` means `http://joinmastodon.org/ns#discoverable` but they don't know that. so they can't actually handle the extension in its fullest form.

what AS2 calls out as "full support for extensions" requires being able to identify this equivalence and handle it. again, fedi does... let's call it "partial support".

the "implicit context" is now a hardcoded but unstated requirement of this "protocol".

25/?

which is to say: #fediverse software generally expects LD-aware producers to compact against their own "implicit context", but they don't always define that context. it's left undeclared and undefined. or it actually *is* declared, but if you give them their own expanded form then they'll not understand it.

it's like someone saying hey, when i say "knows", i mean "is familiar with"

and then you say "john is familiar with sally"

and they respond WTF? what does "is familiar with" mean?

26/?

it's like... you literally just told me "knows" = "is familiar with", but because of your own ignoring of your own context, you can't handle me saying "is familiar with"?

in this way, as long as the #fediverse remains ignorant of context, they will remain fragile and without any sort of robustness in their "protocol".

the alternative they have is to extend the only context they share, which is the AS2 one. but this doesn't solve the problem. it just officially blesses a single term.

27/?

if you want to turn "activitystreams" into a "protocol" then sure i guess you can do that

but why? what are the needs we're trying to address here? of what purpose is your "protocol"? social networking? you want a "social networking protocol"?

before you convince people that a "social networking protocol" is necessary, you have to convince people that a "social network" is necessary.

but more importantly, you are contrasting that "social networking protocol" against the "social Web".

28/?

i am personally more in favor of a "social Web" than a "social network".

what i want to do is make it easier for anyone to make a website, and to manage that website.

i want those websites to be able to link to each other in well-defined and clearly-understood ways.

i want to make friends and express myself to the fullest, in varying contexts on various websites, without context collapse.

but it feels like #fediverse is more interested in replicating the "social network" paradigm.

30/30

addendum 31/30

there's a whole lot of things i could say about "how we get there" but the thread was getting long enough and i want to cut it off here and clean it up into a blog post or something, without drifting too far off the original topic which was to voice my thoughts about the divide itself

addendum 32/30

there's a separate thought experiment you could do about what it really takes for a "social networking protocol" because honestly you don't even need http. you can do "social networking" over xmpp or email or whatever. or invent your own way to send bytes over tcp/udp/whatever (inb4 xkcd)

seriously tho, newsletters and deltachat and movim and a bunch of other things show that you can do it

now available in html form, uri not guaranteed to resolve forever https://trwnh.com/unstable/fedi-vs-web.html

@ anyone who asked for a blog post, this is next closest thing, i don't really have a proper blog set up and i kinda don't wanna think about it right now

@trwnh linking, which as you point out is key – to people – depends on regular people being able to share their names. I learned a long time ago that most people aren't good at groking the HTTP part of links, because the structure of links is actually really complex. When you mention xmpp and email, the identifier is the thing that makes both of those networks work.

For me, "fedi" or "AP" or the social web or whatever we want to call it has always been about making personal identity linkable.

@trwnh when the first round of "social networks" were built, the first thing that got added to the databases were a "users" and a "friends" table, because "the web" doesn't (didn't?) have that.

Decentralizing that is a radical act, and the sorts of things that we can do with a linked [bi-directional] web of people is infinite and bounded only by our imaginations. AS and AP actions and data formats and C2S are, as I think you're saying, just stubs for rebuilding the old world in a new way.

@trwnh (useful stubs, and important, hard things to agree on – I don't want to diminish the work of folks on those aspects in any way! Just that I hope we don't limit our imaginations based on the standards of today)

@trwnh fun fact, webfinger actually supports URLs and [in theory] phone numbers!

The key (and this is a social science and cultural insight, not technical) is that when you ask someone's "name" or "address" they need something that's unambiguous, personal, and opaque in the sense that it works everywhere (online / distributed, it needs to be globally unique, too) or they won't use it.

Bare domains aren't ideal because (1) they're expensive and (2) management is hard.

@blaine tumblr made it work so idk if it's "ideal" per se but they definitely had a cultural thing going for quite a while with "dot tumblr dot com" even being a meme at some point

it can't be too hard to manage tbh, the modern version of this is atproto handle services that do nothing but allocate you a subdomain for use on bluesky

@trwnh yup! My long-standing argument is that "jesus of nazareth" *is* the same thing in a social context as an email address / webfinger address, and that "[person] in [context]" is something that's seared into how we do social cognition, whether it's "[name] [family name]" or "[family name] [name]" – i.e., the format per se doesn't matter so much as the recognition that names-for-humans are different from http-style links with e.g. paths and query strings, etc.

