Comment on Is the Fediverse stalling?

• rglullis@communick.news ⁨2⁩ ⁨days⁩ ago

  My point is: if you have a ledger that the user controls and can use to redirect to different auth endpoints, then you don’t need oauth. You just use the record in the ledger as the authentication mechanism directly.

  source

  • muntedcrocodile@hilariouschaos.com ⁨2⁩ ⁨days⁩ ago

    Yeah exactly. But instead of having to implement that auth process in every different fediverse service in however many different languages u simply write it once with an oidc endpoint and all fediverse services can run it as a container in their stack. It makes implementing such auth system a simple config change and updating a docker compose to add a new service.

    source

    • rglullis@communick.news ⁨2⁩ ⁨days⁩ ago

      It looks like we are talking past one-another.

      What I am trying to say is that “getting the user to complete a login” is not the novel part that is missing. What we are missing is a way for the user to have control over their actor ID, so that they use the same id regardless of what user that id is delegated to.

      So, unless I am misunderstanding you, what you are proposing is an OIDC provider which could be used to authenticate on any other service. That’s good, but it doesn’t solve the problem that if we had an unified OIDC provider without a DID, all of the actor ids would end up dependent on the OIDC provider.

      source

      • muntedcrocodile@hilariouschaos.com ⁨2⁩ ⁨days⁩ ago

        Ahh I see what ur saying now. Yeah the actor id is hard as it needs to be an actual dereferenceable uri as actors need an inbox and outbox of activities.

        I don’t think u can maintain cross instance actor ids. The only issue I see with having multiple actor ids for the same user is that they will have their content and profile split across multiple instances.

        I guess u could have a meta id that dereferences to all ur actor ids?

        source

        • -> View More Comments