this post was submitted on 08 Jul 2023
225 points (93.4% liked)

Fediverse

28213 readers
1153 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 1 year ago
MODERATORS
 

Why can’t we have federated identity to login into fediverse instead of creating login for each instance?

top 50 comments
sorted by: hot top controversial new old
[–] tristar@lemmyfly.org 140 points 1 year ago (11 children)

Please tell me you haven't been creating accounts on every instace. You can register on one instance then use that account to interact with content and communities on all other instances.

[–] mango_master@lemmy.world 24 points 1 year ago

No, but some people are discussing about creating new logins, so I want to clarify. Thanks for the clarification.

[–] Candelestine@lemmy.world 19 points 1 year ago (3 children)

Some people do make this mistake, I've seen a thread or two asking about it after they already started. We'll need a proper solution eventually, likely education/tutorial-based.

[–] Interesting_Test_814@lemmy.world 21 points 1 year ago (1 children)

The problem will stay there as long as lemmy links don't automatically redirect to your instance in somr way.

[–] johnnyjayjay@feddit.de 5 points 1 year ago

True, but changing this is unfortunately unfeasible with the way the web works. If I just access the URL of a post on instance A, there is no reasonable way for it to know that my home instance is B.

There should at least be a button or something that sends you to your home instance after entering the domain though. Other than that, we'll have to keep using browser addons and userscripts...

[–] Zarxrax@lemmy.world 8 points 1 year ago (3 children)

Literally every single explanation of Lemmy or fediverse that I have seen makes this really clear. I don't understand where people would get the idea that you have to sign up to every site.

[–] cerevant@lemmy.world 43 points 1 year ago (1 children)
  • Someone gives you a link, or you find it in search
  • You click on the link, because that's what you do with links
  • It takes you to what you are looking for, but it says you have to log in to comment or vote
  • You log in so you can comment or vote

The UX for interacting with off-instance subs is abysmal. What is even worse is that as far as I can tell, there is no way to link a post or comment that is instance relative / instance independent.

[–] Zagorath@aussie.zone 19 points 1 year ago (1 children)

there is no way to link a post or comment that is instance relative / instance independent

I'm commenting mainly as a reminder to myself to check back later if someone comes in with a correction.

That said, the answer to this in the long term should be for the front ends (Lemmy UI, Jerboa, Sync for Lemmy, etc.) to be smart about this. My Mastodon app, Megalodon, does it. If you click a link to a post in another instance, it automatically looks up the same post from your instance and takes you there. It's a little slower (and Megalodon shows you a button to short-circuit it and just go to that URL if you don't care to be on your instance), but it lets you interact with the post as normal.

[–] cerevant@lemmy.world 13 points 1 year ago (1 children)

Even at the most basic level it is broken - at the bottom of your comment is a "context" button with the fediverse symbol. If I click on it, it won't take me to the comment on my instance (lemmy.world) but instead is an absolute link to the comment on your instance (Aussie.world) even though the community lives on lemmy.world.

I love lemmy, and I think it has a bright future, but this fundamental problem really needs to be fixed.

[–] Zagorath@aussie.zone 9 points 1 year ago (1 children)

You're probably looking at the rainbow pentagon button, which behaves as you describe. There's also a kind of chain link button. That one should take you to the context within your own instance. At least on web that's how it works. Different apps may display differently.

[–] vegetaaaaaaa@lemmy.world 7 points 1 year ago (1 children)

The tooltip doesn't help either - both links only have a tooltip that just says link... IMHO it should be Link to this comment on CURRENT_INSTANCE_DOMAIN for the chain icon thing, and Link to this comment on COMMENTER_INSTANCE for the rainbow thing.

Anyway, the issue about this messy behavior described by @cerevant@lemmy.world is here https://github.com/LemmyNet/lemmy-ui/issues/1048

load more comments (1 replies)
[–] Trapping5341@lemmy.world 11 points 1 year ago (1 children)

Because when you click a link out of link Google or something you try to login and it says your login doesn't work. To actually view that page properly you have to copy the link go you home instance and search it again then go to the post and then you can interact with it. Some people either A. don't realize that or B. Don't understand that's how it all functions. It confused the shit out of me for the first couple days but I just didn't care enough to create a new account because my account "should" have worked there I just didn't know how to make that happen.

