@Julian Fietkau Maybe it'd make sense to get the devs aboard, @Mario Vavti and @Harald Eilertsen for Hubzilla and @Mike Macgirvin ?️ for (streams) and Forte. And I think there's a new place being worked on where Fediverse devs can meet in the Fediverse itself, but I don't have any more details right now.

I can see four things becoming tricky when it comes to comment control. One is if it isn't enough to add support for another implementation, and if either side actually had to change the way it handles permission in a way that isn't backwards-compatible.

The second one is that Hubzilla, (streams) and Forte don't simply allow or forbid comments, but they can allow only certain actors to comment, and be it all contacts of a channel. I don't know if GTS has that feature, or if it can support it.

The third one is that (streams) and Forte can limit the time in which a post can be commented. Channels can be configured so that comments are only allowed for a certain timespan, and individual posts can be configured so that they can only be commented on until a certain point in the future.

Now, the thing is that, much unlike all the many microblogging applications, the permissions in a conversation are always the same on (streams) and Forte (and also on Hubzilla). All comments, regardless of whether they come from (streams) or Mastodon or Lemmy or wherever, always have the same permissions as the post. Replying to a public conversation with a DM is not supported, for example; the DM will be regarded as a public comment.

This also means that you're only allowed to reply to a comment in a thread if you're also allowed to comment on the post itself. But if you're allowed to comment on the post, you're also allowed to reply to any comment in the conversation, full stop.

Speaking in "non-nomadic, no-enclosed-conversations ActivityPub" terms, this means that at a certain point after a post was sent, the owner of the post will have to automatically send a new version of both the post and all comments on the post, with comment permission revoked, around to all participants in the conversation as well as to everywhere that e.g. some Mastodon user has boosted one of the comments.

Either that, or a comment control FEP will have to include temporary comment permissions, and Mastodon and everything else will have to support them. I'm pretty sure that Mastodon users would love this feature, and they'd applaud Eugen Rochko for "inventing" it and "introducing it to the Fediverse". But (streams) and Forte certainly won't remove this feature just because the FEP don't support it.

As for how Hubzilla, (streams) and Forte handle this right now, AFAIK, they only advertise their comment permissions amongst each other. This means that if permission to comment is not granted, the comment button is removed from the UI. Not even greyed out, actually removed.

Towards the wider Fediverse, they act differently: They're fully aware that they can't keep a Mastodon account from commenting. Instead, they reject a comment that isn't allowed. And rejecting works differently on these three than on Mastodon: Rejected content is not first let into the inbox, then filtered and then deleted. It isn't let into the inbox in the first place. And if an activity has only got one possible recipient on a server, and that recipient doesn't allow that activity, the whole server rejects it.

The reason why this works for comment control is because conversations themselves work differently on these three (and Friendica) than on Mastodon: On Mastodon, replies go to a) whoever is mentioned and b) whoever follows the replier. On Friendica, Hubzilla, (streams) and Forte, comments always go straight to the conversation starter, even if they're comments on a comment on a comment on a comment, and from there to all participants in the thread. Of course, Mastodon users won't notice new comments until they're mentioned in the metadata.

Now, if the conversation starter rejects a comment that has actually been sent, the comment is not added to the conversation. This means two things: One, on the conversation starter's own stream, the comment does not appear as part of the conversation. Two, the comment is not forwarded to the other participants in the thread either.

From a Mastodon POV, this means that you may be able to see the branch of the conversation in which you've participated with your rejected comment in it on your own server. But if you go check the whole thread at its source, you will not see your rejected comment in the conversation.

A side-effect of this is that it isn't possible to reply to rejected comments either. Let's suppose you see some toot in your timeline. It's a comment on some (streams) post. What the commenter is blissfully unaware of: They aren't permitted to comment on this post. (streams) has rejected the comment. But you are amongst the lucky few who are permitted to comment.

Still, you can't reply to that one comment.

