IRC log of dig on 2012-07-27

Timestamps are in UTC.

02:35:50 [Pipian]: Pipian (~pipian@static-mum-59.181.115.17.mtnl.net.in) has joined #dig
02:43:52 [Pipian]: Pipian has quit (Ping timeout: 252 seconds)
02:44:28 [Pipian]: Pipian (~pipian@static-mum-59.181.115.17.mtnl.net.in) has joined #dig
03:30:31 [bblfish]: bblfish (~bblfish@AAubervilliers-651-1-221-90.w86-198.abo.wanadoo.fr) has joined #dig
04:30:08 [Pipian]: Pipian has quit (Quit: Pipian)
04:41:44 [Pipian]: Pipian (~pipian@static-mum-59.181.115.17.mtnl.net.in) has joined #dig
06:37:06 [kennyluck]: kennyluck (~kennyluck@119.161.158.96) has joined #dig
07:17:43 [kennyluck]: kennyluck has quit (Read error: Connection reset by peer)
07:17:50 [kennyluck]: kennyluck (~kennyluck@119.161.158.96) has joined #dig
07:30:19 [danbri]: danbri (~danbri@host86-153-168-172.range86-153.btcentralplus.com) has joined #dig
07:35:17 [trueg_away]: trueg_away is now known as trueg
07:38:29 [bblfish]: bblfish has quit (Remote host closed the connection)
07:39:08 [kennyluck_]: kennyluck_ (~kennyluck@119.161.158.96) has joined #dig
07:39:56 [kennyluck]: kennyluck has quit (Read error: Connection reset by peer)
07:39:57 [kennyluck_]: kennyluck_ is now known as kennyluck
07:47:49 [bblfish]: bblfish (~bblfish@AAubervilliers-651-1-221-90.w86-198.abo.wanadoo.fr) has joined #dig
07:54:53 [deiu]: deiu (~andrei@157.159.103.85) has joined #dig
07:54:53 [deiu]: deiu has quit (Changing host)
07:54:53 [deiu]: deiu (~andrei@unaffiliated/deiu) has joined #dig
08:01:42 [kennyluck]: kennyluck has quit (Read error: Connection reset by peer)
08:01:57 [kennyluck]: kennyluck (~kennyluck@119.161.158.96) has joined #dig
08:17:30 [kennyluck]: kennyluck has quit (Read error: Connection reset by peer)
08:17:38 [kennyluck]: kennyluck (~kennyluck@119.161.158.96) has joined #dig
08:39:55 [bblfish]: bblfish has quit (Remote host closed the connection)
08:45:16 [bblfish]: bblfish (~bblfish@AAubervilliers-651-1-221-90.w86-198.abo.wanadoo.fr) has joined #dig
09:07:23 [danbri]: danbri has quit (Remote host closed the connection)
09:13:44 [deiu]: trueg, bblfish, are we going to have another talk about the paper?
09:14:12 [bblfish]: hi
09:14:18 [bblfish]: I sent a pull request in
09:14:30 [bblfish]: I can't remember when the deadline for the paper was
09:14:44 [deiu]: end of the month
09:14:48 [bblfish]: but we can always submit it at some other conf
09:14:58 [deiu]: it's a good conf
09:15:12 [deiu]: would be a pity to miss it, imo
09:15:32 [deiu]: s/would/it would
09:15:48 [bblfish]: well, there was not enough progress
09:15:55 [bblfish]: we can't finish it in time I think
09:16:01 [bblfish]: we should have implementations
09:16:11 [bblfish]: that work together and then write a paper
09:16:17 [deiu]: btw bblfish, what convention are you using when working with WebIDs inside URIs?
09:16:20 [bblfish]: or do both simultaneously
09:16:34 [deiu]: for example, doing a GET on a user's profile
09:16:55 [bblfish]: I don't know what "working with WebIDs inside URIs" means
09:17:26 [deiu]: Ex: FQDN/user/?webid=http....
