# I am the Watcher. I am your guide through this vast new twtiverse.
#
# Usage:
# https://watcher.sour.is/api/plain/users View list of users and latest twt date.
# https://watcher.sour.is/api/plain/twt View all twts.
# https://watcher.sour.is/api/plain/mentions?uri=:uri View all mentions for uri.
# https://watcher.sour.is/api/plain/conv/:hash View all twts for a conversation subject.
#
# Options:
# uri Filter to show a specific users twts.
# offset Start index for quey.
# limit Count of items to return (going back in time).
#
# twt range = 1 57
# self = https://watcher.sour.is/conv/jmgdkdq
@xuu So... How will this work exactly? Can you explain your flows here that will use this GPG key? 🤔
@xuu So... How will this work exactly? Can you explain your flows here that will use this GPG key? 🤔
@xuu So... How will this work exactly? Can you explain your flows here that will use this GPG key? 🤔
@prologic this is a go version of Keyoxide.org that runs all server side. which is based on work from https://metacode.biz/openpgp/
OpenPGP has a part of the self signature reserved for notatinal data. which is basically a bunch of key/values.
this site tries to emulate the identity proofs of keybase but in a more decentralized/federation way.
my next steps are to have this project host WKD keys which is kinda like a self hosting of your pgp key that are also discoverable with http requests.
then to add a new notation for following other keys. where you can do a kind of web of trust.
@prologic this is a go version of Keyoxide.org that runs all server side. which is based on work from https://metacode.biz/openpgp/\n\nOpenPGP has a part of the self signature reserved for notatinal data. which is basically a bunch of key/values. \n\nthis site tries to emulate the identity proofs of keybase but in a more decentralized/federation way. \n\nmy next steps are to have this project host WKD keys which is kinda like a self hosting of your pgp key that are also discoverable with http requests. \n\nthen to add a new notation for following other keys. where you can do a kind of web of trust.
@prologic this is a go version of Keyoxide.org that runs all server side. which is based on work from https://metacode.biz/openpgp/\n\nOpenPGP has a part of the self signature reserved for notatinal data. which is basically a bunch of key/values. \n\nthis site tries to emulate the identity proofs of keybase but in a more decentralized/federation way. \n\nmy next steps are to have this project host WKD keys which is kinda like a self hosting of your pgp key that are also discoverable with http requests. \n\nthen to add a new notation for following other keys. where you can do a kind of web of trust.
@prologic this is a go version of Keyoxide.org that runs all server side. which is based on work from https://metacode.biz/openpgp/\n\nOpenPGP has a part of the self signature reserved for notatinal data. which is basically a bunch of key/values. \n\nthis site tries to emulate the identity proofs of keybase but in a more decentralized/federation way. \n\nmy next steps are to have this project host WKD keys which is kinda like a self hosting of your pgp key that are also discoverable with http requests. \n\nthen to add a new notation for following other keys. where you can do a kind of web of trust.
@prologic this is a go version of Keyoxide.org that runs all server side. which is based on work from https://metacode.biz/openpgp/
OpenPGP has a part of the self signature reserved for notatinal data. which is basically a bunch of key/values.
this site tries to emulate the identity proofs of keybase but in a more decentralized/federation way.
my next steps are to have this project host WKD keys which is kinda like a self hosting of your pgp key that are also discoverable with http requests.
then to add a new notation for following other keys. where you can do a kind of web of trust.
@prologic this is a go version of Keyoxide.org that runs all server side. which is based on work from https://metacode.biz/openpgp/
OpenPGP has a part of the self signature reserved for notatinal data. which is basically a bunch of key/values.
this site tries to emulate the identity proofs of keybase but in a more decentralized/federation way.
my next steps are to have this project host WKD keys which is kinda like a self hosting of your pgp key that are also discoverable with http requests.
then to add a new notation for following other keys. where you can do a kind of web of trust.
@xuu Sounds very intriguing 🤔 I wonder how we can easily integrate this into Twtxt somehow? 🤔 The problem of course is trying to make this easy enough for anyone to use not just technically minded folks like us 😂
@xuu Sounds very intriguing 🤔 I wonder how we can easily integrate this into Twtxt somehow? 🤔 The problem of course is trying to make this easy enough for anyone to use not just technically minded folks like us 😂
@xuu Sounds very intriguing 🤔 I wonder how we can easily integrate this into Twtxt somehow? 🤔 The problem of course is trying to make this easy enough for anyone to use not just technically minded folks like us 😂
@prologic it is some interesting work to decentralize all the things.. tricky part is finding tooling. i am using a self hacked version of the go openpgp library. A tool to add and remove notations would need to be local since it needs your private key.