If a comment is rejected, then all replies to this comment are rejected, too, regardless of permissions. That's because they cannot be attached to the conversation because their own parent is missing. From your Mastodon POV, you will be able to reply. But your reply will never become part of the conversation.

This would all be a whole lot better if the entire Fediverse supported a) enclosed threaded conversations (as opposed to Twitter-like posts-and-more-posts piecemeal) and b) permissions, including comment control all the way to temporary comment permission.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Mastodon #GoToSocial #Friendica #Hubzilla #Streams #(streams) #Forte #Permission #Permissions #ReplyControl

@Julian Fietkau Maybe it'd make sense to get the devs aboard, @Mario Vavti and @Harald Eilertsen for Hubzilla and @Mike Macgirvin ?️ for (streams) and Forte. And I think there's a new place being worked on where Fediverse devs can meet in the Fediverse itself, but I don't have any more details right now.

I can see four things becoming tricky when it comes to comment control. One is if it isn't enough to add support for another implementation, and if either side actually had to change the way it handles permission in a way that isn't backwards-compatible.

The second one is that Hubzilla, (streams) and Forte don't simply allow or forbid comments, but they can allow only certain actors to comment, and be it all contacts of a channel. I don't know if GTS has that feature, or if it can support it.

The third one is that (streams) and Forte can limit the time in which a post can be commented. Channels can be configured so that comments are only allowed for a certain timespan, and individual posts can be configured so that they can only be commented on until a certain point in the future.

Now, the thing is that, much unlike all the many microblogging applications, the permissions in a conversation are always the same on (streams) and Forte (and also on Hubzilla). All comments, regardless of whether they come from (streams) or Mastodon or Lemmy or wherever, always have the same permissions as the post. Replying to a public conversation with a DM is not supported, for example; the DM will be regarded as a public comment.

This also means that you're only allowed to reply to a comment in a thread if you're also allowed to comment on the post itself. But if you're allowed to comment on the post, you're also allowed to reply to any comment in the conversation, full stop.

Speaking in "non-nomadic, no-enclosed-conversations ActivityPub" terms, this means that at a certain point after a post was sent, the owner of the post will have to automatically send a new version of both the post and all comments on the post, with comment permission revoked, around to all participants in the conversation as well as to everywhere that e.g. some Mastodon user has boosted one of the comments.

Either that, or a comment control FEP will have to include temporary comment permissions, and Mastodon and everything else will have to support them. I'm pretty sure that Mastodon users would love this feature, and they'd applaud Eugen Rochko for "inventing" it and "introducing it to the Fediverse". But (streams) and Forte certainly won't remove this feature just because the FEP don't support it.

As for how Hubzilla, (streams) and Forte handle this right now, AFAIK, they only advertise their comment permissions amongst each other. This means that if permission to comment is not granted, the comment button is removed from the UI. Not even greyed out, actually removed.

Towards the wider Fediverse, they act differently: They're fully aware that they can't keep a Mastodon account from commenting. Instead, they reject a comment that isn't allowed. And rejecting works differently on these three than on Mastodon: Rejected content is not first let into the inbox, then filtered and then deleted. It isn't let into the inbox in the first place. And if an activity has only got one possible recipient on a server, and that recipient doesn't allow that activity, the whole server rejects it.

The reason why this works for comment control is because conversations themselves work differently on these three (and Friendica) than on Mastodon: On Mastodon, replies go to a) whoever is mentioned and b) whoever follows the replier. On Friendica, Hubzilla, (streams) and Forte, comments always go straight to the conversation starter, even if they're comments on a comment on a comment on a comment, and from there to all participants in the thread. Of course, Mastodon users won't notice new comments until they're mentioned in the metadata.

Now, if the conversation starter rejects a comment that has actually been sent, the comment is not added to the conversation. This means two things: One, on the conversation starter's own stream, the comment does not appear as part of the conversation. Two, the comment is not forwarded to the other participants in the thread either.