09:18:14 [bblfish]: What would the purpose of that URI be?
09:18:53 [deiu]: to view a profile
09:19:05 [bblfish]: you can do what you want really
09:19:38 [deiu]: I'm trying to come up with the best solution, from a REST p.o.v.
09:19:39 [bblfish]: I'd do profile?webid=URLEncoded(webid)
09:20:27 [bblfish]: it's ok to have it as a GET as it is nullipotent
09:20:56 [deiu]: My problem is that I don't think this convention is quite as obvious for a 3rd party service accessing your application for the first time
09:21:32 [bblfish]: don't think that's a problem
09:21:35 [deiu]: It must know beforehand that the encoded webid uri must be passed inside a "webid" parameter
09:21:43 [bblfish]: you can even encode that in a form
09:22:03 [bblfish]: profile without ? is a form
09:22:09 [deiu]: similar to pingback
09:22:12 [bblfish]: you enter the webid and done
09:22:14 [bblfish]: yes
09:22:15 [rszeno]: how do you check a uri that is safe?
09:22:25 [bblfish]: what is a safe uri?]
09:22:30 [deiu]: good question
09:22:40 [bblfish]: what do you meant by that?
09:22:45 [deiu]: you never know it's a safe uri until you dereference it
09:22:46 [bblfish]: by safe?
09:23:01 [rszeno]: a uri which doesn't inject some code in your app and exploit something
09:23:06 [bblfish]: if you do a GET you cannot be liable for anything
09:23:17 [bblfish]: like with HEAD
09:23:29 [bblfish]: you can't acceidentally be buying something
09:23:58 [bblfish]: I don't know with php how one has to act to be safe
09:24:14 [deiu]: rszeno, with PHP you can use filter_var or filter_input
09:24:15 [rszeno]: same problem with any language
09:24:29 [rszeno]: to check what?
09:24:34 [bblfish]: if you just parse the results you can't really be in danger if you put the results in a graph
09:24:35 [rszeno]: is a uri
09:24:46 [bblfish]: if you execute the content sent to you you are in danger
09:25:01 [bblfish]: ( especially if you do it wtih same priviledges )
09:25:49 [rszeno]: i think trust and this come togheter but i don't know how to use this
09:26:21 [deiu]: rszeno, how do you trust any user input when submitting forms?
09:26:27 [deiu]: it's the same question really
09:26:44 [rszeno]: is a different thing, you validate input
09:27:06 [deiu]: no, you validate data
09:27:12 [rszeno]: here is gust an parameter to a url webid=url enocoded
09:27:42 [rszeno]: data is user input
09:28:04 [deiu]: ah, so you just refer to the URI string?
09:28:06 [rszeno]: so, is same thing
09:28:16 [rszeno]: yes
09:28:38 [deiu]: depends what you do with it
09:29:12 [deiu]: if you plan to store it in a DB, then you can apply the same techniques for inserting user input
09:29:19 [rszeno]: yes but a uri to a bot script is still a uri
09:29:41 [deiu]: what would that bot script really be able to do?
