this post was submitted on 04 Jul 2023
90 points (95.0% liked)
Fediverse
28736 readers
390 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to [email protected]!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This is how email works. This is how the internet worked in general before the big sites
The problem you want to fix is a big issue in computing in general. Billions have been spent on last mile auth and universal digital identity is still just a bit out of reach
Soon.
I mean, absolutely - I guess what I'm saying is, it feels like a good time to bake in good ideas, while the fediverse is still evolving. After a while it'll just be the way it's always been and it'll be harder to improve.
Digital identity at scale is still in the research stages and requires a fair amount of capital. This is why Google and social logins are dominant.
Unless someone has a rabbit in thier pocket we are waiting for a decentralized form of auth. There are some but people don't really like them. Even here.
The w3c standard you want to look into is DiD
Source: day job
In a limited sense that's kind of what we're getting with the fediverse though - your account working across a number of servers. People don't seem to be thinking about how to do more than set up a bunch of duplicate instances rather than how to leverage it. I'll have a look at the DiD though.. I'm a programmer so always interested.
It's a deceptive problem. Right now you have either cert trees or pki signers. Neither allow a traditional login flow and making it like "the old way" using "the new way" requires enclaves, signers and a specific sku of Intel processor.
Why tho? If we can get standardized protocols and stuff, why not a standardized login system where 1 account works on every site?
Reposting from below:
Digital identity at scale is still in the research stages and requires a fair amount of capital. This is why Google and social logins are dominant.
Unless someone has a rabbit in thier pocket we are waiting for a decentralized form of auth. There are some but people don’t really like them. Even here.
The w3c standard you want to look into is DiD
Source: day job
Agreed, although before 366 hosting it was an exchange shitshow.