Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »
Simple Update Protocol

Simple Update Protocol

Discuss Simple Update Protocol, or SUP (http://code.google.com/p...)
Custom RSS/Atom
Julien
We implemented SUP at Superfeedr so we can provide new entries even faster to our subscribers : http://blog.superfeedr.com/PubSubH...
Bruce Lewis
I'm experiencing SUP problems. FriendFeed is reading the SUP feed, but is not immediately fetching the RSS feed.
The SUP validated. I'll post it in a comment with http: changed to p: so autolinking doesn't mess it up. - Bruce Lewis
{"since_time":"2009-11-04T21:01:03Z","updated_time":"2009-11-04T21:03:13Z","available_periods":{"600":"p://ourdoings.com/sup.json?seconds=600","300":"p://ourdoings.com/sup.json?seconds=300","60":"p://ourdoings.com/sup.json?seconds=60"},"period":120,"updates":[["2ab","1f98"],["2aby","2009-11-04T21:02:58Z"]]} - Bruce Lewis
fixed, I think. - Paul Buchheit
fix confirmed. thanks paul. - Bruce Lewis
Simple Update Protocol
faq (Frequently asked questions about SUP) Wiki page commented on by michael.chelen - http://code.google.com/p...
Simple Update Protocol
faq (Frequently asked questions about SUP) Wiki page commented on by michael.chelen - http://code.google.com/p...
Simple Update Protocol
faq (Frequently asked questions about SUP) Wiki page commented on by michael.chelen - http://code.google.com/p...
Mike Chelen
"For smaller publishers, it may be easier and more efficient to contribute updates to a shared SUP feed hosted elsewhere, instead of generating their own SUP feed. FriendFeed provides a public, shared SUP feed that is open to updates from anyone." - Mike Chelen from Bookmarklet
Ray Slakinski
Thoughts and comments on oSync http://www.osync.org - oSync is a RSS/Atom like content syndication specification in JSON and takes into location, tags, commonly used namespaced elements (iTunes, Yahoo) and especially SUP baked right in! Not to mention JSON from end-to-end.
Interesting idea.. though it's in alpha... - Ahsan Ali aka. Slick
I made it alpha because I wanted to get feedback from the community before finalizing on the fields and such. - Ray Slakinski
Sorry I missed that you're the author :) This is something the OpenFFers might also be interested in: http://www.friendfeed.com/openff - Ahsan Ali aka. Slick
Good idea, forwarded :) - Ray Slakinski
How compatible is this with http://cwiki.apache.org/ABDERA... (which I think is the most widely deployed atom-json serialization)? - Nick Lothian
Its not compatible at all with atom-json. The approach with atom-json was to take all of Atom and make it onto a json object which is fine if that is what you want. To me atom-json feels like XML being represented in JSON. I took a more the same approach as Dave Winer did when he created RSS and tried to make it really simple to syndicate content but in a very JSON way. - Ray Slakinski
Updated some of the elements here based on some comments I got back - Ray Slakinski
Сергей Мартынов
Is FriendFeed's public-sup working? It seems that FF is not looking at it at all (details in comments)
1. I've created a SUP-enabled feed (http://martynov.info/locatio...), checked it with http://friendfeed.com/api... (Found X-SUP-ID HTTP header) and imported it to my test account http://friendfeed.com/martyno... - Сергей Мартынов
2. Then I updated the feed (add new fresh entry) and ping public-sup http://friendfeed.com/api... (I've tried different supid/url combinations). - Сергей Мартынов
3. I expect to see update at http://friendfeed.com/martyno... - but nothing happens. No new enrty for at least half an hour after ping. It appears only when I go to my "services" page and manually press "Refresh Custom RSS/Atom". Where am I wrong? - Сергей Мартынов
Sorry for the delay and thanks for the bug report. Public SUP should be working now. - Benjamin Golub
@bgolub, thank you! Thanks to this problem I learned how PubSubHubbub works and implemented it :) By the way - currently I support (and ping) both SUP and PSHB in my feed - may it lead to some problems or is it okay? - Сергей Мартынов
I'm speculating based on this outage and the one during Gnomedex that you're actively working on something SUP-related for FriendFeed. Any comment? :-) - Bruce Lewis
И так далее: it should be fine to use both. Bruce: this is actually a lot less exciting than that. A machine got hung up over the weekend and we only just noticed :(. The Gnomedex outage was also not very exciting...they just tripped the IP limit because so many users were making requests from the same IP. - Benjamin Golub
I actually meant the other Gnomedex outage -- the one that kept SUP-enabled feeds from showing at all. - Bruce Lewis
Ted Roden
Enjoysthin.gs now supports SUP. If you're importing your RSS feed from enjoysthin.gs to FF, it should happen a LOT faster. I have a couple more kinks to work out, but it should just start working for anyone already using it. Huzzah!
