Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Aug 11 20:52
    @RubenVerborgh banned @mikeadams1
  • Jan 04 20:23
    @RubenVerborgh banned @WebCivics_twitter
  • Jan 04 20:18
    @RubenVerborgh banned @SailingDigital_twitter
  • May 27 2019 06:08
    User @Mitzi-Laszlo unbanned @in1t3r
  • May 23 2019 06:49
    @Mitzi-Laszlo banned @in1t3r
  • May 16 2019 09:49
    @Mitzi-Laszlo banned @mediaprophet
  • Feb 01 2019 22:04
    User @melvincarvalho unbanned @namedgraph_twitter
  • Feb 01 2019 21:49
    @melvincarvalho banned @namedgraph_twitter
tsojcanth
@tsojcanth
yeah, throttling and blacklisting IP is not really good enough, but spam is easier to handle as you can blacklist as you process your inbox. there could be an agent running the blacklist for you, but that involves scheduling tasks somewhere
if there were a header with the user identity (in conjuction with acl:AuthenticatedAgent rather than merely public) it would be a solution.
Michiel de Jong
@michielbdejong
@tsojcanth then you could still get millions of inbox message, they would just come from as many randomly generated webid's
if you only want inbox items from a whitelist then it's easy, then you just edit /inbox/.acl.
tsojcanth
@tsojcanth
@michielbdejong yes but that requires a whole lot more effort
Michiel de Jong
@michielbdejong
ah, interesting
so you are not interested in message from people outside your existing list of friends, but the reason you don't want to restrict it is the effort of maintaining the correct whitelist?
i think you would at least want to allow incoming messages from friends of friends, otherwise you can never receive friend requests?
tsojcanth
@tsojcanth
that is a very good point. is there a tidy way of finding if someone is friend of a friend (beside parsing by hand all my friends' friendlists)?
Michiel de Jong
@michielbdejong
if it's for the purpose of applying the ACL you could just point to the public friend groups of your friends (assuming your friends publish such a list)
if the list of friends of a friend is not public then it's trickier, then you would have to run a copy
because the server can only parse vcard groups if they are either public or on the same pod
but if you have a list of vcard groups then you could quite easily append those to the ACL document
the ACL check would become quite slow though. so if your goal is avoiding DOS then that's maybe not the best route ;)
an attacker could just send lots of failed requests and bring down the server's cpu instead of the server's storage
tsojcanth
@tsojcanth
all good arguments, I must say, thank you. As development goes through I'm just wondering how solid is going to run at scale
Mark Hughes (happybeing/theWebalyst)
@happybeing

Great news for gitter/gitlab users...

https://mastodon.cloud/@SAFEpress/104954241524753961

3 replies
^^ Gitter is moving to Matrix!
Matthew Hodgson
@ara4n
\o/ :)
no more @matrixbot :D
Mark Hughes (happybeing/theWebalyst)
@happybeing
No more gitter app at all - they're going enhance Matrix to include all the extras which gitter has, and make the accounts and chat rooms all accessible from Matrix clients.
Iwan Aucamp
@aucampia
lets just hope gitter remains as an interface for some time
because it is quite straight forward, and easier to get people on gitter than on matrix
Mark Hughes (happybeing/theWebalyst)
@happybeing
They refer to this and other issues in the blog, so hopefully they'll manage the transition well.
tsojcanth
@tsojcanth
is there an example of creating a turtle file with rdflib.js? I'm looking at the documentation and at at https://linkeddata.github.io/rdflib.js/Documentation/webapp-intro.html but I must be missing something
Michiel de Jong
@michielbdejong
@tsojcanth yes, do you want POST or PUT?
tsojcanth
@tsojcanth
put
@michielbdejong I already have a store set up with triples (or quads if necessary) and I think I should be using UpdateManager.put() but it's not clear how
Matthias Evering
@ewingson
Michiel de Jong
@michielbdejong
@tsojcanth http://solid.github.io/solid-ui/examples/notepad/#notepad has an example which uses kb.updater.put
Tim Berners-Lee
@timbl
Is theer a python library for doing solid authentication on the command line?
Michiel de Jong
@michielbdejong
tsojcanth
@tsojcanth
@michielbdejong thank you, all is working now
Michiel de Jong
@michielbdejong
great to hear! :)
Matthias Evering
@ewingson
do we need a password for Solid World this time ?
Michiel de Jong
@michielbdejong
just email address
Matthias Evering
@ewingson
got it @michiel thanx
Fred Gibson
@gibsonf1
I just tried to email for the ESS alpha but the email bounced: alpha@inrupt.com I'm guessing I heard the address wrong
Kelly O'Brien
@InruptKelly
sorry, should have fixed that Fred!
try now
Fred Gibson
@gibsonf1
@InruptKelly Thanks - just resent
Michiel de Jong
@michielbdejong
My talk about Solid at Nextcloud Conference starts now, live-streamed here: https://www.youtube.com/watch?v=PtnbAf8uQ-M&feature=emb_logo
It's a 5 minute pre-recorded video talk + live Q&A afterwards
Michiel de Jong
@michielbdejong
Nicolas Mondada
@nicolasmondada
:+1:
tsojcanth
@tsojcanth
is there a facility in the solid ecosystem for digital signing? it would provide message-level verification and authentication.
Michiel de Jong
@michielbdejong
most people would then probably use w3c-vc's for that
Alain Bourgeois
@bourgeoa