[–] Cordoro@lemmy.world 7 points 1 year ago (2 children)

The process to open a link on your home instance is just way too complicated right now. Some sort of browser presence could help redirect users to the right places.

[–] Trapping5341@lemmy.world 4 points 1 year ago

Agreed I haven't spent much time using Lemmy on an app but I'm hoping those can make it easier somehow atleast for mobile users.

load more comments (1 replies)
load more comments (1 replies)
[–] wolfcatreader@lemmy.world 4 points 1 year ago (1 children)

As a newb to Fediverse, I agree because it is ambiguous how to use one account for several instances. I've browsed the web for several hours. But I only found out that the above is not a one-size-fits-all because some instances require registration.

Also, saying that an account can be created to access communities in my experience, implies I can only see and minimally interact on those instances. But I cannot go as far as posting anything because as I previously stated, I need an account on the said instance to do that.

I see the Fediverse being an umbrella of apps/services. However, from my experience, they're not synchronized. More like silos.

load more comments (1 replies)
[–] teolan@lemmy.world 7 points 1 year ago

Yes but it's a bit of a mess to interact with lemmy from a Mastodon account though.

[–] TimewornTraveler@lemmy.world 5 points 1 year ago (9 children)

No some communities need a new login. lemmy NSFW has no content without it. th there's the issue of having a slow instance like world vs another instance

[–] sunaurus@lemm.ee 25 points 1 year ago (4 children)

You don't need a new a account for this, just make sure you have "Show NSFW" enabled in your profile.

load more comments (4 replies)
[–] rockSlayer@lemmy.world 16 points 1 year ago

Also it's kinda practical to have an alt for lemmynsfw since account activity is openly available

load more comments (7 replies)
load more comments (7 replies)
[–] muddybulldog@mylemmy.win 39 points 1 year ago* (last edited 1 year ago) (14 children)

There's a difference between a federated identify and single-sign on. Your identity /u/mango_master@lemmy.world IS federated. You don't need to have a separate login for each instance. You can use that identity to interact with any instance much the same way I am using my federated identity to currently respond to you.

[–] wetferret@lemmy.world 7 points 1 year ago (3 children)
load more comments (3 replies)
[–] mtdyson_01@kbin.social 6 points 1 year ago (1 children)

I do not have the same experience. If I want to interact with a different instance then I have to login to that instance. Granted I'm very new to Lemmy but so far the apps are not quite there yet and exploring the fediverse is difficult. Searches are useless unless you know exactly what instance you need to find what you're looking for.

[–] muddybulldog@mylemmy.win 7 points 1 year ago* (last edited 1 year ago) (1 children)

I understand. It really comes down to your entry point. For example, as long as I'm viewing the community/user/content via my instance I can interact; e.g. I'm replying to a post on https://mylemmy.win/comment/427171 ; you, on the other hand are replying to https://kbin.social/m/fediverse@lemmy.world/t/158389/why-can-t-we-have-federated-identity. Since we're viewing from our own instances we can interact. If either of us goes directly to the canonical URL, https://lemmy.world/post/1194109 , we'd be forced to login. It's all the same post, just different points of entry that muddy the user experience.

load more comments (1 replies)
[–] masterspace@kbin.social 4 points 1 year ago

I think what they mean is identity that is coupled to them the person and not whichever instance they choose to sign in on.

load more comments (11 replies)
[–] donuts@kbin.social 32 points 1 year ago (1 children)

You don't create a login for each server, you create a single account on a single server and then interact with people and posts on various servers. You don't login to other servers because it wasn't designed to work that way, and it isn't necessary.

Email is a good parallel. I make an email account on ProtonMail, and so that's where I log in to read and write emails (to other users, potentially on other servers). I can't use that same username and password to log into GMail, because that's a different email service provider altogether. You certainly don't need to make multiple email accounts if you don't want/need to.

[–] YourHuckleberry@lemmy.world 6 points 1 year ago (1 children)

So should we display full usernames by default? What's going to happen when someone important, IRL, wants to interact with Lemmy?

[–] Pyro@pawb.social 15 points 1 year ago (1 children)

In a way yes it's similar to email need to know if your @gmail or @yahoo.

