@promovicz @laurenshof @evan It does worry me though, and there's a reason it's so personal to me. The lack of signing of messages and content-addressing have lead to serious issues that, while ATproto does worse than us on the aspects of power distribution, it does better in terms of content survivability and portability, and these are things I thought were important *all the way back in ActivityPub standardization*, but we couldn't get to yet.

There is no "technical problems vs social problems" dichotomy. Social situations influence technical design, and technical design informs the kinds of social systems that are possible. Protocol development is all of this, mass multiplied.

sure this is all very bad for activitypub but this is truly amazing content

@promovicz @laurenshof @evan And for whatever it's worth, I think there are solutions to these things. EITHER ActivityPub or ATproto could incorporate the good ideas of the other and solve the parts the other lack.

And I can write down to do it. And I have, scattered across bits and pieces.

But it requires getting ecosystems to move, and it's very depressing trying to do that. I don't have the time in my life to sit through meetings trying to convince them that they need to solve the problem right now. So I just focus on building the directions I think matter.

I could write it all down though, and let everyone else do the fighting to make it happen, I suppose.

But I don't have power over the ATproto or ActivityPub worlds, really. The implementers of both do, and both have huge stakes and biases towards their own things, and investments in the directions they already are convinced they should go. I have a say, and an ability to critique, and people listen to me, but only sort of.

@cwebber @promovicz @laurenshof @evan I think one of the problems we’ve had in general is that signing things is a bit of a nightmare. Not just from a non-repudiation perspective (ActivityPub is pretty crap at this - though workable workarounds sort of exist.. - but I doubt ATProto is much better) but from a revocation and propagation of outdated/deleted information perspective.

Why do we not sign things? Because we don’t have a revocation story and also because indirect relaying gives up all sorts of control. Why is ATProto a bit more flexible here? Because they gave up that control to begin with.

If the signatures had expiries (which as far as I remember, they don’t!) you could imagine a world where when you click the boost button on my post, you ask my server for a copy of the post that’s signed and carries a short lived signature and then you would relay the post alongside that signature; but then it turns out that one of your followers is on a server that I blocked and now my post is there and, as a general rule, the Fediverse has decided that this is unacceptable (despite being unenforcible in general!), mostly as a consequence of the fact that we don’t have any form of 3rd-party-enforcible reply controls (I wish we had that, maybe it’ll come as an evolution of Mastodon’s quote controls…)

(And yes, LD Signatures suck, but all signature formats suck in some way or another and signatures are a primitive that it really sucks to build things around. But that’s a whole separate discussion!)

@promovicz @laurenshof It's "entertaining content" for sure, but what it also gets at is not just the technical side of things, but the social one, and how we are caught between both, and our systems are the output of the conflicts between technical goals and social dynamics.

@evan is my friend, and I'm not super proud of that exchange, because I lost patience publicly, because this is a sore issue for me. But of course, you tear things back, and Evan and I had a nice chat afterwards, and actually have hung out quite a bit before and since, and behind all of that, both of us were going through things in our personal lives.

And yet the decisions we make in these messy social dynamics influence the kinds of technical systems which in turn influence the kinds of social systems we can have!

@promovicz @laurenshof Really trying hard not to say anything too spicy after reading that exchange. Suffice it to say, I strongly agree with @cwebber

@cwebber @promovicz @laurenshof @evan I think one of the problems we’ve had in general is that signing things is a bit of a nightmare. Not just from a non-repudiation perspective (ActivityPub is pretty crap at this - though workable workarounds sort of exist.. - but I doubt ATProto is much better) but from a revocation and propagation of outdated/deleted information perspective.

Why do we not sign things? Because we don’t have a revocation story and also because indirect relaying gives up all sorts of control. Why is ATProto a bit more flexible here? Because they gave up that control to begin with.

