On fediverse apps like Mastodon, Pixelfed and (soon) Threads, content is federated — but identity isn’t. We look at potential solutions.

In response to Bray’s toot, Evan Prodromou — one of the creators of ActivityPub, who is currently writing an O’Reilly book about the protocol — noted that this “is also the argument for using the ActivityPub API.” He described the API as “an open, extensible API that can handle any kind of activity type — not just short text.”

This gets to the nub of the issue. The fact that I can’t use my Mastodon identity to, for example, sign up to Pixelfed is not actually an ActivityPub issue — it’s because the two applications, Mastodon and Pixelfed, each require you to create an account on their respective products. What Prodromou is suggesting is that, technically, you can use the ActivityPub API for account access.

  • Rottcodd@kbin.social
    12·
    7 months ago

    What you seem to be against is forcing you to have only one login. That does go against the model we are talking about.

    And it isn’t what’s being suggested.

    Yes - that isn’t what’s being suggested. And that’s entirely irrelevant.

    The correct way to measure the threat a proposal poses isn’t by what’s specifically being proposed, but by what the proposal, if enacted, carries with it - what it necessitates, implies or even just allows.

    As I mentioned before, and this seems to me to be the biggest potential threat vector, unless people host their identities on their own hardware, that information is going to be on someone else’s hardware. And that’s not going to be a charity - it’s going to be a business, that’s going to profit off of it somehow. If this proposal goes through and is relatively widely adopted, there will one day be an industry leader in the identity-hosting business, and that company will have leverage over the fediverse as a whole. And at that point it would be easy enough for them to, for instance, strike a deal with the biggest instances so that the instances, in the name of security or convenience or whatever might suffice, only accept registrations through that particular service.

    I’m not saying that that will happen - only that it could. And that’s enough, in my estimation, to make it a bad idea, because if the history of the internet has shown us anything, it’s that if there’s a way for someone to control something and profit off of it, someone will control it and profit off of it, and the original proposal that made that possible doesn’t mean a damned thing.

    • GlitterInfection@lemmy.worldEnglish
      1·
      7 months ago

      You are describing the current situation in the fediverse, not a problem caused by the idea proposed.

      Allowing for federated identity would also imply allowing migration of identity, which wholly prevents what you just described.

      The current system is guaranteed to have larger instances where people won’t want to leave because doing so abandons your identity.

      If I could move around the fediverse freely I would do so, but that is not a feature that is supported so I stick to the largest instance which happens to be the one I chose. I am not unique in this. Obviously, or this instance wouldn’t be so large.

      Offering federated identity is only a better situation than today.