enj-heart-sup.psd @ 100% (Layer 5, RGB_8)-1.png
We'd love to have you join openff. http://friendfeed.com/openff - AJ Batac
AJ, I'd love to, but amongst other reasons, I don't have the time right now. - Ted Roden
It's ok Ted. Was thinking that your skills and knowledge may prove very useful to the group. Anyway, when you get the time. - AJ Batac
I know this isn't the place for it, but is there benevolent dictator for the project, or is it all democracy? - Ted Roden
Ted, it's Jason Huebel. - AJ Batac
Nice, glad to hear. Software by committee doesn't generally work work. It's best to have a king at the top, even if he/she listens very closely to what people are saying. - Ted Roden
Ted Roden
Anyone know how long it takes for FriendFeed to notice that an RSS feed has started supporting SUP? I've added it to a site, but FF hasn't picked it up yet.
Check your feed here, make sure SUP is working: http://friendfeed.com/api... - Jason Wehmhoener
Simple Update Protocol
testpage (One-sentence summary of this page.) Wiki page commented on by santoshsingh1984 - http://code.google.com/p...
Simple Update Protocol
testpage (One-sentence summary of this page.) Wiki page commented on by tony.hartmann - http://code.google.com/p...
Bruce Lewis
If a resource offers both a sup feed and a hub, will FF take advantage of both?
Pubsubhubbub is probably faster when everything is working, but SUP is more fault-tolerant. Do I need to choose? - Bruce Lewis
Hey Bruce, could you elaborate on why you think SUP is more fault tolerant? Hubbub will retry to deliver updates in the event of a failure. - Brett Slatkin
Partly because I didn't know that, and partly because I don't want to implement retries on my (publisher) end, because I'm lazy. - Bruce Lewis
Well, retries are pretty easy I think. The ping is such a light-weight operation that it usually can happen in less than 200ms. So doing it synchronously, even with retries, really doesn't slow publishing down very much. - Brett Slatkin
Adewale Oshineye
It is possible (given sufficient resources or even just using a web search) to infer the resource from a resource token. The resource might be password protected but by tracking the SUP document it becomes possible to perform
traffic analysis: http://en.wikipedia.org/wiki... on private resources because you will know how often and when they update. The spec should point out the potential risk. - Adewale Oshineye
I've given this issue a lot of thought because it affects OurDoings. The risk is negligible. I don't have time for an extensive comment now, but hopefully can fill in details later. - Bruce Lewis from fftogo
Briefly, if you don't already have access to the resource, the resource token won't lead you to it. If you know enough about the resource to do traffic analysis, you might be able to figure out what token goes with said resource, but you won't have any more info than when you started, i.e. you'll know when the resource updates. You already had that knowledge or you couldn't do traffic analysis. - Bruce Lewis
Given a private resource at example.net/1 (perhaps discovered through the Referer header) all I can tell is that there's something there. Given an Update Document that points to example.net/1 (perhaps because the publisher has decided not to use opaque tokens because all the urls are password protected) it becomes possible to tell when this private resource is being updated. Moreover it... more... - Adewale Oshineye
If people know your URLs and you use a hash of your URLs as the token, then yes you're telling the world when each was updated, no traffic analysis necessary. Seems obvious to me, but you're probably right that implementors should be warned somewhere. (I take back what I said about having thought a lot about this; I used opaque tokens and didn't think about the risk of non-opaque tokens.) - Bruce Lewis
Would adding this paragraph to the Security section of the spec help: "SUP does not require that a site MUST encrypt its resource tokens. The resource tokens may be rendered opaque through strong encryption, hashing or they may be non-opaque. In a scenario where a SUP document is being used to indicate that private or password protected resources have been updated and the resource... more... - Adewale Oshineye
@Ade - the SUP draft RFC has been updated to include that text: http://simpleupdateprotocol.go.... Thanks! - DeWitt Clinton
Regarding traffic analysis: you can place fake updates in the SUP feed. Consumers won't be able to tell the difference between a real update and a fake one. - Benjamin Golub
That will only work if you do something very clever to generate realistic looking fake updates without causing consumers to hammer your server looking for updates that don't exist. - Adewale Oshineye
Traffic analysis is also complicated by the fact that a given resource token can be used by more than one feed. - Gary Burd
Simple Update Protocol
r33 (Fixed the typo caught in the review of r32 by adewale at htt...) committed by dclinton - http://code.google.com/p...
