#rhiaroeprodrom: At the f2f we had gone through some additional requirements for the document including implementation report template, that kind of stuff, those are all now in the documents
#rhiaro... We also chose to move it from jasnell's personal github to w3c github namespace
#rhiaro... I'll do an issue for a link to the validator from the test documents directory with a readme
#rhiaro... And a link from the validator to ... one thing that I did with this last push is that I moved the test data into the spec document repo, it was easier to keep everything all together. May do that with the validator code too
#rhiaroaaronpk: I just found a random URL in the test suite and dropped it into the validator and it gives a warning that it should have an 'id' property, so I thought that it might be good to check the test suite data actually validates
#rhiaro... Looks like the examples are missing ids
#rhiaroArnaud: we can keep working on the test suite, but good that you point that out
#rhiaroeprodrom: with AS2, there are very few required properties. A name is almost always required, an id is usually required, so we give warnings. We have examples.. one example we have is an empty object. So we have examples that processors should be able to consume and should be able to parse, however when they're put through the validator they'll show warning because they're poor style. Does that make sense?
#rhiaro... If you put an empty document through as2.rocks ... I think need to have a testable system for consumers and we need to have test data that's useful to help them test edge cases, but we also have to have those notifications in the validator for those edge cases
#sandro( Arnaud, I'd like to return to Micropub CR this meeting, soon )
#rhiaroeprodrom: What should your code do? Send an email, fetch a url, put a pin into a map. I'm not sure if there's a correct behaviour we can require out of these processors. What we're looking for is can you parse it, does it look right within your framework
#rhiarocwebber2: I just wanted to follow up; we've discussed this before, AS2 is a vocab and the testing toosl around it don't and can't enfoce side effects. That's what AP and ActivitySub do, they're examples of real requirements of implementing that. This has come up before and we specifically went against requiring side effects to have in the tests, as this isn't specified in the vocabulary
#rhiaroaaronpk: I just want to know how I know if my code is handling it
#rhiaroeprodrom: How would we know that? Ther'es no way to know that? There are a million different things you could do
#rhiaro... We can't require any behaviour out of these systems
#rhiaro... One way you might know is if you're writing a parser and your parser doesn't throw any errors, that's one good way
#rhiaro... So what wev'e done is provide some documents that are known good, and that's about the extent we can go to
#rhiaroArnaud: I'd rather not we have this discussion again, we've gone over it
#rhiaroeprodrom: One thing we could do is are you looking for some comments on this? Like this is a place, this has all the optional attributes of a place... something like that?
#rhiaroaaronpk: The other way to handle that is are there examples of documents that are known bad, so I know that if I parse this document I should see an error? That would help give me something to test
#rhiaro... Otherwise I'm just parsing a json document and tha'ts all I'm testing
#rhiaro... If there are examples of valid json documents that are invalid AS2 documents I can use that to test parsing as2
#rhiarosandro: but mostly I think you have to hand inspect each one. You're supposed to look at the document, read the spec, and see if your app does whatever makes sense to do for that content. That's my expectation of what it means to be a conforming consumer. You can't automate consumer testing of AS2
#rhiaro... That may be something to say prominently on the readme around these files
cwebber-argh joined the channel
#rhiaro... The implementation report around consumers presumably say something like my appication understands what this vocabulary temr means and does something meaningful with it. There's no way to automatically test that given it's all human behaviours.. it turns into some html or pixels on the screen
#cwebber-arghserver I was connected to for irc is unreachable
#rhiaroeprodrom: Yeah the implementation document covers all of the object classes, each property of each object class, the core and extended vocab, and asks whether you implemented that class, and for each property did you implement it, and a place for comments
#rhiaro... So if you implemented audio class but you don't necessarily process wav files or something, you could put that kind of comment into there
#cwebber-arghalso we had a heavy discussion about this in SF and after and came to the conclusions about how to go about testing and etc, I really feel like this has been move forwarded with after already being discussed to death
#rhiarosandro: do you think it's possible peopel might see that and go.. I have a json parser therefore I'm implementing all of this?
#rhiaroeprodrom: We say in our document your application must use this, just passing through unrecognised properties doesn't count as an 'implementation'
#eprodrom"For each core class your application implements, note which properties of the class it uses. Here, "implements" means that your application uses the property directly; just passing through unrecognized properties doesn't count as an "implementation"."
#rhiaroArnaud: I think this is good, still some things to be tied up, but I don't hear anything that would stop us on the CR request
#rhiarosandro: as far as you know we're ready to finish the transition request. Wouldn't hurt for people to give it another read
#rhiaro... Later today I'll look over them both and try to send them
#rhiaro... Evan do you think you'll be able to do your publication today?
#rhiaroeprodrom: I think so. There may be some trickiness with the fact we've moved to a different ED location. I'm not sure if the echidna token stays valid...
