In addition to turning off their API, #Twitter has also inexplicably turned off access for users to sign in to Flipboard and other platforms with Twitter SSO.
This is an unacceptable breach of trust between Twitter and their developers and users. Twitter must be held to account here.
As you know, this goes on, and on, and on with platforms that assume they control a monopoly.
The only way to avert these disasters is via proper exploitation of loose-coupling that's been delivered on a platter by the #Web.
Right now, I am a little concerned about #Mastodon #API overshadowing the #ActivityPub protocol re loose-coupling of clients and severs across the #Fediverse.
Most think this is okay, but we've seen this movie before++
Yep.
Open protocols are the ultimate protection against inevitable compromise.
Only implementing a part of the #ActivityPub protocol weakens the #Fediverse as an open #SocialMedia collective comprising loosely-coupled clients and servers.
/cc @Mastodon
@kidehen I agree with you. [edited]
It's not sustainable to build a new social graph around every type of experience.
We should have apps that create activities that go into one social graph, and that draw on that one social graph.
@mike you should keep building on the API. I think it's the right move.
Eventually we'll have a more standard API, the ActivityPub client API, and you can use that standard one or the Mastodon one or both.
Again, how is it that you don't glean the quest for a client-server implementation of the #ActivityPub protocol from my comments?
The server-server implementation by @Mastodon only addresses part of the problem re loose-coupling of clients and servers across the #Fediverse.
BTW -- This situation is very similar to #Email where even hosted services like #GMAIL support #IMAP4 and #POP3 rather than just #SMTP .
I hope my position is clearer now?
/cc @mike
@evan @kidehen @mike Credit where credit is due as well - making ActivityStreams an RDF vocabulary was a really great idea that allows the social graph to represent objects/concepts/etc. which nobody contemplated when it was made.
The trouble is, as with all great RDF things, getting people to parse it as RDF and not its serialization format (JSON-LD here) so they aren’t broken by novel but conformant uses of ActivityPub/ActivityStreams.
@evan @kidehen @mike (also I realize you don’t need your own thing explained, but I didn’t want to leave context out for anyone browsing the thread who might not know what “creator of GNU Social” means, and “RDF was an excellent choice” on its own is confusing to anyone who isn’t familiar with the underpinnings :))
I don't know whose idea it was to make AS2 based on JSON-LD. Definitely not mine; I assume James Snell's.
If I remember correctly, it was already assumed by the time we started the WG. We may have had some conversation about it during the group meetings.
I think @jasnell had done a draft of AS2 previously as an RFC for IETF maybe? It may have been JSON-LD back then.
@evan @ZiggyTheHamster yeah that was me. The original ietf version was not JSON-LD, but it was switched quickly after a few discussions around it. It adds complexity, yes, but also a great deal of processing flexibility. It was critical that we also maintained that "It's just json" feel to it tho, which is why we constrained the serialization.
@evan @mike @kidehen fwiw pleroma implements C2S in case anyone wants to try it out.
also: this is the issue for implementing that on mastodon https://github.com/mastodon/mastodon/issues/10520
I haven't said anything about "every type of experience" so I don't understand how you've drawn that conclusion.
A little more confusing is the fact that you say "Eventually we'll have a more standard API, the ActivityPub client API, and you can use that standard one or the Mastodon one or both." which is my fundamental point.
I explicitly said:
Options are better for the #Fediverse than a product-specific #API re loose-coupling of clients and servers.
What did I miss?
/cc @mike
I didn't say or insinuate that. I was simply expressing concern about the server-server centricity of @Mastodon in relation to its #ActivityPub support.
Simplest example is #Email where #SMTP plays the role of #ActivityPub re moving #mbox docs across outboxes and inboxes; with #IMAP4 (a client-server protocol) handling retrieval.
Even #GMAIL supports #IMAP4 (and #POP3) while also having its own #API.
@Mastodon should operate in similar fashion is my point
/cc @mike
Good thing that's come out of this conversation is the emergence of a comparative stack for those unfamiliar the general pattern for interacting with inboxes and outboxes unleashed via #email.
#GMAIL is the hosted equivalent of @Mastodon.
#SMTP is the server-server protocol for delivering #mbox docs to inboxes and outboxes.
#IMAP4 is the client-server protocol (implemented by GMAIL but missing from Mastodon).
#ActivityStreams is the mbox payload equivalent.
@evan @kidehen If you mean a pubic API façade for the Mastodon API, that may be impossible. Mastodon has an #ActivityPub inbox endpoint, but it does not have an Activity inbox per se (the received activities are not stored, just applied to the Mastodon data store).