@prologic it is some interesting work to decentralize all the things.. tricky part is finding tooling. i am using a self hacked version of the go openpgp library. A tool to add and remove notations would need to be local since it needs your private key.
@prologic it is some interesting work to decentralize all the things.. tricky part is finding tooling. i am using a self hacked version of the go openpgp library. A tool to add and remove notations would need to be local since it needs your private key.
@prologic it is some interesting work to decentralize all the things.. tricky part is finding tooling. i am using a self hacked version of the go openpgp library. A tool to add and remove notations would need to be local since it needs your private key.
@xuu @prologic something that would be interesting would be libravatar for the user image. i made one that does the same for a profile cover image.
@xuu @prologic something that would be interesting would be libravatar for the user image. i made one that does the same for a profile cover image.
@xuu @prologic something that would be interesting would be libravatar for the user image. i made one that does the same for a profile cover image.
@xuu @prologic something that would be interesting would be libravatar for the user image. i made one that does the same for a profile cover image.
@xuu That's the tricky part, yeah. Most people don't have a clue when it comes to privacy let alone encryption. One idea I had was to use NaCL crypto and store an identity key pair server-side on Twt.social pods encrypted with PBKDF2 against the user's password. That way at least we can form some kind of cryptographic "identity" without having to involve the users that much, it just works™
@xuu That's the tricky part, yeah. Most people don't have a clue when it comes to privacy let alone encryption. One idea I had was to use NaCL crypto and store an identity key pair server-side on Twt.social pods encrypted with PBKDF2 against the user's password. That way at least we can form some kind of cryptographic "identity" without having to involve the users that much, it just works™
@xuu That's the tricky part, yeah. Most people don't have a clue when it comes to privacy let alone encryption. One idea I had was to use NaCL crypto and store an identity key pair server-side on Twt.social pods encrypted with PBKDF2 against the user's password. That way at least we can form some kind of cryptographic "identity" without having to involve the users that much, it just works™
@xuu
> The gpg command line leaves much to be desired…
Indeed. I find it somewhat unintuitive myself at times, and hardly anyone really uses it so I mostly use it only to sign Git commits 🤣
@xuu \n\n> The gpg command line leaves much to be desired…\n\nIndeed. I find it somewhat unintuitive myself at times, and hardly anyone really uses it so I mostly use it only to sign Git commits 🤣
@xuu
> The gpg command line leaves much to be desired…
Indeed. I find it somewhat unintuitive myself at times, and hardly anyone really uses it so I mostly use it only to sign Git commits 🤣
@xuu \n\n> The gpg command line leaves much to be desired…\n\nIndeed. I find it somewhat unintuitive myself at times, and hardly anyone really uses it so I mostly use it only to sign Git commits 🤣
@xuu Hmmm What exacrtly is this?\n\n> freeing the web one face at a time\n\nIs this some kind of Gravatar alternative?\n\nThe problem with doing this for Twtxt is that we don't store any kind of personal identifiable information at all. Not even email addresses. I'm not sure how this would work? 🤔
@xuu Hmmm What exacrtly is this?
> freeing the web one face at a time
Is this some kind of Gravatar alternative?
The problem with doing this for Twtxt is that we don't store any kind of personal identifiable information at all. Not even email addresses. I'm not sure how this would work? 🤔
@xuu Hmmm What exacrtly is this?\n\n> freeing the web one face at a time\n\nIs this some kind of Gravatar alternative?\n\nThe problem with doing this for Twtxt is that we don't store any kind of personal identifiable information at all. Not even email addresses. I'm not sure how this would work? 🤔
@xuu Hmmm What exacrtly is this?
> freeing the web one face at a time
Is this some kind of Gravatar alternative?
The problem with doing this for Twtxt is that we don't store any kind of personal identifiable information at all. Not even email addresses. I'm not sure how this would work? 🤔
@prologic huh.. true.. the email is md5/sha256 before storing.. if twtxt acted as provider you would store that hash and point the SRV record to the pod. .. to act as a client it would need to store the hash and the server that hosts the image.
@prologic huh.. true.. the email is md5/sha256 before storing.. if twtxt acted as provider you would store that hash and point the SRV record to the pod. .. to act as a client it would need to store the hash and the server that hosts the image.