Simple Update Protocol
r32 (Updated the Security Considerations section per Adewale Oshi...) committed by dclinton - http://code.google.com/p...
By the way, anyone can review this change by going to: http://code.google.com/p... and entering a comment or a postiive/negative vote. - DeWitt Clinton
Maybe I've been spoiled by Mondrian and Rietveld but I couldn't figure out how to comment on that CL. Anyway the line that says "private or password resources. This is one way adoption of SUP can" should say "private or password protected resources. This is one way adoption of SUP can" The word "protected" is missing. - Adewale Oshineye
I added you as a committer, Ade. See if it works now? - DeWitt Clinton
It works now. I've submitted a review. - Adewale Oshineye
Perfect. Fixed in r33. - DeWitt Clinton
Paul Kinlan
Is it possible to get a SUP_ID on entries. I would like to monitor a large set of Friendfeed entry, when they are commented on, liked etc, i.e, whenever it is updated. (via http://friendfeed.com/friendf...)
Not currently, but you could monitor the SUP_IDs of the feed and re-check the entry when the feed is updated (entry updates are also feed updates). - Paul Buchheit
Thanks Paul, I might be following 1000 entries and if each is over 1000 individual users then I may check to see if my entry is updated when in fact it is another unrelated entry on that users feed that has changed - I effectively polled the feed for no reason.... I honestly do like the idea of treating an entry as a feed in its own right. - Paul Kinlan
I agree, it would be nice. Monitoring the feeds would probably still be helpful though since most feeds don't update very often. - Paul Buchheit
I am also thinking of using SUP_ID of users feeds to invalidate the caches on the Friendfeed version of Amplifeeder (http://paul.kinlan.me as an example). I need to cache for as long as possible and polling a SUP feed I hope will allow me to use the cache more effectively. - Paul Kinlan
Paul Buchheit
YouTube API Blog: Simple Update Protocol for User Activity Feed docs are now available - http://apiblog.youtube.com/2009...
"At Google I/O 2009, we demoed a nifty sample application that tracks updates to any number of YouTube user activity feeds. The technology behind the application is the Simple Update Protocol (SUP), a simple and compact "ping feed" that enables your application to efficiently monitor changes to a large number of user activity feeds. If you run a social network with tons of users who also happen to be active on YouTube, you should consider using SUP to let your users easily share their updates on YouTube with their friends through their social graph on your site." - Paul Buchheit from Bookmarklet
Paul, how important do you believe SUP is vs. other initiatives on the Web today? - Louis Gray
Louis, SUP provides a very simple way for sites such as YouTube to expose update information to bulk consumers such as FriendFeed. Obviously this is just one part of what is needed to make everything realtime or at least more realtime, but it's a very important part. My hope is that other realtime efforts (such as PubSubHubBub) will also add support so that SUP will also become easier to consume, especially for smaller sites and projects. - Paul Buchheit
It also removes the need for RSS, or a custom API for many things - Jesse Stay
Jesse, SUP does not replace RSS, it accelerates it :) (though it can be used for all HTTP resources and media types, not just RSS) - Paul Buchheit
Oh - I haven't really looked at the spec. So my guess is SUP is what notifies servers to pick up the latest RSS? - Jesse Stay
Jesse: http://code.google.com/p... should clear things up for you - Benjamin Golub
Ah, that makes sense. Dave Winer can remain happy. :-) - Jesse Stay
Rub a Dub Dub, PubSubHubBub in a Tub. - Louis Gray
Benjamin Golub
Skip to 24 minutes into the presentation to learn about YouTube and SUP http://www.youtube.com/watch...
Skip to 24 minutes into the presentation to learn about YouTube and SUP http://www.youtube.com/watch?v=NGH78R4KjS4
Play
Can someone summarize for those of us in a low-bandwidth situation? - Bruce Lewis
Summary: YouTube has a SUP feed (http://gdata.youtube.com/sup) which was announced at Google I/O. As far as I can tell it hasn't been documented yet but it sounds like they are working on it. FriendFeed has been consuming the feed since a few days before the Google I/O announcement. - Benjamin Golub
Simple Update Protocol
issue 1 (mysite.com should be example.com in Python source) commented on by medyumu...@hotmail.com - http://code.google.com/p...