From a Mastodon POV, this means that you may be able to see the branch of the conversation in which you've participated with your rejected comment in it on your own server. But if you go check the whole thread at its source, you will not see your rejected comment in the conversation.

A side-effect of this is that it isn't possible to reply to rejected comments either. Let's suppose you see some toot in your timeline. It's a comment on some (streams) post. What the commenter is blissfully unaware of: They aren't permitted to comment on this post. (streams) has rejected the comment. But you are amongst the lucky few who are permitted to comment.

Still, you can't reply to that one comment.

If a comment is rejected, then all replies to this comment are rejected, too, regardless of permissions. That's because they cannot be attached to the conversation because their own parent is missing. From your Mastodon POV, you will be able to reply. But your reply will never become part of the conversation.

This would all be a whole lot better if the entire Fediverse supported a) enclosed threaded conversations (as opposed to Twitter-like posts-and-more-posts piecemeal) and b) permissions, including comment control all the way to temporary comment permission.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Mastodon #GoToSocial #Friendica #Hubzilla #Streams #(streams) #Forte #Permission #Permissions #ReplyControl

@Julian Fietkau I'm surprised to read that (streams) allegedly has FEP-e232 implemented. As I happen to have two (streams) channels myself, and as (streams) allows me to have a look at the whole source code of any activity (whereas Hubzilla only shows me that of the content), I've checked a fairly recent post of mine that includes a link. And while it does define the hashtags just like Mastodon and Hubzilla, it does not define links in a way that conforms to FEP-e232. Either that, or (streams)' implementation of FEP-e232 is newer than the software was when I sent that post.



Next, I wanted to see if (streams) had its way of quote-posting changed in the last seven years or so of development and forking. I expected it to quote-post like Hubzilla, namely by turning a BBcode short code into a dumb copy of the original upon sending, but I wanted to see proof. As (streams) is a fork of a fork of three forks of a fork (of a fork) of Hubzilla that's still maintained by Hubzilla's own creator, I would have been surprised if he had changed the way (streams) quote-posts at some point on the way.

So I quote-posted my own post on (streams) just to see what happens. And (streams) acted exactly like Hubzilla and not at all like described in FEP-044f on the surface. It still inserts a dumb copy.

Good thing I have access to the full source code of any message on (streams). So here's what happened, namely what I expected to happen: (streams) quote-posts like Hubzilla.

First of all, when I clicked the "Share" button, this short code was inserted into the post editor:

[share⁠=1198713][/share]

The number, by the way, is the running number of the message to quote-post on the server.

Upon sending the post, (streams) automatically "expanded" the short code into the dumb copy I had expected.

[⁠share author='Jupiter+Rowland' profile='https://hub.netzgemeinde.eu/channel/jupiter_rowland' portable_id='_moYLN61-o3FbP3jyThygMDf-bjF2cApXgkrwlAE77iKy19xM1_6F06V4b71eTkqqNaTUjGiN0lfw2dyn5nXRw' avatar='https://streams.elsmussols.net/xp/6b50efa4bb804860f6128bba791b74fab4a0a5e09dbcbee8d8ca77cee00f0330-6' link='https://hub.netzgemeinde.eu/item/0a1cdda5-eb1c-4a33-9574-ddd896977b4f' auth='true' posted='2025-09-21 19:42:56' message_id='https://hub.netzgemeinde.eu/item/0a1cdda5-eb1c-4a33-9574-ddd896977b4f'] ...(the source code of the original message goes here)... [/share]

Both Hubzilla and (streams) render this the same way, namely with a header line above the copy that includes the profile picture of the original author, the name of the original author with a Zot/Nomad-type link to their channel/account and a Zot/Nomad-type link to the original of the post ("Zot/Nomad-type" means that [zrl][/zrl] is used rather than [url][/url] which means that the ID of an observer on Hubzilla/(streams)/Forte is attached to the link for OpenWebAuth identity recognition purposes.)

