Notifs .... a new messaging medium
Session Topic: Nōtifs
Convener: Jim Fenton
Notes-taker: David Waite
Tags for the session - technology discussed/ideas considered:
Pseudonymous secure opt-in notifications
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
Point: Non-human-consumable items (like addresses) have a tendency to become targetted towards humans. See URLs, vanity license plates
Question on messages targetting multiple roles for people represented differently to individuals; if the notification is just content, eventually the different representations will be targetted toward different people
Question: for Notification agents, is there an opening toward cloud and ad-supported provider for notifications, vs running your own. Big players have advantages in email with things like spam control; notification agents should be on a more level playing field
Message format: may have additional tags, formatting, etc. for the body in the future
Suggestion: Consider/look at JOSE for cryptographic functions - presenter has not considered yet because of existing DKIM background.
There was an agreement that excluding values from signatures would optimize some cases of broadcasting a fixed message to a large # of people without requiring resigning per message
Observation from the view of one armed with the OAuth hammer: webfinger lookup for user notification service; oauth authorization for adding notification
Push to SMS as a feature for less capable user agents? Already envisioned using a service like Twilio
Clarification: Signature is verified by notification agent, not exposed to end user. There is a certain amount of trust by the user to their notification agent.
Additional point: On submission, a notification agent gives an identifier to the submitted notification, so that agents can expose a way update or best effort delete notifications
Users can delete notifications, although bit under-defined. System specifically ignores user actions for notifications (view, deleted)
Privacy protection: notifier does not know user, just uuid. Notification Agent has access to messages for a particular user, but you have the option to choose one/many agents or run one yourself.
Slides and related information:
http://www.slideshare.net/jim_fenton/notifs - Slides on Slideshare