If the signatures had expiries (which as far as I remember, they don’t!) you could imagine a world where when you click the boost button on my post, you ask my server for a copy of the post that’s signed and carries a short lived signature and then you would relay the post alongside that signature; but then it turns out that one of your followers is on a server that I blocked and now my post is there and, as a general rule, the Fediverse has decided that this is unacceptable (despite being unenforcible in general!), mostly as a consequence of the fact that we don’t have any form of 3rd-party-enforcible reply controls (I wish we had that, maybe it’ll come as an evolution of Mastodon’s quote controls…)

(And yes, LD Signatures suck, but all signature formats suck in some way or another and signatures are a primitive that it really sucks to build things around. But that’s a whole separate discussion!)

@cwebber @promovicz @laurenshof @evan I think this whole exchange is a good look, honestly!

You appear frustrated, about a technical problem that is important to you (one that resonates with me!), you don’t fall back on any weird personal attacks, just get loud.

Evan takes it in step and responds nicely.

I could have gasped when i read Evan’s reply and it’s so nice. That’s not how internet exchanges work!

Anyway, this thread reads like real people having a heated and respectful discussion about stuff they feel strongly about. Well done.

@promovicz @laurenshof It's "entertaining content" for sure, but what it also gets at is not just the technical side of things, but the social one, and how we are caught between both, and our systems are the output of the conflicts between technical goals and social dynamics.

@evan is my friend, and I'm not super proud of that exchange, because I lost patience publicly, because this is a sore issue for me. But of course, you tear things back, and Evan and I had a nice chat afterwards, and actually have hung out quite a bit before and since, and behind all of that, both of us were going through things in our personal lives.

And yet the decisions we make in these messy social dynamics influence the kinds of technical systems which in turn influence the kinds of social systems we can have!

@thomasfuchs @laurenshof ATProto is the result of corporate minded techbros, to produce yet another #DTBO #SocialMedia aiming at making people a product.

Thinking ATProto is anything else is deeply naive.

I'll yake ActivityPub with its *features* of no algorithm tracking me. Every tracker is a bad idea, every collection should be made a liability, so they stop seeing us as meta data cows.

Long live the #fediverse, free of #bluesky and ALL corporate walled gardens

@faraiwe @thomasfuchs @laurenshof i hope you're aware that activitypub is just as public as atproto and that there is nothing stopping someone from creating/running the "tracking algorithms" you claim atproto does by default on this network

@anders Thanks, those are nice comments.

I should also note that I'm not averse to Christine's ideas around using digital signatures for verifying content. They can improve performance by short-circuiting some verification that would require fetching the content over HTTP.

I do disagree that they are the *only* way to improve that performance, and that it's worth breaking backwards compatibility of the network in order to enable digital signatures.

@cwebber @promovicz @laurenshof

@laurenshof I didn't think it was that bad at all.

@faraiwe @thomasfuchs @laurenshof i hope you're aware that activitypub is just as public as atproto and that there is nothing stopping someone from creating/running the "tracking algorithms" you claim atproto does by default on this network

@evan As a newbie to the tech end of decentralized spaces, I’m curious as to why you don’t think it should be “verify, then trust” or other alternatives that don’t allow bad actors to get at people who are not tech-savvy.

@trishalynn Sure! So, there are two main events that happen here:

- The server receives the third-party data
- One of the server's users reads the third-party data

There are usually at least a few minutes, and sometimes a few hours or even days between these two events.

@trishalynn The question is, when should the server *verify* the third-party data?

To be conservative, at the very least, the third party data should be verified before one of the server's users reads it.

@trishalynn If the user is online when the data is received, there may be no time between the time the data is received and when the user reads it.

However, most users aren't online most of the time. There's a strong chance that there are minutes, hours, or days between when the data is received and when it is read.

@trishalynn If the user is online when the data is received, there may be no time between the time the data is received and when the user reads it.

However, most users aren't online most of the time. There's a strong chance that there are minutes, hours, or days between when the data is received and when it is read.