As for "important" people, same noteworthy as any other thing. Only extra they could do is if they are with a company could have a server that is @target @mbl or @meta (though everyone might block the latter xp)

load more comments (1 replies)
[–] seperis@lemmy.world 31 points 1 year ago (7 children)

So after twenty-something years on social media, along with mailing lists, messageboards, usenet, this is a topic I think about literally every time I have to add, change, migrate, delete my account as I migrated from platform to platform like some virtual vagabond between text-driven city-states. A virtual vagabond with no worldly goods, no name, no history, and completely invisible to all. To exist, I must apply to the City Leader, and if accepted, I get a name, a nice studio apartment, and visibility as well as contact with other humans after watching a short commercial every five or so humans. If I leave, am thrown out, or the city is burned down, I can't take anything the city gave me with me. By 'gave', I mean 'loaned' btw; none of those things were actually mine.

All the discussion of whether or not to federate with Threads were interesting in that in general, it's kind of pointless. A server instance isn't a democracy; the owner's opinion is the only one that matters. If you don't like it, leave. And I don't argue their right to do so; they're paying the bills, doing the upgrades, eating grapes with robot butlers, I don't know their lives. Federated means anyone can run their own not-twitter or not-reddit; go for it. All you need is money, free time, and the knowledge of how to register a domain name, get, run, secure, and maintain servers, and install and configure the program, lure people in, and avoid breaking any national or international laws. Like I said: I really seriously do not argue the owner's right to decide anything for their server. i know how to do all those things and I ran several websites and archives: I wanted a nap before installation step.

Fediverse is a massive step in loosening the stranglehold megacorporations had on our ability to shitpost in peace and talk about our cats without feeling stalked by people wanting to sell us shit or sell our browsing habits, blood pressure, and underwear size to those who will the try to sell us deeply individualized shit; it's the circle of life, man.

Wow this got long but feelings.

So at this point--two decades and change of social media, the rise and fall of social empires, so much virtual vagabonding across the virtual desert to find a new city-state....I don't think it's too early to consider getting around to a productive discussion of how we go about separating the individual identity from the community and define what is theirs to keep no matter where they are. If there was ever a place and time to start building a model, it's where all the city states are allies and the individuals can interact with each other no matter what city they're in. The account transferability in Mastodon is a really good start, but it's not a solution, much less the solution. It's a beginning.

I don't expect to have a working, finished, flawless product in six to eight weeks or six to eight months; I expect it to slide in three weeks and two days after the announcement that it's ready for alpha testing and immediately break the first time a tester opens it; it'll be another month before it goes into testing again. I expect it will be a weird buggy mess of wtf after months of virtual warfare and everyone will hate it before the rough draft of the design documents are even released. I expect there will be one weird guy who really thinks everything should be written in Rust because he's insane and never sleeps. Five to eight devs will dramatically quit; one will quietly move to Utah and farm emus. None of them will be the Rust guy; you're stuck with him. I expect the working version after testing is done will be hated by everyone and probably kind of crappy. But it will also be amazing, because as of it's release--no matter how shitty, buggy, or how many inexplicable design choices are made--the individual exists outside of being community property and that no matter where we go or how much we pissed off that admin or if our city-state was nuked from orbit, there are things that are ours and we get to keep them.

[–] astral_avocado@lemmynsfw.com 6 points 1 year ago (1 children)

I like this comment but in the end this is something most people won't want, me included, because a decentralized identity would just mean an even better way to track and get yourself doxed for people who want to remain unknown to rulers of city states

load more comments (1 replies)
[–] Deez@lemm.ee 4 points 1 year ago (1 children)

Your comment was a roller coaster of emotions. I loved it!

load more comments (1 replies)
load more comments (5 replies)
[–] toasteranimation@lemmy.world 24 points 1 year ago (9 children)

This is a reasonable question. What if you put a lot of effort into posting and commenting just for your instance to shut down or disappear? With a ‘federated’ identity, you would theoretically still have your user account if just one instance went dark, even if it’s where you created your account

[–] toasteranimation@lemmy.world 6 points 1 year ago

To the downvoters: how about adding something to the conversation?