@prologic huh.. true.. the email is md5/sha256 before storing.. if twtxt acted as provider you would store that hash and point the SRV record to the pod. .. to act as a client it would need to store the hash and the server that hosts the image.
@prologic huh.. true.. the email is md5/sha256 before storing.. if twtxt acted as provider you would store that hash and point the SRV record to the pod. .. to act as a client it would need to store the hash and the server that hosts the image.
@prologic
> That way at least we can form some kind of cryptographic “identity” without having to involve the users that much, it just works™
i like some of the work that keys.pub is doing with ed25519 crypto keys with something like that.
@prologic \n> That way at least we can form some kind of cryptographic “identity” without having to involve the users that much, it just works™\n\ni like some of the work that keys.pub is doing with ed25519 crypto keys with something like that.
@prologic \n> That way at least we can form some kind of cryptographic “identity” without having to involve the users that much, it just works™\n\ni like some of the work that keys.pub is doing with ed25519 crypto keys with something like that.
@prologic
> That way at least we can form some kind of cryptographic “identity” without having to involve the users that much, it just works™
i like some of the work that keys.pub is doing with ed25519 crypto keys with something like that.
@prologic
> That way at least we can form some kind of cryptographic “identity” without having to involve the users that much, it just works™
i like some of the work that keys.pub is doing with ed25519 crypto keys with something like that.
@xuu Sounds complicated 🤣 One of the driving principles behind this platform [jointwt/twtxt](https://github.com/jointwt/twtxt and Twtxt itself is simplicity. As it stands today you need only _really_ three things: A twtxt.txt file hosted somewhere, an avatar.png file alongside and some kind of "client" that also understand the convention around "Subject"(s) (_the thing you see in parens_). Beyond that this backend we call Twt.social pods is just a web app / client and API that allows us to also have the same on Mobile...
@xuu Sounds complicated 🤣 One of the driving principles behind this platform [jointwt/twtxt](https://github.com/jointwt/twtxt and Twtxt itself is simplicity. As it stands today you need only _really_ three things: A twtxt.txt file hosted somewhere, an avatar.png file alongside and some kind of "client" that also understand the convention around "Subject"(s) (_the thing you see in parens_). Beyond that this backend we call Twt.social pods is just a web app / client and API that allows us to also have the same on Mobile...
@xuu Sounds complicated 🤣 One of the driving principles behind this platform [jointwt/twtxt](https://github.com/jointwt/twtxt and Twtxt itself is simplicity. As it stands today you need only _really_ three things: A twtxt.txt file hosted somewhere, an avatar.png file alongside and some kind of "client" that also understand the convention around "Subject"(s) (_the thing you see in parens_). Beyond that this backend we call Twt.social pods is just a web app / client and API that allows us to also have the same on Mobile...
@prologic do you think twt will ever add ActivityPub integration?
@prologic do you think twt will ever add ActivityPub integration?
@prologic do you think twt will ever add ActivityPub integration?
@prologic do you think twt will ever add ActivityPub integration?
@xuu I don't think we'll ever add ActivityPub -- or if we do it will only be very limited. It's quite an undertaking and doesn't really provide much value except to hook into the so-called pre-existing "Fediverse" which I'm not so convinced about anyway 😀 I'd prefer to keep the conventions, formats and protocols used (_mostly just Web based_) quite simple and adopt more of IndieWeb (_where that makes sense_). Today pods speak Twtxt via pull over HTTP. They also speak WebMentions via push to other pods (_even from other indie websites_) and they support Atom.
@xuu I don't think we'll ever add ActivityPub -- or if we do it will only be very limited. It's quite an undertaking and doesn't really provide much value except to hook into the so-called pre-existing "Fediverse" which I'm not so convinced about anyway 😀 I'd prefer to keep the conventions, formats and protocols used (_mostly just Web based_) quite simple and adopt more of IndieWeb (_where that makes sense_). Today pods speak Twtxt via pull over HTTP. They also speak WebMentions via push to other pods (_even from other indie websites_) and they support Atom.
@xuu I don't think we'll ever add ActivityPub -- or if we do it will only be very limited. It's quite an undertaking and doesn't really provide much value except to hook into the so-called pre-existing "Fediverse" which I'm not so convinced about anyway 😀 I'd prefer to keep the conventions, formats and protocols used (_mostly just Web based_) quite simple and adopt more of IndieWeb (_where that makes sense_). Today pods speak Twtxt via pull over HTTP. They also speak WebMentions via push to other pods (_even from other indie websites_) and they support Atom.