Follow

hey... lowkey, who owns ostatus.org/ ? masto's webfinger responses link to it for schema docs, but... it's like a horny virtual gambling site? 🤔

· · Web · 5 · 10 · 5
@darius @garbados oof :/

if a protocol's gonna enshrine some fixed urls in it, it should go to some care to make sure they're safe and stable

@shadowfacts @darius @garbados These URIs do not need to be resolvable and there was nothing at that address even when the domain was still in the right hands.

@logan @shadowfacts @garbados @darius It's a unique identifier for a type of relationship between the current resource and another resource.

@Gargron @logan @shadowfacts @garbados it could have been literally any string, like a hash, but web nerds like to think URIs are the One True Universal Identifier so they use those

@darius @logan @shadowfacts @garbados If it can be any string, then why not a human-readable URI? It has sufficiently unique namespacing and conveys semantic meaning: This is part of OStatus 1.0 and it's the "subscribe" relationship. As opposed to what, looking up what a56f78 means across all possible specs? "Somebody might click on it" is a strange argument when the only people looking at it would be developers and we could expect them to understand that URIs are not necessarily resolveable.

@Gargron@mastodon.social @darius@friend.camp @shadowfacts@social.shadowfacts.net @garbados@herd.bovid.space

than perhaps not a full URI?

if it's not meant to be resolved than it should ideally never be in a position to be able to be resolved.

@logan @shadowfacts @garbados @darius It's in a "rel" tag. It's in the same space as "self" or "alternate". It's already not in a position to be resolved. Either way it's an artifact of a 2010 protocol draft, and nobody involved in it is actively developing fediverse software today. It is still widely in use, and the issue of resolvability does not impact the functionality in any way.

@Gargron @logan @shadowfacts @garbados The original point in this thread was it still sucks that attempting to resolve it gets you spam. It's an emotional response. I don't understand why you are being so insistent that it's wrong to feel bad about it.

@darius@friend.camp @Gargron@mastodon.social @shadowfacts@social.shadowfacts.net @garbados@herd.bovid.space

as a person who is not a web dev, i find it rather refreshing that someone is being straight.

let me tell ya though , this kind of thing would probably not pass in like application code.
you wouldn't expect to copy NULL and have it be pointing to 56 instead of 0.
🤷‍♂️ whatever though.

@logan The finer technical point here is that if you copied the string "NULL" and put in say a web browser URL bar, you wouldn't expect it to resolve to a google search for the word null, but that is indeed what happens. Eugen's point is that given where it appears, you should basically know better than to try and resolve it. My point is that people were just kinda bitching about it and that's okay too.

@Gargron @logan @shadowfacts @garbados Okay I was being cheeky there, the point is it could be "ostatus-1.2.4-official" or whatever. It is just weird nerd stuff to insist on theoretically resolvable URIs. I say this lovingly, as a bit of a weird nerd myself.

@darius @Gargron @logan @shadowfacts @garbados Yeah. Additionally, it’s a common forgetfulness that URI doesn’t *just* mean URL. It’s fine to gave URIs that aren’t Locators. For example: urn:ostatus/subscribe is a perfectly valid URI even if not a valid URL you can plug into a web browser.

Why use a Locator if you don’t plan anything to locate there? There are some other URI types beyond URLs.

Nitpicking 

@darius @Gargron @logan @shadowfacts @garbados Nickpicking my own post, slashes generally aren’t used in URNs and it would be more like urn:ostatus:subscribe. Also, URNs are actually harder to use than DNS because instead of being registered through boring capitalism they need to go through IANA RFCs. Unless you use one of the bland reusable ones like urn:uuid:{UUID} which gets back to you could just use a free form string and not a URI anyway…

@Gargron @darius @garbados regardless, not resolving to anything would be better than resolving a wrong thing

someone's going to click on it and be confused (i did too, just this morning)

@Gargron @shadowfacts @darius @garbados

> strange argument when the only people looking at it would be developers and we could expect them to understand that URIs are not necessarily resolveable

Imho this places too much expectation on the average dev. Think there are lotta ppl seeing rel="URL-formatted-URI" who'll load that link.

Esp. on fedi where onboarding for new devs is like playing a MMORPG to find specification treasure chests and hidden logic loot. Or fall into some cave, like here.

@Gargron @shadowfacts @darius @garbados

Btw, sorry but I posted this to the wrong discussion fork.

For people reading this and thinking what is this about.. a curl retrieval of some fedizens handle using #Webfinger returns a JSON that looks like this example on the #Mastodon website:

https://docs.joinmastodon.org/spec/webfinger/#example

One "rel" prop reads as "http //ostatus.org/schema/1.0/subscribe" (garbled). There might just be some OWL doc there, or html specs.

But there is some weird casino gaming site instead.

@Gargron @shadowfacts @darius @garbados

In this case landing on that website gives nothing but a bad impression about the state of the fedi tech landscape. Bit worse would be NSFW site with auto-playing vids and you sitting in the middle cubicle of the open floor office. Worse still and some nasty malware site would bite at ya.

In terms of improvement I'd prefer an URL formatted URI where there are *actual docs* when followed. Maybe at https://w3id.org or similar place.

@garbados Ostatus was a previous attempt at a federation protocol, like ActivityPub, or actually an open standard comprising of a set of open protocols, I guess? It was developed by Evan Prodromou, and I guess he just have stopped paying for the domain and it's been taken over by spammers.

@garbados 100% the original domain expired and got bought by someone else

URLs in 'rel' links are rarely intended for human consumption. They're literally namespaces and nothing more. It's too bad this one lapsed and was taken over by something not family-friendly. I use purl.org for my own link relations to avoid this happening (purl.org is now managed by archive.org iirc) but I think most folks tie these to their own domains which as you know are simply "rentals". Of the 8 rel links in my webfinger that are urls, only one of them points to an actual spec fragment.

@garbados They probably let it expire. I don't know why these seedy porn/gambling/drug sites snap up domains that have nothing to do with their product, it does nothing for their brand equity.

Sign in to participate in the conversation

The herd is stronger together! Herdspace is a little island for grass puppies, crowing borbs, and whiny kobolds.