Convener: Andy Piper (@andypiper@macaw.social)

Participants who chose to record their names here:

• Anca Mosoiu (@anca@allpeep.social)
• Renaud Chaput (@renchap@oisaur.com)
• Matthias Pfefferle (@pfefferle@mastodon.social)
• Samir Al-Battran (@samir@m.fedica.com)
• Seth Goldstein (@pch@s3th.me)
• Kirsten Lambertsen (@mizkirsten@mastodon.social)
• Julian Lam (@julian@community.nodebb.org)
• Jaz-Michael King (@jaz@mastodon.iftas.org)
• Lisa Dusseault
• Freddie (@freddiej@newsmast.social)
• Anuj Ahooja (@quillmatiq@mastodon.social)
• Stan Ros (@stan_ros_@threads.net)
• Damon (@damon@social.wedistribute.org)
• Ruud (@ruud@mastodon.world)

Tags / links to resources / technology discussed, related to this session:

Website: https://fediscovery.org/

A paper from Renaud about why this is useful: https://renchap.com/blog/post/evolving_mastodon_trust_and_safety/

Notes

• Helps with discovery.
• Have activitypub but search is pretty bad.
• Instance specific search <– Hard to find stuff.
• More research to find stuff if not on the right instance and software.
• Opt-in external Service to help with discovery.
• Something not centralized. Pluggable.
• You talk to it and send it info not the otherway around.
• Range of discovery services can integrate.
• Respects privacy and preferences.
• NGI Search helping with project.
• Wants feedback and ideas.
• Fediverse Aux Service <– Interesting concept.
• Funded, announced. Simple website live <– Fediscovery.org
• More announcements coming soon!
• Definitely a work in progress.

How would this work on my 1-person mastodon server?

• Plug into this discovery service.

Current scenario from Andy:

• I have a single-user instance. I subscribe to some hashtags over a relay for things that I find interesting. Eventually I started getting some suspicious imagery coming in. I’m only getting content from users that I follow or that they follow.
• If you want to expand the reach, you wind up having to get and download a whole lot of data that you don’t want in order to find nuggets you do want.

How it could work in the future:

• Sign up your instance w/ the discovery provider. Request content about certain topics, etc. The discovery provider highlights content that might be interesting

Anca has 5 different instances –> different topics. This would help me a publisher. Help with discovery.

• Opt in server or user basis?
• Indexing –> activity pub actor first.
• Domain can block it bc of activity pub.
• Can always add in opt-in levels, but need to start. Server should only act on it.
• Then user opts in.
• Data privacy is very important. Not sure how to do it correctly yet, but working on it.
• On privacy policy page <– what you’re indexed with instance.
• Need to have spam fighting service too <– thinking about but not in scope right now.

Discussion around how to inform instance users about the reach of the discovery services and where they might be listed.

Jaz points out that the IFTAS services are labeling servers around trust and safety topics. What’s the timeline around building IFTAS services using this discovery protocol?

• Next summer is when the Mastodon team has to come up with something based on the grant. Discovery project isn’t involved w/ spam, trust & safety yet. Experimental discovery POC by end of 2024 to allow more people to contribute.
• Need to define the specification for what is a provider.

How can people participate in the definition of provider specifications?

• The draft will be out at the end of the month (Sep 24) and will include a place where people can discuss.

Renaud: This won’t be a general search engine for Fediverse - that’s bigger than out current scope. We are working with the ActivityPub and ActivityStreams data representations, bridges would have to exist to those elsewhere for the data to come in to these services.

How do we prevent discovery providers from selling data?

• There’s nothing in the scope here for solving this problem. It’s possible for actors to scan and index any publicly available ActivityPub data. Disocvery providers can be removed from the directory if they aren’t following privacy policies of services.

How do we handle deletion?

Discussion around creating some data processing agreements - e.g. IFTAS has some verbiage around how to let instance users know that their content is being processed by IFTAS.

To stay informed: follow @mastodonengineering@mastodon.social - announcement for the github repo and launch of the first draft will happen here.