Bruce Lewis
Two Reasons Why SUP Is Better Than Ping Services - http://ourdoings.com/ourdoin... (via http://friendfeed.com/brlewis...)
The original item did show less than 2 minutes after posting, so FF SUP is back. - Bruce Lewis
Simple Update Protocol
issue 3 (SUP's link tag is invalid RSS 1.0 and RSS 2.0) commented on by medyumu...@hotmail.com - http://code.google.com/p...
Simple Update Protocol
issue 3 (SUP's link tag is invalid RSS 1.0 and RSS 2.0) commented on by medyumu...@hotmail.com - http://code.google.com/p...
Simple Update Protocol
issue 2 (Not clear how to implement SUP with RSS 1.0) commented on by medyumu...@hotmail.com - http://code.google.com/p...
Simple Update Protocol
issue 3 (SUP's link tag is invalid RSS 1.0 and RSS 2.0) commented on by medyumu...@hotmail.com - http://code.google.com/p...
Looks like the Google Code issues tracker has been infiltrated by spammers - Benjamin Golub
Simple Update Protocol
issue 1 (mysite.com should be example.com in Python source) commented on by medyumu...@hotmail.com - http://code.google.com/p...
Simple Update Protocol
issue 2 (Not clear how to implement SUP with RSS 1.0) commented on by medyumu...@hotmail.com - http://code.google.com/p...
Steven Livingstone-Pérez
Couldn't see anything immediately so i'll ask. I want to be able to create my own FriendFeed SUP so that i monitor say 1k feeds/60 seconds. I know the SUP ID's you assign so i'd like to optimize my querying by asking my own URL for any updates e.g . http://friendfeed.com/api...
If you monitor http://friendfeed.com/api..., then you get all changes at FriendFeed including the 1K feeds that you are interested in. We do not provide a way to get a subset of the changes. - Gary Burd
Thanks Gary. - Steven Livingstone-Pérez
bear (aka Mike Taylor)
I've check the API call per the previous post and can confirm that X-SUP-ID is set (http://feeds.seesmic.com/sup...), that the sup.json file validates and I even see in the apache logs it being requested. But I don't see my updates until I tell FF to refresh the service. Any hints?
What does the SUP validator say? http://friendfeed.com/api... - Bruce Lewis
only this: Suggestion: It is better to include multiple available_periods - bear (aka Mike Taylor)
Can you post a pointer to one of your user feeds with X-SUP-iD? - Gary Burd
Hi Mike, there is an issue with the FriendFeed code that crawls Seesmic that I hope to have fixed soon. I see nothing wrong with your SUP implementation. Sorry for the delay. - Benjamin Golub
Mike: we've made the change and are now fully utilizing the Seesmic SUP feed. You can watch new entries appear here http://friendfeed.com/public... - Benjamin Golub
It may take up to 1/2 hour before SUP is active on all seesmic feeds though. Also, if you want to make ff find seesmic entries even faster, you should add more available_periods (like 30 or 60 seconds). - Paul Buchheit
we should definitely optimize it for seesmic videos to show in 30 secs on Friendfeed - Loic Le Meur
btw we're almost done updating our player too so that it is lighter - Loic Le Meur
Benjamin, much thanks for the fix - bear (aka Mike Taylor)
Paul, I had brought it back down to a single period during my testing - I will enable more periods now - bear (aka Mike Taylor)
bear (aka Mike Taylor)
I've validated the sup.json file, how do I know that FF is now using it to control polls to our Seesmic users?
Web access logs. - Bruce Lewis from fftogo
ah - so just the fact that sup.json has been requested means they are using it. /me goes to grep some logs - bear (aka Mike Taylor)
If it isn't happening, check http://friendfeed.com/api... - Bruce Lewis from fftogo
my logs show 6 hits earlier today but then nothing and the sup.json file has already been validated (and is still valid). (update: a single sup.json hit followed by two hits for a user file) - bear (aka Mike Taylor)
Mike: FriendFeed uses the Seesmic API (http://api.seesmic.com/users...). If that feed had the SUP header (http://code.google.com/p...) set then FriendFeed would begin making use of your SUP feed. - Benjamin Golub
well I'll be - uhhh, hmm - thanks -- I thought it was reading atom files so I added the link tag to them. ok - let me go tweak the header for the user's json response - bear (aka Mike Taylor)
Other ways to read this feed:Feed readerFacebook