This interview with the author of #Zot & #Hubzilla has some interesting criticisms of #ActivityPub:
"The W3C editors haven’t provided a level playing field and I truly believe the specification is now worthless as a unifying force for the free web. [...] Any opportunity for free web unification using a common stack has probably been lost. Ironically, I believe this was ActivityPub’s primary goal, and that makes the specifications [...] flawed — critically."
Trawling the #Zot hastag. Seems like it's a bit "marmite". Not everyone likes it:
@wu_lee Presumably someday ActivityPub version 2 will come along and fix some of ActivityPub's deficiencies. And surely Eugen will gain experience over time.
"These [zot] features [nomadic identity, decentralised access control] are totally alien to most every other network and service and you can't just create a patch to make them work. It's a completely different way of looking at the world and would take a complete re-write of most projects to realise or make compatible."
@wu_lee Yeah, those are definitely different things, though I am not sure how much I like those things. They add a lot of concerns I think are best avoided.
If you're saying #Zot is overcomplex, that might be valid - I wouldn't know.
But wanting to migrate your identity and set privacy settings on that identity's data, surely that *is* valid? Everyone knows how awkward it is to change your email address, which is why people get locked into Yahoo or Hotmail or wherever.
In fact I bet there's a lot of users at witches.town wishing for that feature right now: https://witches.town/@TheSupreme/99790692010452099
@dazinism I don't know if I'd say I have specific concerns, just a lot of doubt about the idea of you being able to log into arbitrary federated servers without having to fully trust every single server in your federation.
@wu_lee Obviously if you log into two different Mastodon instances, from a trust standpoint, you are two different identities, each trusting a given instance to maintain that identity.
But if, as Hubzilla seems to claim, you can log into your identity from a different server, doesn't every server have the ability to impersonate you?
Presumably you need to trust servers you use in both cases.
But not necessarily allow them to impersonate you (e.g if the messages are signed in your client).
Servers all need the same degree of trust.
@wu_lee @strypey that was interesting ; he has had a pretty amazing career. His perspective on protocol as being merely a "gentleman’s agreement" seems a bit naive given his experience. There are significant social, political & historical dimensions to protocol development, that cannot be simply brushed aside and ignored. The w3c, to their credit, try to work with those messy dimensions.
Mike MacGirvin's said: "There’s nothing magic about a protocol. It’s basically just a gentleman’s agreement about how to implement something."
Strictly that statement is about protocols, not standards committees (W3C).
A "gentlemen's agreement" here means one which is loose and/or bound only by fidelity, not literally gentlemen or exclusivity thereof.
Seems uncontroversial to me: standards should not be too loose. But they do need implementation fidelity to be useful.
What I think MacGirvin's trying to convey overall is that protocol standards are often:
a) too vague
b) too specific
c) not strictly followed, both by accident and on purpose.
And thus they don't work as well as they might.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!