Post · bonfire.cafe

I'm in the #webbotauth meeting at #ietf124. #thanksihateit

@evan@cosocial.ca replied · 2 days ago

WebBotAuth is a proposed standard for signing HTTP requests so the server knows who is requesting the data. All fine so far; it's what we use for ActivityPub for domain blocking, for example.

Evan Prodromou

@evan@cosocial.ca replied · 2 days ago

Unfortunately, it's being billed as a way for content owners to grant access to their data to only certain AI bots.

And the plan is to use an allowlist -- only certain bots can get the data.

And it will be implemented by CloudFlare, which protects 20% of all Websites.

Evan Prodromou

@evan@cosocial.ca replied · 2 days ago

ActivityPub has a lot of server-to-server communications. Those servers are unlikely to buy their way onto a bot allowlist. If their requests are going to fail for servers on CloudFlare, we've got a problem.

Evan Prodromou

@evan@cosocial.ca replied · 2 days ago

@aaronpk just blew up the meeting, asking for use cases.

Evan Prodromou

@evan@cosocial.ca replied · 2 days ago

@mnot is now talking about the background and context. Interesting!

Evan Prodromou

@evan@cosocial.ca replied · 2 days ago

I liked this slide

3 Centralisation

Avoiding choke points
Authorization
Roots of identity

Avoiding barriers/Promoting Diversity
- for bots
- for sites — 3 Centralisation Avoiding choke points Authorization Roots of identity Avoiding barriers/Promoting Diversity - for bots - for sites

1+ more replies (not shown)

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.3.26 no JS en

Automatic federation enabled