[Blog] / 2023-05-09 / fannish_metadata / #entry.rdf

<awol:Entry
        xml:lang="en"
        xmlns:awol="http://bblfish.net/work/atom-owl/2006-06-06/"
        xmlns:dc11="http://purl.org/dc/elements/1.1/"
        xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
        xmlns:sioc="http://rdfs.org/sioc/ns#"
>
        <dc11:title>Requirements for fannish resource identifiers</dc11:title>
        <dc11:date>2023-05-09T18:31:26-07:00</dc11:date>
        <dc11:abstract rdf:parseType="Markdown"><![CDATA[
A summary of a discussion which was held in the
[Fandom Coders](https://www.fancoders.com) discord about I·D
requirements for various types of fannish resources, and how these
things might federate out or be handled by other services.
]]></dc11:abstract>
        <sioc:content rdf:parseType="Markdown"><![CDATA[
The following blogpost is a summary of a discussion which was held in
the [Fandom Coders](https://www.fancoders.com) discord about I·D
requirements for various types of fannish resources, and how these
things might federate out or be handled by other services. Our goal is
to create a decentralized network of fannish platforms, so figuring out
resource identification requirements is an important first step.

Note that in the discussion which follows, a “resource” might be a
work, an author, a tag, a bookmark, or something else… anything which
might be a metadata subject.

## ① Resources should have Tag U·R·I’s.

Resource [Tag U·R·I](https://taguri.org)’s should be U·R·I’s of the
form :—

```
tag:<domain>,<date>:<path>
```

—: where `<domain>` is the domain name of a site, `<date>` is some
date (in `YYYY-MM-DD` format), and `<path>` is some path decided by the
person or people who owned `<domain>` at `<date>` to uniquely identify
the resource. Tag U·R·I’s are ideal for fannish resources for the
following reasons :—

- In order for a fannish resource to be published on the internet, it
  must be published at a domain on a date. So these requirements are
  easily satisfied.

- No external registration (beyond owning a domain name) is necessary
  to mint U·R·I’s, and no maintenance is necessary.

- The domain name in the Tag U·R·I indicates who should be the trusted
  party when it comes to information about the resource: `<domain>`.
  If you hear about the resource from somewhere else, you know to view
  the information you receive with some level of suspicion.

Some additional notes :—

- The term “Tag U·R·I” has no relation to the normal fannish use of
  “tag”; it’s just what the U·R·I scheme happens to be called.

- `<date>` does *not* (and maybe *should* not) have to be the actual
  date a resource was created. My recommendation would be to set
  `<date>` to the date that a service was founded, so that e·g if a
  service dies and a new one is started at the same domain, the two
  generate clearly distinguishable U·R·I’s.

- It’s not possible to distinguish between beneficial reasons for
  content changes at `<domain>` (an author editing a work) and
  malicious ones (hostile domain takeover). It’s also not possible to
  verify that the people at `<domain>` actually controlled the domain
  at `<date>`. But if people play by the rules, an *accidental* name
  collision will never happen.

## ② Resources should have canonical U·R·L’s containing their Tag.

The canonical U·R·L for a resource should look like this :—

```
https://<domain>/<subpath>/tag:<domain>,<date>:<path>
```

There are a few important things of note here :—

1. Both instances of `<domain>` **must be** the same, or else the U·R·L
   is not canonical.

2. The entire Tag U·R·I is present in the U·R·L, allowing it to be
   identified even if the U·R·L ceases to be dereferencable.

3. `<path>` may contain anything, including a query or fragment part.

It is possible for resources to be *mirrored*. Mirrors **must** have
U·R·L’s like the following :—

```
https://<mirror-domain>/<mirror-subpath>/tag:<domain>,<date>:<path>
```

—: that is, the same easily‐recognizable Tag U·R·I, but at a different
domain and subpath. Mirrors **must** identify the canonical U·R·L of
the resource they are mirroring. `owl:sameAs` might be one mechanism of
doing this in R·D·F.

## ③ Crossposted resources should link to each other.

If a work is crossposted in two locations, one is not necessarily
“canonical” and the other a “mirror”. Likely, both will be canonical
and have their own Tag U·R·I’s (and this is a good thing). Crossposted
works should instead identify themselves by linking to each other in
some reciprocal fashion. We may need to come up with our own metadata
term for specifying this, but see e·g `dcterms:hasFormat` and
`dcterms:isFormatOf` which encode a similar (but not necessarily
reciprocal in the same way) relationship.

## ④ Platforms should only trust mirrors as a last resort.

And with copious warnings. If at all possible, platforms should direct
users to the canonical U·R·L associated with a resource. However, this
may not be possible (if an archive moves or goes down). In that case,
a platform *may* direct users to a mirror, with a warning that the
mirrored version is not the original published work and may differ in
significant ways.

## Additional thoughts.

These things were either only briefly touched on, or else are my own
ideas which came as I was writing this post.

- Mirroring should be explictly opt·in, and ideally automated (to
  reduce the likelihood of intentional or unintentional error). We will
  need to develop protocols for this.

- For added security, publishing platforms might implement Webfinger,
  to guard against mirrors which correctly identify works they control
  but misidentify their path (thus making them appear to be down).
  Discovery platforms *may*, and probably *should*, attempt to make a
  Webfinger request for the resource with its Tag U·R·I instead of
  trusting the canonical path. However, supporting Webfinger *should
  not* be required of all publishing platforms, and the attack vector
  from mirrors in this sense is pretty small.

- Webfinger or ordinary H·T·T·P redirects could be used to forward
  services to new “canonical” U·R·L’s in the case that a service moves.
  However, this trail would only be followable for as long as the
  redirects or Webfinger endpoint remains up at the original domain.

- Instead of mirroring tags, a service might indicate that its version
  of a tag is intended to be synonymous with another service’s version
  of a tag using `skos:closeMatch`. The stronger statement
  `skos:exactMatch` requires agreement from both services. Tag mirrors
  are useful in case the canonical service for a tag goes down, but
  should not be relied upon otherwise.

- Publishing platforms *may* serve a “tombstone” at the canonical U·R·L
  for a resource, indicating that it was intentionally deleted. In this
  case, a mirrored version **must not** be used.
]]></sioc:content>
        <dc11:rights rdf:parseType="Markdown"><![CDATA[
Copyright © 2023 Lady <small>[Fannish Metadata Nerd]</small>.
Some rights reserved.

This blogpost is licensed under a <a rel="license"
href="http://creativecommons.org/licenses/by/4.0/"><cite>Creative
Commons Attribution 4.0 International License</cite></a>.
]]></dc11:rights>
</awol:Entry>