09:29:53 [deiu]: I don't see how it can affect you
09:29:56 [rszeno]: well, a lot of things, :)
09:30:56 [rszeno]: i have a collection of such links if you want to try one, :)
09:31:04 [deiu]: You need to provide a strong argument, otherwise it's just your personal fears
09:33:32 [rszeno]: this is an article about one who explote a wordpress plugin, http://www.emergingthreatspro.com/bot-of-the-day/under-my-timthumbs-thumb/
09:34:23 [deiu]: I'll check it out in a sec
09:35:51 [rszeno]: i didn't read it, just a fast search with google for timthumb bot and pick first
09:43:15 [rszeno]: finaly each argument is a string so you can simple to pass it as any user data after some validation but i ask myself if is possible based on webid to compute something, kind of trust level
09:56:35 [Pipian]: Pipian has quit (Quit: Pipian)
10:35:18 [kennyluck]: kennyluck has quit (Quit: kennyluck)
10:54:21 [Pipian]: Pipian (~pipian@182.19.16.70) has joined #dig
11:08:53 [trueg]: trueg is now known as trueg_away
11:21:48 [RalphS]: RalphS (Ralph@30-7-118.wireless.csail.mit.edu) has joined #dig
11:34:24 [bblfish]: bblfish has quit (Remote host closed the connection)
11:37:16 [deiu]: deiu has quit (Quit: Leaving)
11:46:02 [Pipian]: Pipian has quit (Quit: Pipian)
11:50:14 [trueg]: trueg (~trueg@HSI-KBW-46-237-239-121.hsi.kabel-badenwuerttemberg.de) has joined #dig
11:52:46 [trueg_away]: trueg_away has quit (Ping timeout: 252 seconds)
11:57:35 [deiu]: deiu (~andrei@157.159.16.177) has joined #dig
11:57:35 [deiu]: deiu has quit (Changing host)
11:57:35 [deiu]: deiu (~andrei@unaffiliated/deiu) has joined #dig
12:18:30 [bblfish]: bblfish (~bblfish@AAubervilliers-651-1-221-90.w86-198.abo.wanadoo.fr) has joined #dig
12:25:48 [bblfish_]: bblfish_ (~bblfish@ALagny-551-1-117-83.w92-141.abo.wanadoo.fr) has joined #dig
12:26:14 [bblfish]: bblfish has quit (Ping timeout: 272 seconds)
12:28:41 [bblfish_]: bblfish_ is now known as bblfish
13:09:00 [deiu]: bblfish, what rdf resource would you use for the form element corresponding to the "webid" parameter?
13:09:18 [deiu]: there should be something like foaf:webid
13:34:34 [danbri]: danbri (~danbri@cpc6-aztw25-2-0-cust83.aztw.cable.virginmedia.com) has joined #dig
13:53:38 [bblfish]: I am not sure what you mean deiu
13:54:53 [bblfish]: betehess: MRDFStore is said to be Monadic, but where is that written out?
13:55:12 [bblfish]: I was thinking that scalaz's Monad would turn up somwhere there
13:55:57 [bblfish]: deiu there is no encoding of html forms in rdf that has been standardly adopted yet that I know of
13:56:18 [betehess]: bblfish, it's necessary only on the call site
13:56:29 [betehess]: where you say: I need M to be Monadic
13:56:55 [betehess]: it could be many other things
13:57:03 [betehess]: depends what you want :-)
13:57:19 [bblfish]: ah. ok. Was looking for an example of a using scalaZ monads
13:57:21 [betehess]: eg. you may want to extract a value from M, and doing so could fail, etc.
13:57:35 [betehess]: we have that. give me 2s
13:57:38 [bblfish]: eg I wanted to create a Claim[T] class that would be monadic
13:58:34 [betehess]: https://github.com/w3c/banana-rdf/blob/master/rdf-test-suite/src/main/scala/MGraphStoreTest.scala#L12
13:59:04 [betehess]: here, jon only needed M to comply with Bind, not Monad
13:59:13 [deiu]: bblfish, I have a form with RDFa elements in it, specifically an text field for the webid.
13:59:18 [betehess]: and we also use UnsafeExtractor
13:59:34 [betehess]: in practice, Monad is required
14:00:00 [deiu]: But for clients to understand that they need to perform a GET on it, I need to semantically described that form field.
