Fediverse

32163 readers

869 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Posts must be on topic.
Be respectful of others.
Cite the sources used for graphs and other statistics.
Follow the general Lemmy.world rules.

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago

MODERATORS

[email protected]

106

A "Sign in with fediverse" button? (lemm.ee)

submitted 1 week ago* (last edited 1 week ago) by [email protected] to c/[email protected]

46 comments fedilink hide all child comments

Just like apps and websites implement "Sign in with Apple" and Google couldn't we build some kind of federated authentication provider? Then everyone creates an account there and fedi apps can implement an easy way to authenticate users. Even non fedi apps could use it. I imagine user interaction between different fediverse platforms would be much easier too.

I guess could run an auth instance. Ideally everyone would run their own, keeping your data safe.

Is there something likes this already? Saw some discussion here but not much else https://socialhub.activitypub.rocks/t/single-sign-on-for-fediverse/712

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 21 points 1 week ago (2 children)

Yes and no.

Decentralized IDs exist, but will almost never be accepted by any large reputable institution.

Why trust every indie site to be 100% truthful, and definitely not full of malicious haXXors?

[–] [email protected] 3 points 1 week ago (1 children)

Just like fediverse works you can federate with the auth providers you want and ban malicious ones.

Lots of lemmy instances chose not to federate with others. I imagine it could work the same way.

[–] [email protected] 6 points 1 week ago

Before an instance does something malicious, how do you know it will be malicious?

Even if everyone there running it, & participating is pure of heart, how can you be assured that haXXors won't simply break in to take advantage of that trust you've given them?

Banning bad instances is a reactive stance that only applies after damage has been done. Can you convince the corporate overlords to take that risk? And it only increases as the fediverse gets more popular, and more instances get trusted.