After declaring my intention to help iterate on the Ticket extension to IndieAuth, I built an experimental ticket endpoint, which is available on my test site. I was able to test it using Martijn van Der Ven’s test form for requesting a ticket., after some troubleshooting on both sides. Still have some tweaks to make and questions to answer for expansion, but it turned out that adding support for receiving and redeeming a ticket was relatively easy.

Thinking about Ticket Auth

During this month’s Pop-Up event, as part of the overall topic of sensitive data we were discussing the continual challenges in getting a method of having private posts on one’s site. As a community, nothing has gained enough traction for adoption.

Last summer, a conversation on the most promising at the time, AutoAuth, prompted a new contender Ticket Auth. Ticket Auth turns the relationship in the other direction.

Let’s use our favorite two example people, Alice and Bob. Alice has a post on her site which she doesn’t want to be public. For most sites, the default is public. Alice wants to share her post only with Bob.

AutoAuth doesn’t get into the idea of how Bob, or the client Bob is using, decides he wants to get access to Alice’s post. Ticket Auth, by comparison, puts the onus on Alice. Alice, when she decides on her audience, sends a ticket to those she wants to have access. Bob has to have a ticket endpoint…the place he received tickets.

The ticket is a code that is available for a limited time, that can be exchanged for a longer term token to access the information. It is, essentially, an invitation you are free to accept or ignore.

In trying to develop more, this is a good place to start. Once we start sending and receiving tickets, we can iterate on this and figure out the next questions.

  • Can you ask for a ticket and how?
  • How can you give the ticket or the token you redeem to your reader or other client?

But first things first. Let’s build something.

 

 

Working on expiring tokens for the WordPress IndieAuth endpoint. This would be a breaking change, as currently, tokens issued by the endpoint never expire. This is a security concern, if you keep issuing tokens without ever expiring them. With the new system, you can renew a token, or even disable expiry in the admin if you need a long-lived token. There is a way to have the client get new tokens regularly that I could implement, but currently no client supports it.
In November 2018, we went to Orlando to perform the Parkeology Challenge.  We came close, but did not succeed. We had always hoped to try again, but illness, as well as the pandemic restricting travel, had pushed it off. Now one of the team is no longer with us(the one who took the photo).

I’ve never been particularly good at speaking of those who have gone, and the stories I might choose to tell are probably would not do justice to the memory.

There is little to say when someone is taken from their friends and loved ones too soon. When we were kids, he, being a few years older, was primarily my brother’s friend, but we all did things together…our families frequently got together. It is hard to accept I will not see him again.

The best I can think of to do that would please him is to finish this one thing we never completed someday.

Just a few updates from the last week.

  • Updated the Parse This library to optionally flatten the location parameter, as Indigenous and other Microsub readers do not recognize a nested location parameter.
  • Fixed a Simple Location issue where it was not setting the location taxonomy on Micropub post.
  • Simplified some of the Location interfaces
  • Minor bug fixes.

Visiting the Ashokan Reservoir

On March 31, 2021, took another family drive. This one looping around the Ashokan Reservoir.

The route started out along State Road 55 past the Neversink Reservoir, and spurring off onto Route 55A, which goes along the other side of the Roundout Reservoir.

Spurring onto Sundown Road, we headed into the Sundown Wild Forest. The 30,100-acre Sundown Wild Forest covers a large swath of the southeast Catskills, including several ridges and 10 mountains over 2,000 feet. We had planned to stop by the Peekamoose Blue Hole, but missed the turnoff and only saw it from a distance. It is a depression in the streambed rock of the Rondout Creek, a unique natural feature formed by sand and swirling gravel in an ancient whirlpool.

The route continues into the Slide Mountain Wilderness, which encompasses more than 47,500 acres and is the largest and most popular wilderness area in the Catskill Forest Preserve.  This brought us into the Town of Olive, which is inside the Catskill Park. The Catskill Park is 700,000 acres, of which 287,000 acres are owned by the state as part of the Forest Preserve.

Heading through forest, we finally reached state road 28A and the Ashokan Reservoir. The Reservior, part of the NYC water system, and is the city’s deepest reservoir at 190 feet. It was built between 1907 and 1915.

The Ashokan Reservoir, of all the ones we’ve visited in the last year, has the most walking and biking trails. This includes the 11.5 mile Ashokan Rail Trail. While I’m always disappointed at the loss of rails, this was well executed.

We stopped to eat our lunch at the Woodstock Dike Trailhead. It was windy, and it is cold this year. But at some point in the future, we may return to walk the trail further.

The return trip looped around the remainder of the Reservoir, before cutting back to Accord, NY.  When my mother was a child, she stayed at bungalow colonies in Accord.

We passed through Ellenville on Route 209 back to our starting point.

It is Pi Day again, March 14th or 03-14. While arbitrary, I’d like to take a moment to appreciate the Raspberry Pi, the small single board computer that launched a lot of great hobbyist projects. While it running off a microSD is incredibly frustrating at times, it is really easy way to play with small dedicated computing.