I would be interested in the opposite direction (and possible). So we have an ActivityPub C2S endpoint, and convert it to Mastodon.
This is probably still hard, but should be possible by adapting any existing software supporting the Mastodon API + ActivityPub. The hard stuff is: Who gets to manage the ids?
@helge why do this?
@steve @kidehen yeah, I haven't looked closely enough at the Mastodon API to say for sure.
But you can do some reverse engineering.
If you have a stream of objects, each of those has a Create activity.
Edited items can get an Edit activity.
A collection of likers can be interpreted into Like activities.
IDs will be incorrect or missing. Dates will be wrong or missing.
It's imperfect but façades always are.
@bhaugen @evan @mike Imagine if #GMAIL only offered an #API without support for #IMAP4. The tradeoffs would be quite negative i.e., no additional experimentation required.
Every modern #email app supports #IMAP4 for interacting with inboxes and outboxes managed by a mail server.
Email is a generic function. Sociality via a #Fediverse should be similar. All that's required is support for the client-server aspect of the existing #ActivityPub spec
@mike If only we knew how to do that, eh?
@mike I'm just in shock over how he's ruining any sort of trust in the system. On top of all the other insanity, choosing to break the oauth logins is just something you can't come back from. It's meant to tie people to your platform. A useful benefit.
It's basically as dumb as his plan a while back to block all outgoing URLs.
@mike just let Twitter go, mate. Musk is riding it into irrelevance.
@mike Seems like a pretty clear case of tortious interference with contract. If you're not already on the line with a lawyer, I'd get on it. It's not hard to draw a direct assertion that Twitter did this with the knowledge that it would cut users off from services that may be seen as competitors (like Flipboard).
@mike The only thing to do is to stop using bird app.
@mike @Gargron Believe me, I know how much this sucks for your business and customers, but their surprises are predictable: https://mastodon.social/@chockenberry/109795779112103138
It also feels great in a few months to be rid of all their bullshit. Good luck.
@mike This is one reason I always choose to create accounts directly using my email and a password. Not even a Facebook or Google Log in.
You never know when that 3rd party could up and vanish or cut off access.
@mike @Gargron unacceptable to whom? By what mechanism do you propose they be held to account?
Don’t get me wrong, I’d love it if this were true. But I think the reality is that the only reckoning they will face is bankruptcy, which will probably happen fairly soon regardless of this sort of death-throes flailing.
In the future we should all try to avoid this sort of service dependency without enforceable, binding contractual agreements.
@mike
Could it just be broken, they don't seem to have any clue anymore.
@wilford i hope that's the case. Will be digging in more tomorrow to understand better.
@mike Maybe that's why my WordPress blog wasn't syncing to Twitter.
@mike This is interesting, I just tested the Twitter SSO integration in our LMS #OpenOlat and it still works. Wonder if it does not work with Flipboard due to request limitations on Twitters side. I think I‘ve read that a certain number of API calls are free.
In any case it is stupid to not allow making use of the SSO API, this obviously rather turns user away from Twitter than binding them…
@gnaegi Thanks. We will check this out. cc @JsonCulverhouse and @greg
@mike Hey Mike, your background picture is great, I am getting wet hands… ;-) Hav a nice day!
@gnaegi Hah! Yes, that was from climbing in the Gunks last fall.
@mike Just curious, how do you propose holding Twitter to account?
I mean I would love it if it could be done but it seems Musk only cares about the effect on Tesla stock price which is back upto 200$ a share.
He doesn’t seem to much give a damn about peoples opinions nor even people leaving the platform.
@mike we have to remember that when we don't pay for the product and there is no contractual bonding, this might happen (a service closing or a part of the service). We have to build our own infrastructures as society or pay for them. #FOSS is not so different, if it's for free it might go away the same way. Even paid services might go bankrupt...
@mike we are holding them accountable by abandoning Twitter
They’re a company with a proprietary product. If they want to burn trust that’s their mistake to make
@mike I was curious to see what happened with SSO. Not surprising but disappointing.
You mean the "login with twitter" thing? This has the potential of locking people out of their accounts
@mike it certainly works against them. It seems like a really unsmart move.
@mike Been a Flipboard user for over ten years and was so pleased this last February that it had integration with the Mammoth app. It’s been a very nice game changer️
@Precis just saw this. Makes me very happy to hear that Tom.
@mike the writing was on a wall for a while, though. Why would anyone trust Twitter SSO after all the recent events?
@mike ruh roh. I need to get into medium