Which links between ActivityPub and Solid project?

More on my Agora app https://forum.solidproject.org/t/discussion-solid-vs-activitypub/2685/32

Hi All

Solid developer here. @aschrijver directed me to this thread. So perhaps I can offer some help.

First of all, there are some very valid criticisms raised. I do share some of those concerns, but I’d like try to be largely constructive in this initial response and stay on topic and explore some of the common ground.

Solid is predicated on the notion that your profile page is your identity. Your profile page contains a bunch of data such as your name, your friends, your inbox and outbox, and also your public key. With your public key, you are able to log into any number of servers (these days are called Pods = Personal Online Data Storage) and it gives you a WebDAV interface on those files. Solid then adds a layer of access control on top of that WebDAV store.

So to share your identity with someone, more or less you share the profile URL. That’s it. To expose a file in your Pod you just share that URL etc.

Two things are slightly different but I would support more alignment.

  1. Data is stored AT THE URL in Solid, so the discovery process does not have the extra step of webfinger or link following etc.

  2. The formats solid support are a range of Linked Data formats such as, Turtle, JSON-LD (which is a bit buggy unfortunately) and others.

So given that. How can the two projects interact? I personally like to build things incrementally. So I would start with SSO and Identity. Because that seems to me to be the tool that other things are built on.

One thing that could be nice would be for AP users that opt in, to be able to log in to any solid pod, use any solid app, such as a chat app or a shared nodepad (yes, these things exist, and were built by timbl) and use your AP profile to do so.

What would that require?

  1. Allowing AP users to use their profile page as an identity.

  2. Adding some markup to that page to make it machine readable

IMHO the easiest and more sensible way to do this would be to reuse the technologies that AP are already using. Namely JSON-LD and the publicKeyPEM key (aka predicate)

What I would favour is the “data island” approach that is popular with SEO folks.

Add a script tag in the head with:

<script type="application/json+ld">
... profile info here ...
</script>

I dont think it would be all that hard to do.

A solid server would need to understand how to parse that and eventually log you in, which would mean adding a patch to one or more servers.

Nice thing is that it could be opt in to start with, and have people play around. If it catches on, perhaps the patches can go upstream etc.

Hope that gives some food for thought on how the two projects could, possibly, maybe, interact!

2 Likes

Thank you, @melvincarvalho! I find this very informative.