@blaine there might not be an authority for a phone number but i think it can be handled more like a combo of "local dns resolver" + "registry of phone number". sure in many cases with identifiers that have an authority component you can just use their webfinger if they have one, but i think it would also be cool to be able to use your own webfinger and "proxy out" as needed, in the same way that dns does it

@trwnh lolsob. This is/was the whole point of webfinger ("It's DNS, for people") but the mastodon implementation kind of missed that part. But it's trivially possible to do that.

My ideal is to have one "personal address" [per life context, e.g., work, family, social, etc] that points to different stuff I'm sharing in different contexts, with tagging to indicate in which contexts it the various feeds/etc might be useful. e.g., a tech-focused mastodon feed, a pixelfed feed for family, etc.

@trwnh .. and *critically* for what I think you're saying, there's nothing preventing linking from a webfinger profile to e.g. a wiki or a webpage of any sort, or another identifier like a phone number or a signal account. Again, this is all stuff that informed the original design of webfinger, over 15 years ago now

@blaine yup, more or less. the only difference i'd make is that instead of having multiple feeds for mastodon/pixelfed/etc i'd rather it was all done via the same identity

one of the things that i wish were implemented broadly is support for `streams` -- arbitrary collections that you could post into and other people could follow. to my knowledge no one other than google+ has done it. and, well... we know how google+ went...

@trwnh oh, totally. To be clear, the way I imagine it is that to end users, it all looks like a single identity, and which feed/stream is negotiated based on the context you're using the identity. So, e.g., my main public profile might be "blaine@bcook.ca", and if someone tried to follow me on mastodon, they'd get my "short text notes" stream, and if someone else tried to follow me from pixelfed they'd get my "square format insta-like-social photos" stream.

@trwnh I'm doing some extreme handwaving over content negotiation and defaults and all of that, but maybe one interesting thing to raise at this point is that once we get here, "blaine@bcookc.ca" isn't a mastodon account – it's me, a person, with all the facets that I want to share with people who have that name to call me by.

It also means that I bring my identity with me into different social contexts, and that means trust, too. And links to other parts of me, etc.

@trwnh anyhow, for my part, all that's to say that I remain excited for the future, and it's really great to see folks like you posting threads like the above, pushing the boundaries of what we think of as "fedi" and "ap" and so on!

@trwnh @blaine i guess authority isn't the word for that but there's relrefs and absolute refs at least. not sure i follow the proxy out metaphor tho

@blaine @trwnh uuuuugggghhhhh i wish i could unlearn that hideous namespace governance

@blaine @by_caballero i was thinking more that you could declare a tel: as one of your "aliases" at your authoritative wf and then it percolates through the rest of the system

@trwnh @by_caballero since tel: is extremely fraught, especially nowadays with insane phone spam etc, a Signal/WhatsApp/etc address might be a good alternative example?

I particularly like the "established encrypted messenger" example because the wf->[rel=messenger]-> lookup could get Fedi encrypted DMs "for free."

(obviously lots I'm glossing over that make it more complicated, but in theory it'd be less complicated than many alternatives)

@blaine @trwnh wen cryptocoin address

@by_caballero @trwnh omg do not get me started on ens

@oblomov yeah, there's the old "it's like email but for websites!" which isn't terribly inaccurate, but that's honestly more a consequence of "HTTP POST to ldp:inbox" than anything else in AP. the side effects for each activity kinda stray from that model and go into almost RPC-like territory. there's also some potential redundancy with HTTP verbs, but that's because HTTP verbs don't notify arbitrary audiences (although i guess they could do that with a header!)

@trwnh actually what made me think of “extensions of email and newsgroups” was more the object structure, but on second thought that's more an ActivityStream characteristic than an ActivityPub one, although an actual implementation of the C2S part of AP would still fit the bill in some sense.

(Yeah, the lack of usage of DELETE and PATCH surprised me initially, but the fact it would have needed to also define how to propagate them partially explains it.)

@TritTriton idk but it doesn't seem like it at first glance. i'm thinking more about something that shows up in a web browser, combined with another thing that lets you author and manage web resources more easily than current tooling

@TritTriton it's more like "ugh can we go back to blogs and forums and then build from there? we took a wrong turn with the rise of social media"

@polotek me personally? i'm not much of a coder, i'm way better at designing a system and describing how it should work, not so much actually building it. although i am in talks with some folks who seem interested, so uh... maybe check back in like 5 years? or heck, possibly even two if we're lucky!

@trwnh good luck