This interview with the author of & has some interesting criticisms of :

"The W3C editors haven’t provided a level playing field and I truly believe the specification is now worthless as a unifying force for the free web. [...] Any opportunity for free web unification using a common stack has probably been lost. Ironically, I believe this was ActivityPub’s primary goal, and that makes the specifications [...] flawed — critically."

HT @strypey

@wu_lee 👆 This was a good read about the creation of protocols, the #fediverse, #hubzilla and #activitypub. Thanks for sharing!

@wu_lee Presumably someday ActivityPub version 2 will come along and fix some of ActivityPub's deficiencies. And surely Eugen will gain experience over time.

Perhaps, @ocdtrekkie - but McGirvin (the Zot author) makes it sound like and aren't in the same category.

"These [zot] features [nomadic identity, decentralised access control] are totally alien to most every other network and service and you can't just create a patch to make them work. It's a completely different way of looking at the world and would take a complete re-write of most projects to realise or make compatible."

@wu_lee Yeah, those are definitely different things, though I am not sure how much I like those things. They add a lot of concerns I think are best avoided.

If you're saying is overcomplex, that might be valid - I wouldn't know.

But wanting to migrate your identity and set privacy settings on that identity's data, surely that *is* valid? Everyone knows how awkward it is to change your email address, which is why people get locked into Yahoo or Hotmail or wherever.

In fact I bet there's a lot of users at wishing for that feature right now:



Ive not used hubzilla, I'd be interested to hear what your concerns are?


@dazinism I don't know if I'd say I have specific concerns, just a lot of doubt about the idea of you being able to log into arbitrary federated servers without having to fully trust every single server in your federation.


Does a "nomadic identity" imply any more trust than you would if you deleted one account and created a new one elsewhere?

If you can do this does it mean you do it frequently and arbitrarily?


@wu_lee Obviously if you log into two different Mastodon instances, from a trust standpoint, you are two different identities, each trusting a given instance to maintain that identity.

But if, as Hubzilla seems to claim, you can log into your identity from a different server, doesn't every server have the ability to impersonate you?



Presumably you need to trust servers you use in both cases.

But not necessarily allow them to impersonate you (e.g if the messages are signed in your client).

Servers all need the same degree of trust.

The difference is, with you can't take your identity (followers have to be sought out and notified the new ID), in you can (the ID is host-independent).

But I would defer to people like @strypey who seem to have studied closer than I.


@wulee @dazinism @ocdtrekkie I only know what I've read, and gleaned from chats over the #fediverse with some of the app devs (incl. Mike)
@wulee @dazinism @ocdtrekkie ... and I'm not a dev myself, so anything I say about protocols is best taken with a grain of salt.

@strypey @wu_lee @dazinism I live in the same space. I code enough to be dangerous, and I work in IT, but there's definitely people who can wrap their head around this better than me.

@ocdtrekkie @wulee @dazinism I know enough CLI and Git to be dangerous, but my coding doesn't get much beyond Hello World (yet) ;P
@wulee @dazinism @ocdtrekkie but I presume there was a question about the privacy model in #Zot?
@wulee @dazinism @ocdtrekkie ( sometimes struggles to reconstruct threads involving users on #Mastodon instance)

@wu_lee @strypey that was interesting ; he has had a pretty amazing career. His perspective on protocol as being merely a "gentleman’s agreement" seems a bit naive given his experience. There are significant social, political & historical dimensions to protocol development, that cannot be simply brushed aside and ignored. The w3c, to their credit, try to work with those messy dimensions.

@edsu @wulee true, but I think his point was that protocols and standards only work if they help achieve consensus between implementers ...
@wulee @edsu standards bodies, even W3C, can't make all apps of a certain type use common protocols simply by publishing a standard.

@strypey @wu_lee no of course not, but that's not really what the w3c is trying to do. they try to bring implementors together agree on what the standards should be. it's certainly not perfect by any means.

@edsu @wulee exactly, which is why @mike is right that protocols are ultimately a "gentleman's agreement"

@strypey @wu_lee I disagree. Implementors do not act merely as individuals, but often as participants in larger social projects. Also, I really bristle at the idea that it is only "gentlemen".

Mike MacGirvin's said: "There’s nothing magic about a protocol. It’s basically just a gentleman’s agreement about how to implement something."

Strictly that statement is about protocols, not standards committees (W3C).

A "gentlemen's agreement" here means one which is loose and/or bound only by fidelity, not literally gentlemen or exclusivity thereof.

Seems uncontroversial to me: standards should not be too loose. But they do need implementation fidelity to be useful.

@edsu @strypey

What I think MacGirvin's trying to convey overall is that protocol standards are often:

a) too vague
b) too specific
c) not strictly followed, both by accident and on purpose.

And thus they don't work as well as they might.

The author and others apparently concur: has some of a), does some of c), and this makes their work harder and less effective.

@strypey @edsu

comes off lightly here because we only hear MacGirvin's side, and I gather it has no W3C support nor 3rd party implementations.

@edsu @strypey

Hmm, case in point: that @ mike mention links to his Hubzilla channel somehow but Mastodon's web UI doesn't open it like a mention...

@strypey @edsu

@wulee @edsu true, #Zot has no #W3C support, but not for lack of trying on Mike's part according to his comments in the article.
@wulee @edsu it sounds like the #SocialWG just put many of the problems #Zot *already solves* (eg #NomadicIdentity) in the #TooHardBasket
@wulee @edsu but #Hubzilla is still the only app that supports every other app (via OStatus, Diaspora and AP) despite them not  speaking Zot

@strypey @wu_lee maybe this is unfair of me, but the interview made it sound like he thought his technology was superior, which maybe it is — and not like he was willing to engage in compromise at the w3c.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!