#rhiaroben_thatmustbeme: I ran out of the meeting early last time and we resolved to get there. I don't know where to go next. I need to work out with sandro to get a token to publish
#rhiaro... I looked through exit criteria for webmention. Report for GNU Social has a couple of unchecked boxes, I assume that's going to be the case for all implementations
#rhiaro... What happens if we have 3 implementations or 5 implementations, and none of them pass discovery test 17 for example
#rhiaroaaronpk: my understanding is that each part needs to be implemented by at least 2, but no implementation has to implement everything
#rhiaro... If there is something that nobody has implemented we take it out of the spec because it had no purpose. But correct me if I'm wrong
#rhiaroaaronpk: is this non-normative things, or only normative?
#rhiaroArnaud: non-normative is editorial, we can change anything we want
#rhiaro... Between CR and PR you can change anything that's not normative
#rhiaro... Only talking about what impacts compliance
#rhiarosandro: I'm a little fuzzy about the SHOULDs
#rhiaroArnaud: Do you think that we can .. I don't think we can freely change places where the spec says you SHOULD do this.. we can't just take those out or add those
#rhiaroeprodrom: the only thing that I'm getting out of.. looking at the gnu social implementation.. seems like they skipped some of the security and verification suggestions, which I think are that's up to you if you choose not to implement the security ocnsiderations, but if we see a pattern there where we see no-one implements the chekc of not accepting webmentions that are in an html comment, I wonder if that informs any decision making we do later on. Do we
#rhiaro... We're suggesting some verification, validation and security parts of the implementation. We have at least one case where somoene has skipped a lot. If we see people skipping a lot is that cause for concern for us?
#rhiaroArnaud: You could write up an issue to say you think we got it wrong about security and we need to change the spec to make it reuqired
#rhiaro... Then we'd need a new CR and new implementation reports
#ben_thatmustbemeaaronpk, i don't actually see in the spec reference to ignoring links in HTML comments actually
#rhiaroeprodrom: I'm going to keep an eye open. i think that in writing most of our specs we are saying it's okay to do x because you will also do y. It's okay to include this link in your page because you're also going to be verifying the link was in this webmention. It's okay to include unverified properties in your AS2 because you're going to be checking this and this. But if you don't do the checks, i makes those other parts more dangerous
#rhiaro... I'll keep an eye on this. I'll raise it if it seems to be a pattern
#rhiaro... Aaron, for your implementation did you do these security considerations?
#rhiaroaaronpk: My implementation passes all of the webmention.rocks test
#rhiaro... In security I think mine.. I don't moderate, I displya them immediately. I don't reverify. I don't have a byte limit, but I do have a time limit
#ben_thatmustbemei had wanted to show off mf2 -> as2 conversion for SOME things, but my hosting provider is having issues, so i'll hold off on that
#rhiarocwebber2: I thought I'd give an update on activitypub stuff
#rhiaro... One thing is that jessica and I have done some large refactoring of the document that's making things structurally better to reduce effort when we split into two documents
#aaronpkben_thatmustbeme, i don't think it needs to explicitly say ignore links in comments since it says to explicitly look for <a> <img> and <video> and similar tags
#rhiaro... So I have also completely marked up locally everything that needs to be done towards that and am working on that
#rhiaro... Meanwhile jessica merged a couple of issues we'd discussed
#rhiaro... And there's a PR from jessica that we're looking at merging, we just need to refactor it to the existing refactor that just happened. THerew as also some discussion we should have next week about authentication stuff
#rhiaro... I had recently updated activipy to handle the id and type aliases, and as we discussed you don't need @id and @type, we support id and type
#rhiaro... I supported that from a consumption standpoint, but I'm still outputting @id and @type. In a certain sense it's easier for me because I'm using json-ld tooling
#rhiaro... Using the context for @id and @type as aliases is kind of -cwebber2 cuts off-
#rhiaro... Is it mandatory to use them without the @, and we expect all AS2 documents do use them without the @ or is that optional?
#rhiaro... It's not clear in the document currently, it says they're equivalent, doesn't require
#rhiaroeprodrom: that question is above my pay grade
#rhiaro... The way that we've structured the aliases, it's preferable for publishers to output without the @
#rhiaro... But it's still valid AS2 if you have them
#rhiarocwebber2: I'm going to make the change to make it output them without, so I'll do that soon but not immediately if it's still valid
#aaronpkcwebber2: if someone wanted to start getting involved with and using activitypub and activitystreams today, what would you point them towards as far as resources and examples?
#cwebber2aaronpk: for activitypub, the standards doc and the pump.io api page are probably the two clearest pages. As for ActivityStreams, I think the docs I wrote on ActiviPy are pretty clear http://activipy.readthedocs.io/en/latest/