At the same time, curiously, (streams) includes the line "rel": "https://misskey-hub.net/ns#_misskey_quote" and a line that starts with "name": "RE: and continues with the URL of the original message into the code for the link to the original message. The latter is identical to what Misskey and all Forkeys have in quote-posting notes in plain sight, only that (streams) only reveals it in the source code rather than in the content as well.

So this part of FEP-044f is implemented, albeit concealed from most people and only happening in the code.



Now, looking at the quote policy part, that looks like it could be possible to add to the Fediverse's permission champions Hubzilla, (streams) and Forte. After all, they already have comment controls with no FEP backing it (and if GoToSocial's quote policy can be made into an FEP, maybe so can (streams)' and Forte's comment controls so that they actually do blank out reply buttons on the farther ends of the Fediverse if the software on the farther ends implement support for that FEP).

This could be done at three levels again. I'll illustrate this with (streams) and Forte because they're quite a bit less complex than older Hubzilla.

At channel level, quote-posting (and maybe quoting as well) could be set as usually, namely to semi-public (= everyone in the Fediverse = no quote policy), restricted (= only your contacts) and only yourself. (Seriously, you don't want random passersby with no accounts to quote-post you. Even though you can allow them to comment on your posts if you dare.)

"Only yourself" could be overridden at contact level by permitting certain contacts to quote-post (and maybe quote) your messages. This is actually standard behaviour on (streams) and Forte.

And then there is the per-post level which would be similar to (streams)' and Forte's comment controls. These allow you to limit who may comment on a post to only your contacts and those who have already participated in the same conversation, and they allow you to turn off comments altogether.

Quote authorisation would not be much different in handling from manually moderating comments from those who technically aren't permitted to comment (only that spammers don't quote-post, at least not yet, and they probably never will because that simply makes no sense). So that'd be nothing really new.

Of course, this would have some limitations which come from how Hubzilla, (streams) and Forte work and from their conversation architecture.

The first limitation is that you could only give certain contacts permission to quote-post your posts if you didn't give it to the whole Fediverse. Channel-wide permissions are always inherited by contact-specific permissions, and this cannot be overridden. So you couldn't generally allow everyone to quote-post your posts except for one certain contact of yours.

The second limitation is that you can only control the permissions of contacts, but not of non-contacts. So you can't disallow some stranger whom you aren't connected to to quote-post your posts while everyone else is allowed.

Then again, FEP-044f doesn't make either of these two possible either. It can only define who is permitted to quote-post a post, not who isn't.

The third limitation is that, on Hubzilla, (streams) and Forte, comments always have the same permissions as the post that they belong to because comments always have the same owner as the post that they belong to. Basically, if FEP-044f was to be defined for each comment individually, it would have a chance of clashing with conversation containers as per FEP-171b.

Here on Hubzilla, as well as from (streams)' point of view, everyone's comments in this thread are owned by me because I've started the thread. And the permissions on all these comments are defined by my post. I've seen my share of permission clashes whenever someone on Mastodon replied to a public post or a public comment with a DM, and Hubzilla overrode this by forcing the permissions of the post on that reply.

In practice, this means that the quote policies of all comments would be the same as that of the post. At least that's how Hubzilla, (streams) and Forte would understand them because the concept of comments having different permissions than the post is alien to them. So if you say that I'm not permitted to quote-post your comment, but I say that anyone can quote-post my post, Hubzilla and (streams) override the quote policy that you've given your comment on Mastodon with the quote policy that I've given my post on Hubzilla, and I can quote-post you.

So the actually difficult part would be to implement an exception in how Hubzilla, (streams) and Forte handle comment permissions for quote policies and make them individual for each comment rather than making comments inherit them from the post.

