Expanding collections on delivery
-
@eyeinthesky @silverpill @technical-discussion outboxes are HTTP resources (commonly), and we use that HTTP resource's internal semantics (via HTTP POST, which is specified to mean exactly this) to publish and deliver.
the idea of a "server" is actually a lot less real than most would think. you have an application listening on TCP port 443 that you can talk to with TLS and HTTP, but after you send it the HTTP POST, everything else is completely opaque internally.
@eyeinthesky @silverpill @technical-discussion i would say the most consistent answer is that deliveries are done by an HTTP agent which delivers a constrained LDN (AS2 document with exactly 1 activity). this role *might* be played by the same software handling the outbox, but it doesn't have to be.
sending http agent -> POST -> ap outbox -> [internal interfaces] -> delivering http agent -> POST -> inbox
the [internal interfaces] can be anything, including HTTP POST
-
@eyeinthesky @silverpill @technical-discussion i would say the most consistent answer is that deliveries are done by an HTTP agent which delivers a constrained LDN (AS2 document with exactly 1 activity). this role *might* be played by the same software handling the outbox, but it doesn't have to be.
sending http agent -> POST -> ap outbox -> [internal interfaces] -> delivering http agent -> POST -> inbox
the [internal interfaces] can be anything, including HTTP POST
@eyeinthesky @silverpill @technical-discussion in most cases right now the [internal interfaces] are probably hardcoded function calls in the codebase between e.g. outbox controller and delivery workers. the outbox controller could do synchronous delivery inline if it wanted to, but async is more advantageous usually
-
@eyeinthesky @silverpill @technical-discussion outboxes are HTTP resources (commonly), and we use that HTTP resource's internal semantics (via HTTP POST, which is specified to mean exactly this) to publish and deliver.
the idea of a "server" is actually a lot less real than most would think. you have an application listening on TCP port 443 that you can talk to with TLS and HTTP, but after you send it the HTTP POST, everything else is completely opaque internally.
@trwnh @silverpill @technical-discussion "Servers" are the term in the spec for what implements the AP side-effects. If Alice's *server* has access to Bob's follower collection, then it can be resolved and processed for delivery. This doesn't mean that Alice's "outbox" (if that even exists internally beyond the HTTP endpoint) has access to Bob's followers collections. The spec actually doesn't say anything about that AFAICT.
-
@trwnh @silverpill @technical-discussion "Servers" are the term in the spec for what implements the AP side-effects. If Alice's *server* has access to Bob's follower collection, then it can be resolved and processed for delivery. This doesn't mean that Alice's "outbox" (if that even exists internally beyond the HTTP endpoint) has access to Bob's followers collections. The spec actually doesn't say anything about that AFAICT.
@eyeinthesky @silverpill @technical-discussion sure, but the "server" can have any internal architecture it wants -- monolith, microservice, etc -- and at the level of HTTP (the most common instantiation of AP, because AP uses HTTP semantics), you are talking to outboxes. you could deliver to inboxes yourself (and there might be good reasons to do this instead of expecting outboxes to deliver for you!) but you don't get to talk to a "server" directly, just an HTTP Host/Resource
-
@eyeinthesky @silverpill @technical-discussion sure, but the "server" can have any internal architecture it wants -- monolith, microservice, etc -- and at the level of HTTP (the most common instantiation of AP, because AP uses HTTP semantics), you are talking to outboxes. you could deliver to inboxes yourself (and there might be good reasons to do this instead of expecting outboxes to deliver for you!) but you don't get to talk to a "server" directly, just an HTTP Host/Resource
@eyeinthesky @silverpill @technical-discussion if you had some way of messaging a resource (via some other scheme's assumed protocol) then you could use that. but that's semantically equivalent to HTTP POST (send a message to a resource and it will process it with its own semantics)
-
@julian so, let's start from the beginning: this is already in ActivityPub, always has been, and removing it from ActivityPub would be a grossly backwards-incompatible change. So, I would fight very hard against even considering removing this valuable feature.
Second, a already covered some of the main use cases, and I won't reiterate them. One they didn't mention was making followers-only conversations actually useful. If I create a
Notelike this:{ "@context": "https://www.w3.org/ns/activitystreams", "type": "Note", "id": "https://social.example/note/1", "attributedTo": "https://social.example/user/100", "to": { "id": "https://social.example/user/100/followers", "type": "Collection", "name": "Evan's followers" }, "content": "Hello, followers!", "context": "https://social.example/note/1/thread" }A reply by one of my followers should address everyone who the original post was visible to:
{ "@context": "https://www.w3.org/ns/activitystreams", "type": "Note", "id": "https://other.example/note/2", "attributedTo": "https://other.example/user/200", "inReplyTo": "https://social.example/note/1", "to": "https://social.example/user/100", "cc": "https://social.example/user/100/followers", "content": "Hello, back!", "context": "https://social.example/note/1/thread" }Another application is private groups. If the members of a group are represented as a Collection, then sending an activity to that collection is a private, members-only message. There's some discussion of this in in the Groups TF explainer:
Groups
Repository for the Groups Task Force of the SocialCG
groups (swicg.github.io)
Features in the ActivityPub spec were designed to be really flexible and useful beyond narrow applications, allowing interesting extensions and new kinds of interactions. "Mastodon doesn't do that" is a bad reason to not support a feature.
-
@evan The groups (private groups, specifically) aspect is the reason why I brought up this topic at all — it was mostly for my understanding of the spec because to my knowledge, there weren't many collections being passed around in recipient fields; the only one being
/follower, which isn't always resolvable.The same issues would occur around private groups... a public group publishing something a
/memberscollection would be addressable, but not a private group or one whose membership list is hidden.All threadiverse softwares work around this by having the group itself be the distributor, and so you needn't address a members collection, you just need to ensure the group itself is addressed. The rest is implied (which HA! I bet @trwnh@mastodon.social has much to say about implied behaviour)
-
@evan The groups (private groups, specifically) aspect is the reason why I brought up this topic at all — it was mostly for my understanding of the spec because to my knowledge, there weren't many collections being passed around in recipient fields; the only one being
/follower, which isn't always resolvable.The same issues would occur around private groups... a public group publishing something a
/memberscollection would be addressable, but not a private group or one whose membership list is hidden.All threadiverse softwares work around this by having the group itself be the distributor, and so you needn't address a members collection, you just need to ensure the group itself is addressed. The rest is implied (which HA! I bet @trwnh@mastodon.social has much to say about implied behaviour)
> group itself be the distributor
well, naturally, i would suggest addressing both the group and its members. just like you would address both a person and their followers. or a moderated conversation and its audience. the way inbox forwarding works is that someone has to do the forwarding from their inbox.
> list is hidden
you don't need to know the items. that's private info, and you just need the id to be understood by the forwarder (who will themselves know the secret items)
-
> group itself be the distributor
well, naturally, i would suggest addressing both the group and its members. just like you would address both a person and their followers. or a moderated conversation and its audience. the way inbox forwarding works is that someone has to do the forwarding from their inbox.
> list is hidden
you don't need to know the items. that's private info, and you just need the id to be understood by the forwarder (who will themselves know the secret items)
@trwnh@mastodon.social I thought inbox forwarding between instances was a non-starter per the AP spec because you cannot guarantee that the activity hasn't been tampered with.
I thought it must be paired with a signature of some sort.
-
@julian If forwarded activity doesn't have a signature (FEP-8b32 or LD signature), you can fetch it by its ID. Mitra does this. Not all activity IDs are dereferenceable (hello Mastodon), but some are
