Sam' 🐧Mar 15
Evan Hahn
"human.json is a protocol for humans to assert authorship of their site content and vouch for the humanity of others. It uses URL ownership as identity, and trust propagates through a crawlable web of vouches between sites." I've added it to my website! https://codeberg.org/robida/human.json
human.json

A lightweight protocol for humans to assert authorship of their website content and vouch for the humanity of others.

Codeberg.org
Mar 14 at 6:56pmWeb
Show threadA cool crab wearing shadesMar 14
@EvanHahn
ohhh that's an interesting idea
Show threadBrennan Kenneth BrownMar 14
@EvanHahn I got one on my site! :D https://brennan.day/human.json
Show threadHugo van KemenadeMar 15
@brennan It's 404
Show threadBrennan Kenneth BrownMar 15
@hugovk ah thanks for catching that typo!
Show threadAntoineMar 18
@brennan Cool blogroll ! 😉
Show threadSeth LarsonMar 15
@EvanHahn A question I had was whether I could... "pre-vouch" (?) for websites that aren't using the protocol yet but I know are human, so would vouch for them if they did suddenly? Does that do anything for users of the extension?
Show threadEvan HahnMar 15

@sethmlarson At a glance, it looks like the extension can pre-vouch. In other words, it doesn't verify that the vouchee has a human.json.

Could be worth filing an issue: https://codeberg.org/robida/human.json/issues

human.json

A lightweight protocol for humans to assert authorship of their website content and vouch for the humanity of others.

Codeberg.org
Show threadSeth LarsonMar 15
@EvanHahn I've created an issue about this: https://codeberg.org/robida/human.json/issues/17
Does the protocol allow pre-vouching?

I have a lot of websites that I know are written by humans, but that don't yet support `human.json`. Is it okay to "vouch" for these websites, too? The specification doesn't disallow this (to my knowledge) but also doesn't explicitly say it's an okay thing to do. Would love some clarification, as...

Codeberg.org
Show threada3Mar 15
@EvanHahn how to best avoid making this a signal to scrapers to add an unauthorised copy of your words to their training data? i want to signal to humans, but not to the fascist bootlickers making plausible sounding lie generators
Show threadEvan HahnMar 15

@atna Good question. I don't know.

My first thought is to add additional blocking to the site itself—just as you would without human.json. robots.txt for compliant scrapers, stronger defenses (proof-of-work, captchas, tarpits) for non-compliant ones.

Could be worth filing an issue, though I don't know if that's in scope for this project: https://codeberg.org/robida/human.json/issues

human.json

A lightweight protocol for humans to assert authorship of their website content and vouch for the humanity of others.

Codeberg.org
Show thread∴ esoterik ∴Mar 19

@EvanHahn @atna just jumping in here to say that i imagined something sort of similar to human.json but the inverse, where you vouch for clients in a web of trust and web servers can use those to decide whether to serve content or not (or rate-limit or not, or whatever)

one big downside is that it hurts anonymity but i don't see an easy way to preserve anonymity within a web of trust that lets us block scrapers [1]. it would at least give web hosts more options

[1] the proof of work systems represent sort of a cat and mouse game but also break the web for non-js browsers and people with older computers

Show threadanderbillMar 15
@EvanHahn this seems similar to what `keybase` used to do well; and also reflects the GPG trust levels (that seems good)
Q: in the documentation is the word "should" being used in the RFC 2119 sense?
Show threadEvan HahnMar 15
@band No idea. Could be worth opening an issue?
Show threadKonrad HinsenMar 17
@EvanHahn I failed an "Are you human?" test today, so perhaps I don't qualify.
Show threadEvan HahnMar 17
@khinsen you qualify in my heart
Show threadSoapDogMar 19
@EvanHahn this is good. Gonna add one to my site tonight
Show threadSoapDogMar 19
@EvanHahn just added a `human.json` to my website. Easy to do and helps a web made by humans <3
Show threadpubliusMar 29

@EvanHahn

This is interesting, but it appears that only one ownership-asserting URL is allowed, and protocol (http vs https) matters. Given that what I'm putting on the Web is mostly non-interactive documents, it doesn't make sense for me to require TLS.

Am I just misunderstanding something, or can I not use the one humans.json file to assert ownership of the site, whether served over http or https?

Show threadEvan HahnMar 30
@publius there's some discussion about both of these in the project's issues. I'm not sure!