Post
🆕 blog! “Alpha launch - .well-known/avatar - feedback wanted”
I've gotten sufficiently annoyed with a trivial problem that I'm preparing to write an IETF RFC. Yeah. That's how ticked off I am!
Every site that I sign up for asks me to upload an avatar to represent myself. Whenever I change my photo, I have to log in to a hundred sites and change it…
👀 Read more: https://shkspr.mobi/blog/2025/10/alpha-launch-well-known-avatar-feedback-wanted/
⸻
#IETF #ReDeCentralize #standards #web
@Edent Neat. I don't understand purpose of "acct:" in the query string, why not just ?resource=whatever@shkspr.mobi. As mentioned, handling this with a static site is interesting to me; perhaps a spec-mandated maximum size and mention a client can enforce that with HTTP Range, should there be worry a server will send a 2GB file.
Privacy concerns that the client's IP address is disclosed when the avatar is retrieved? Afterall this behaves like a web bug especially when the resource is (purposefully) unique.
acct is what WebFinger uses - https://webfinger.net/spec/
It helps disambiguate between different accounts.
Maximum size is tricky. If this spec were written 25 year ago, it might be fossilised as a 16x16 bitmap. Today we might want a 4K WebP.
The idea is that a service should retrieve and cache an avatar - rather than exposing it to everyone. That will need to be made clear.
@Edent How is that different from webfinger?
@Edent How is that different from webfinger?
@silverpill it is similar. But, as I say in the post, it can just return an image, rather than all the JSON metadata.
The nice thing about blog posts is that they can be living documents.
I'm incorporating all the feeback I get about .well-known/avatar into the above post.
@Edent I like this *a lot*
A space for Bonfire maintainers and contributors to communicate