14:00:44 [bblfish]: deiu, you have to ask some rdf working group. I don't think forms can be ended with rdfa
14:01:30 [deiu]: bblfish, it's the same principle behind pingback
14:01:59 [bblfish]: no, in pingback there is no encoding of the form. We do it by convention while waiting for such a standard to be created
14:02:15 [deiu]: right
14:03:24 [deiu]: we need a similar convention for RESTful requests on a semweb app then
14:03:36 [bblfish]: why do you want the forms to be globally readable? If you are just producing an html view on some data, there is not that much need to automate it. people should fetch the data directly from the sourxe
14:04:23 [bblfish]: ah yes, betehess, i remember the discussion
14:06:16 [deiu]: bblfish, yeah, I think you're right
14:06:41 [bblfish]: we should ping the rdfa people to get form semantics added to rdfa
14:06:50 [bblfish]: perhaps its there in the latest spec?
14:20:01 [bblfish]: betehess: is the val bind ever used in MGraphSToreTest?
14:20:22 [bblfish]: or is that just a way to limit the M to something that is a Bind?
14:24:39 [betehess]: bblfish, you wouldn't add a constraint if it wouldn't be to use it :-)
14:24:58 [betehess]: Bind gives flatMap, map, filter, etc.
14:25:07 [betehess]: so it's used in the for-loops
14:25:08 [betehess]: https://github.com/w3c/banana-rdf/blob/master/rdf-test-suite/src/main/scala/MGraphStoreTest.scala#L47
14:25:28 [bblfish]: yes, but there is no mention of bind in the class
14:25:59 [betehess]: well, there is
14:26:05 [betehess]: because of import Scalaz._
14:26:32 [betehess]: so, what is the return type of, let's say, store.removeGraph(u1)
14:26:33 [betehess]: ?
14:26:40 [betehess]: it's an M[something]
14:26:51 [bblfish]: let me look
14:26:56 [betehess]: what do we know about this M?
14:27:08 [bblfish]: yes, it has to be a Bind
14:27:11 [betehess]: that there is a bind: Bind[M]
14:27:33 [betehess]: so we could somehow call a flatMap somewhere
14:27:37 [bblfish]: ah yes, just noticed the implicit at the top
14:27:47 [betehess]: yes, it's a typeclass
14:28:07 [betehess]: and Scalaz._ gives you some interesting stuff
14:28:12 [bblfish]: say how do I say that Claim[P] is a Monad?
14:28:30 [betehess]: that would not makes sense in itself
14:28:46 [bblfish]: ( I am not yet sure if it should be a monad or not )
14:28:53 [betehess]: a Monad is applied to a type constructor
14:29:21 [betehess]: could you describe what you need?
14:29:36 [bblfish]: I want to say have a Claim[X509Certificate]
14:29:44 [bblfish]: (I was just writing this out in a mail....)
14:29:52 [betehess]: ok, will wait for the email
14:30:39 [bblfish]: betehess: just sent it
14:30:44 [betehess]: k
14:31:02 [bblfish]: it's not finished. But I wanted to get scalaz working on it so I could work out what Claim is by playing with it
14:32:48 [bblfish]: I was thinking I could have a claim.map(x509->webid): Claim[WebID] for example
14:33:01 [bblfish]: then I'd need some verify function to extract the object from the claim
14:33:59 [bblfish]: me too. I'll send you updates. Was thinking of sending it to the scalaz list, when I get a handle on it...
14:34:20 [bblfish]: ( But in my case it's more the scalaz that I need to digest :-)
14:41:56 [betehess]: bblfish, do you have other examples than X509Certificate that could be seen as a Claim?
14:42:07 [bblfish]: pretty much any Graph
14:42:21 [betehess]: and what specific information would you expect to extract?
14:42:27 [betehess]: or operation to apply?