Well, and lastly, if you permitted all your contacts to quote-post a post of yours, and you had a few more contacts, the "canQuote" section would end up monstrous. (A bit less so if you could cherry-pick those who are allowed to quote-post you on a per-post base, just like you can cherry-pick those who are allowed to see the post in the first place.) Also, I'm wondering just how well policies as per FEP-044f (and their implementations in various server applications) will work with DIDs as per FEP-ef61 which (streams) and Forte use, and I guess, so does Mitra now.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Misskey #Forkey #Forkeys #GoToSocial #Hubzilla #Streams #(streams) #Forte #Mitra #QuotePost #QuotePosts #QuoteTweet #QuoteTweets #QuoteToot #QuoteToots #QuoteBoost #QuoteBoosts #QuotedShares #Permission #Permissions #FEP_044f #FEP_171b #FEP_e232 #FEP_ef61

@Julian Fietkau I'm surprised to read that (streams) allegedly has FEP-e232 implemented. As I happen to have two (streams) channels myself, and as (streams) allows me to have a look at the whole source code of any activity (whereas Hubzilla only shows me that of the content), I've checked a fairly recent post of mine that includes a link. And while it does define the hashtags just like Mastodon and Hubzilla, it does not define links in a way that conforms to FEP-e232. Either that, or (streams)' implementation of FEP-e232 is newer than the software was when I sent that post.



Next, I wanted to see if (streams) had its way of quote-posting changed in the last seven years or so of development and forking. I expected it to quote-post like Hubzilla, namely by turning a BBcode short code into a dumb copy of the original upon sending, but I wanted to see proof. As (streams) is a fork of a fork of three forks of a fork (of a fork) of Hubzilla that's still maintained by Hubzilla's own creator, I would have been surprised if he had changed the way (streams) quote-posts at some point on the way.

So I quote-posted my own post on (streams) just to see what happens. And (streams) acted exactly like Hubzilla and not at all like described in FEP-044f on the surface. It still inserts a dumb copy.

Good thing I have access to the full source code of any message on (streams). So here's what happened, namely what I expected to happen: (streams) quote-posts like Hubzilla.

First of all, when I clicked the "Share" button, this short code was inserted into the post editor:

[share⁠=1198713][/share]

The number, by the way, is the running number of the message to quote-post on the server.

Upon sending the post, (streams) automatically "expanded" the short code into the dumb copy I had expected.

[⁠share author='Jupiter+Rowland' profile='https://hub.netzgemeinde.eu/channel/jupiter_rowland' portable_id='_moYLN61-o3FbP3jyThygMDf-bjF2cApXgkrwlAE77iKy19xM1_6F06V4b71eTkqqNaTUjGiN0lfw2dyn5nXRw' avatar='https://streams.elsmussols.net/xp/6b50efa4bb804860f6128bba791b74fab4a0a5e09dbcbee8d8ca77cee00f0330-6' link='https://hub.netzgemeinde.eu/item/0a1cdda5-eb1c-4a33-9574-ddd896977b4f' auth='true' posted='2025-09-21 19:42:56' message_id='https://hub.netzgemeinde.eu/item/0a1cdda5-eb1c-4a33-9574-ddd896977b4f'] ...(the source code of the original message goes here)... [/share]

Both Hubzilla and (streams) render this the same way, namely with a header line above the copy that includes the profile picture of the original author, the name of the original author with a Zot/Nomad-type link to their channel/account and a Zot/Nomad-type link to the original of the post ("Zot/Nomad-type" means that [zrl][/zrl] is used rather than [url][/url] which means that the ID of an observer on Hubzilla/(streams)/Forte is attached to the link for OpenWebAuth identity recognition purposes.)

At the same time, curiously, (streams) includes the line "rel": "https://misskey-hub.net/ns#_misskey_quote" and a line that starts with "name": "RE: and continues with the URL of the original message into the code for the link to the original message. The latter is identical to what Misskey and all Forkeys have in quote-posting notes in plain sight, only that (streams) only reveals it in the source code rather than in the content as well.

So this part of FEP-044f is implemented, albeit concealed from most people and only happening in the code.