[–] sab@kbin.social 5 points 1 year ago (1 children)

If your instance shuts down your posts will still be visible on the other servers that your instance was federating with. Which might raise concerns if you want to have them removed, but that's another issue.

On Mastodon it's possible to move from one instance to another, taking your followers and the list of people you follow along with you and having the old account point to the new one. In the threadiverse, the most important feature would probably be to not have to manually re-subscribe to a bunch of communities. I think this moving of accounts from one instance to another will probably become standardized at some point in the future, so that you could for example move an account from Mastodon to Lemmy if you should wish. It's probably pretty far down on the list of priorities though.

In my opinion, the idea of a hierarchy of users as enforced on Reddit through karma is a bit obsolete. I think we're posting and commenting out of interest in the topic or a willingness to help or entertain. If that's the motivation, I don't see how starting over on a different server is such a bad thing; you're not really losing anything. We're not here hoarding upvotes like a dragon hoards gold.

load more comments (1 replies)
load more comments (7 replies)
[–] BJHanssen@lemmy.world 24 points 1 year ago* (last edited 1 year ago)

The technical challenges are vast, is the long and short of it. But it's high time there's a good discussion over how it should (or might) work, at least the kinds of properties such a system should have.

  • Self hosting of federated credentials should be possible, but not required
  • 'Backwards tracking' of federated credentials should only be possible with limited requests (e.g. 'verify author of post') and approval of the credential owner
  • All data on the credentials instance should be properly encrypted
  • All data on credentials instance should be fully and easily portable to other instances via common protocols

There are several issues involved here, beyond just 'mere' technology, that need addressing. Personally I think a good start might be to engage with public libraries here. They already keep simple identity records (library cards) and have public service purpose well-aligned with the concepts of the federation and public distribution of information and knowledge.

[–] ScaNtuRd@lemmy.world 23 points 1 year ago (2 children)

Because then there would need to be a centralized entity to host all user accounts, and we don't want centralization 'round here

[–] CoderKat@lemm.ee 8 points 1 year ago (1 children)

You could do what Oauth does, allowing many providers to create credentials. That's what some sites already use to let you login with google/Facebook/etc on their site. Except you theoretically could use any arbitrary sites you trust.

[–] SQL_InjectMe@partizle.com 5 points 1 year ago (2 children)

and then when your main instance shuts down you can’t log into any again. So what’s the benefit asides from bypassing defederation? (And this wouldn’t even be a benefit, because instances defederate because they don’t like the users, so if you let people log in with oauth from a hated instance then you’d also get defederated

load more comments (2 replies)
load more comments (1 replies)
[–] HeartyBeast@kbin.social 8 points 1 year ago (4 children)

Because then it wouldn’t be federated, it would be centralised.

load more comments (4 replies)
[–] tobier@lemmy.world 8 points 1 year ago

The whole point is to be decentralized. You can still interact with communities on other instances, so what's the point?

[–] Kichae@kbin.social 6 points 1 year ago (4 children)

So, anyone can spin up a Lemmy website. They're all independent sites, with independent and unaffiliated admins.

In order to sign in to a website with a given set of credentials, that website needs to know something about those credentials. Importantly, they need to know something about your password.

And that's a security nightmare that no user should be ok with.

Now, there are single sign-on (SSO) possibilities, but for them to be universally accessible across the Fediverse, you either need to impose them on 20,000 admins across two dozen software implementations, or you need them all to a) agree to support SSO, and b) agree to support the same SSO options.

Despite the fact that most of these websites look the same, they're all completely different websites, and while they can be treated, on first glance, as having the same content, they're very different places run by very different people. They can't be treated like a singular entity.

load more comments (4 replies)
[–] DreadTowel@lemmy.world 5 points 1 year ago (2 children)

It'd be great to support identity based on a key hash, so that it's completely decoupled from any instances. Maybe some time in the future.

load more comments (2 replies)
[–] cestvrai@lemm.ee 4 points 1 year ago

I think this will ultimately be solved by 3rd party clients.

There are tons of mobile apps in the pipeline and some already released. I just got set up with Memmy a couple days ago and it already makes things a bit easier; a step in the right direction.

On desktop I imagine browser plugins helping to tie the experience a bit more together. Hopefully the vanilla UI can also deal with cross-instance behaviour down the road.

load more comments
view more: next ›