14:42:44 [bblfish]: well for example if I have an x509c
14:43:18 [bblfish]: x509c.map(x509 => x509.getSubjectAlt...): Claim[URI]
14:43:35 [bblfish]: if I map a claim, I still get a claim
14:43:42 [deiu]: deiu has quit (Quit: Leaving)
14:43:46 [bblfish]: if I verify it somehow
14:43:47 [betehess]: hrmmm
14:44:08 [bblfish]: x509c.verify( webidVerificationFunction ): WebID
14:44:10 [bblfish]: or perhaps
14:44:29 [bblfish]: x509c.verify( webidVerificationFunction ): Validation[Exc,WebID]
14:44:31 [betehess]: try to think this way:
14:45:01 [bblfish]: I am thinking of a graph as a monad (or something of that kind )
14:45:08 [betehess]: * suppose that you control WebID and Graph (ie you can change their inheritance hierarchy)
14:45:26 [betehess]: * you want to write some code common to both, though a super class
14:45:45 [betehess]: * ask yourself this question: what would this common superclass look like?
14:46:25 [bblfish]: yes, so I was thinking of something like that.
14:46:38 [bblfish]: it could have a map function as explained above
14:46:47 [betehess]: I want to make sure that you have the right intuition about typeclasses and monads and stuff
14:46:54 [bblfish]: I can transform a claim with a map, but that still leaves me with a claim
14:47:05 [betehess]: map is about something contained in a container
14:47:15 [betehess]: but you would stay in the same kind of container
14:47:20 [bblfish]: ie: I could transform a claim[X509Cert] with map to Claim[Graph]
14:47:25 [betehess]: ie. all the invariants are the same
14:47:36 [bblfish]: I would not be saying that the Graph is true, just that it is claimed
14:48:03 [bblfish]: next I want to verify that the actual world is the Claimed World
14:48:27 [bblfish]: ie claimedGraph contains Actuality
14:48:30 [betehess]: what does it mean for a Claim to allow one to map its contained element(s)?
14:49:07 [betehess]: I still don't see the constraints/invariants/contracts on Claim
14:49:08 [bblfish]: well above it could be a transform to map an x509 claim to say the rdf representation of that claim
14:49:27 [betehess]: you're putting too much emphasizes on the contained type
14:49:40 [bblfish]: what I don't want it the object in the claim to be extractable, other than through a verification function
14:49:55 [betehess]: can you try to write down the superclass please?
14:50:26 [betehess]: and try to propose 2 different subclasses where you would adapt the methods to be supported
14:50:35 [betehess]: based on existing classes
14:51:00 [bblfish]: ok. I'll write it out for Claim[X509Ceritificate] and Claim[Graph]
14:51:11 [betehess]: thanks
14:51:34 [bblfish]: trying to see if I can align modal logic intutions with category theory :-)
14:51:45 [betehess]: don't think too much about that
14:52:04 [bblfish]: modal logic is how I think
14:52:09 [betehess]: category theory is about understanding the deepest patterns in programming
14:52:17 [bblfish]: :-)
14:52:24 [betehess]: so it's more about factorising code
14:52:32 [betehess]: you first need to understand what you need
14:52:38 [bblfish]: yes
14:53:21 [bblfish]: yes
14:53:45 [bblfish]: you are in a relation to a set of possible worlds each of which contains me overthinking
14:54:10 [bblfish]: those set of possible worlds you believe to contian the actual world
14:54:17 [betehess]: heh
14:54:31 [betehess]: I knew you would answer my silly question
14:54:40 [bblfish]: :-)
14:54:57 [bblfish]: in n3 one could put it like this
14:55:14 [bblfish]: :bethess :believes { bblfish a OverThinker } .
14:55:32 [bblfish]: then if you had rules such as
14:56:10 [bblfish]: { x? a OverThinker } => { ?x reducecpuTime 5ms }
14:56:28 [bblfish]: and of course anything you believe is something you believe to be true
14:56:45 [bblfish]: so hence from :bethess :believes { bblfish a OverThinker } . you conclude that bblfish a Overthinker
14:56:51 [bblfish]: bblfish a Overthinker
14:57:04 [bblfish]: which according to rule given above you reduce cpuy time to
14:57:06 [bblfish]: oops
14:57:20 [bblfish]: I have just reduce my cpu time in your brain
14:58:06 [betehess]: well, I'd need to overclock first
14:58:26 [bblfish]: :-)
14:58:30 [betehess]: write the class if you need my help!