Now, looking at the quote policy part, that looks like it could be possible to add to the Fediverse's permission champions Hubzilla, (streams) and Forte. After all, they already have comment controls with no FEP backing it (and if GoToSocial's quote policy can be made into an FEP, maybe so can (streams)' and Forte's comment controls so that they actually do blank out reply buttons on the farther ends of the Fediverse if the software on the farther ends implement support for that FEP).

This could be done at three levels again. I'll illustrate this with (streams) and Forte because they're quite a bit less complex than older Hubzilla.

At channel level, quote-posting (and maybe quoting as well) could be set as usually, namely to semi-public (= everyone in the Fediverse = no quote policy), restricted (= only your contacts) and only yourself. (Seriously, you don't want random passersby with no accounts to quote-post you. Even though you can allow them to comment on your posts if you dare.)

"Only yourself" could be overridden at contact level by permitting certain contacts to quote-post (and maybe quote) your messages. This is actually standard behaviour on (streams) and Forte.

And then there is the per-post level which would be similar to (streams)' and Forte's comment controls. These allow you to limit who may comment on a post to only your contacts and those who have already participated in the same conversation, and they allow you to turn off comments altogether.

Quote authorisation would not be much different in handling from manually moderating comments from those who technically aren't permitted to comment (only that spammers don't quote-post, at least not yet, and they probably never will because that simply makes no sense). So that'd be nothing really new.

Of course, this would have some limitations which come from how Hubzilla, (streams) and Forte work and from their conversation architecture.

The first limitation is that you could only give certain contacts permission to quote-post your posts if you didn't give it to the whole Fediverse. Channel-wide permissions are always inherited by contact-specific permissions, and this cannot be overridden. So you couldn't generally allow everyone to quote-post your posts except for one certain contact of yours.

The second limitation is that you can only control the permissions of contacts, but not of non-contacts. So you can't disallow some stranger whom you aren't connected to to quote-post your posts while everyone else is allowed.

Then again, FEP-044f doesn't make either of these two possible either. It can only define who is permitted to quote-post a post, not who isn't.

The third limitation is that, on Hubzilla, (streams) and Forte, comments always have the same permissions as the post that they belong to because comments always have the same owner as the post that they belong to. Basically, if FEP-044f was to be defined for each comment individually, it would have a chance of clashing with conversation containers as per FEP-171b.

Here on Hubzilla, as well as from (streams)' point of view, everyone's comments in this thread are owned by me because I've started the thread. And the permissions on all these comments are defined by my post. I've seen my share of permission clashes whenever someone on Mastodon replied to a public post or a public comment with a DM, and Hubzilla overrode this by forcing the permissions of the post on that reply.

In practice, this means that the quote policies of all comments would be the same as that of the post. At least that's how Hubzilla, (streams) and Forte would understand them because the concept of comments having different permissions than the post is alien to them. So if you say that I'm not permitted to quote-post your comment, but I say that anyone can quote-post my post, Hubzilla and (streams) override the quote policy that you've given your comment on Mastodon with the quote policy that I've given my post on Hubzilla, and I can quote-post you.

So the actually difficult part would be to implement an exception in how Hubzilla, (streams) and Forte handle comment permissions for quote policies and make them individual for each comment rather than making comments inherit them from the post.

Well, and lastly, if you permitted all your contacts to quote-post a post of yours, and you had a few more contacts, the "canQuote" section would end up monstrous. (A bit less so if you could cherry-pick those who are allowed to quote-post you on a per-post base, just like you can cherry-pick those who are allowed to see the post in the first place.) Also, I'm wondering just how well policies as per FEP-044f (and their implementations in various server applications) will work with DIDs as per FEP-ef61 which (streams) and Forte use, and I guess, so does Mitra now.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Misskey #Forkey #Forkeys #GoToSocial #Hubzilla #Streams #(streams) #Forte #Mitra #QuotePost #QuotePosts #QuoteTweet #QuoteTweets #QuoteToot #QuoteToots #QuoteBoost #QuoteBoosts #QuotedShares #Permission #Permissions #FEP_044f #FEP_171b #FEP_e232 #FEP_ef61