Terence EdenI did the `human.json` thing!
If you're a blogger who I've met in person, and you're not using AI or LLMs for your content, let me know and I'll add you to my list.
tyil@Edent Interesting concept. I'm not sure yet if I like it, but I do agree that there is a strong desire for ways to verify real humans these days. A couple remarks I have, though...
I see a JSON Schema definition in the README, and if you want schemas to verify with, why not just use XML, which has first-class support for schemas and widely supported tooling to verify these?
Addditionally, I've been told all my life while telling people to use OpenPGP that "the web of trust doesn't work". This seems like basically the same thing but without the cryptography aspect of OpenPGP, what makes you think the web of trust will work properly here? In fact, if you want to make a web of trust, why not built something on top of OpenPGP? You get the trust aspect, while also promoting use of cryptography keys.
I see a JSON Schema definition in the README, and if you want schemas to verify with, why not just use XML, which has first-class support for schemas and widely supported tooling to verify these?
Addditionally, I've been told all my life while telling people to use OpenPGP that "the web of trust doesn't work". This seems like basically the same thing but without the cryptography aspect of OpenPGP, what makes you think the web of trust will work properly here? In fact, if you want to make a web of trust, why not built something on top of OpenPGP? You get the trust aspect, while also promoting use of cryptography keys.
@tyil I'm not the author, you should raise those questions on the repo.
However, JSON-LD does have well defined schemas via Schema.org
I have a masters in computer science and still can't work PGP. But, in any case, cryptographic signing adds nothing here as the claims are tied to control of the domain name.
@Edent I'm not the author, you should raise those questions on the repo.If they have a mailing list I'd gladly post there, then. Making people sign up Yet Another Account for every single project is silly, people need to learn to use the correct tools for interaction.However, JSON-LD does have well defined schemas via Schema.orgPerhaps, but JSON does not have inherent support for schemas like XML does. Trying to do JSON with schemas is generally a terrible idea, as every protocol based on JSON eventually learns. If schema validation is not important, JSON would still be a poor choice as it seems that the intent is for users to write this by hand (no tooling seems to exist nor be planned), JSON is used for machines to generate, and machines to interpret (much like XML, for that matter).
This fetish for JSON seems very silly to me, as it has a lot of downsides which other formats don't need to re-invent the wheel for.I have a masters in computer science and still can't work PGP.Not sure if that's something to proudly state 😆
Regardless, I get that this particular idea ties it to domain name, but if we want to build a web of trust, it would make sense to learn from earlier models that are generally considered to have "failed", and figure out what we should be doing differently to give it a better chance of succession. I'm not suggesting we need cryptographic signing (though it wouldn't hurt, just upload a PGP signed message that we can verify with already existing web-of-trust infrastructure!), but to understand why the web of trust "didn't work" the previous time it was tried.
This fetish for JSON seems very silly to me, as it has a lot of downsides which other formats don't need to re-invent the wheel for.I have a masters in computer science and still can't work PGP.Not sure if that's something to proudly state 😆
Regardless, I get that this particular idea ties it to domain name, but if we want to build a web of trust, it would make sense to learn from earlier models that are generally considered to have "failed", and figure out what we should be doing differently to give it a better chance of succession. I'm not suggesting we need cryptographic signing (though it wouldn't hurt, just upload a PGP signed message that we can verify with already existing web-of-trust infrastructure!), but to understand why the web of trust "didn't work" the previous time it was tried.
Gert V 🇵🇸@tyil
JSON uses utf-8 encoding by default, which makes life a lot more fun.
JSON uses utf-8 encoding by default, which makes life a lot more fun.