14:58:41 [betehess]: also, write with class ;-)
15:23:34 [bblfish]: ok, I have to qo cyclcing quickly, before the storm
15:23:46 [bblfish]: cycling in the storm... (sounds like a doors song)
15:24:06 [bblfish]: bblfish has quit (Remote host closed the connection)
16:05:27 [Picote]: Picote (~Picote@unaffiliated/picote) has joined #dig
16:10:59 [trueg]: trueg is now known as trueg_away
16:17:10 [danbri_]: danbri_ (~danbri@cpc6-aztw25-2-0-cust83.aztw.cable.virginmedia.com) has joined #dig
16:19:53 [danbri]: danbri has quit (Ping timeout: 244 seconds)
16:40:59 [bblfish]: bblfish (~bblfish@AAubervilliers-651-1-221-90.w86-198.abo.wanadoo.fr) has joined #dig
17:29:47 [bblfish]: bblfish has quit (Remote host closed the connection)
17:50:10 [timbl]: timbl (~timbl@147.152.248.46) has joined #dig
17:54:42 [danbri_]: danbri_ has quit (Remote host closed the connection)
18:14:04 [bblfish]: bblfish (~bblfish@AAubervilliers-651-1-221-90.w86-198.abo.wanadoo.fr) has joined #dig
18:15:55 [Picote]: Picote has left #dig
18:22:29 [cheater_]: cheater_ (~cheater@p4FD0E633.dip.t-dialin.net) has joined #dig
18:25:04 [cheater__]: cheater__ has quit (Ping timeout: 240 seconds)
18:27:52 [trueg_away]: trueg_away is now known as trueg
19:13:27 [trueg]: trueg is now known as trueg_away
19:21:53 [trueg_away]: trueg_away is now known as trueg
19:29:36 [danbri]: danbri (~danbri@cpc6-aztw25-2-0-cust83.aztw.cable.virginmedia.com) has joined #dig
19:34:31 [groupcat]: [Olympic Global Notice] freenode wishes all of the Olympic competitors the best of luck in the upcoming Olympic Games, the opening ceremony kicks off in a little under 30 minutes. A very British Hurrah to all!
19:35:14 [trueg]: trueg has quit (Remote host closed the connection)
19:35:38 [trueg]: trueg (~trueg@hsi-kbw-46-237-239-121.hsi.kabel-badenwuerttemberg.de) has joined #dig
19:40:05 [groupcat]: [Olympic Global Notice] P.S. I was meant to say, talk about the games in ##olympics.
19:56:06 [trueg]: trueg is now known as trueg_away
20:19:34 [danbri]: danbri has quit (Remote host closed the connection)
20:23:41 [RalphS]: RalphS has quit ()
20:44:24 [danbri]: danbri (~danbri@cpc6-aztw25-2-0-cust83.aztw.cable.virginmedia.com) has joined #dig
20:44:42 [danbri]: danbri has quit (Remote host closed the connection)
20:47:29 [trueg_away]: trueg_away is now known as trueg
21:26:32 [trueg]: trueg is now known as trueg_away
22:00:02 [bblfish]: bblfish has quit (Remote host closed the connection)
22:45:11 [danbri]: danbri (~danbri@cpc6-aztw25-2-0-cust83.aztw.cable.virginmedia.com) has joined #dig
22:47:25 [danbri]: danbri has quit (Remote host closed the connection)
23:05:50 [betehess]: betehess has quit (Quit: Leaving)
23:52:07 [danbri]: danbri (~danbri@cpc6-aztw25-2-0-cust83.aztw.cable.virginmedia.com) has joined #dig
23:54:14 [danbri]: danbri has quit (Remote host closed the connection)