Comment on Change My Mind: The Fediverse is not as connected as were told, and it's splintering even more.
Blaze@discuss.tchncs.de 8 months agoI see where you come from. We are not there yet, but maybe in the future.
On the other side, having different accounts for different services is also to keep them independent from each other, even if connected
Jilanico@lemmy.world 8 months ago
Hmmm what if there was a new fediverse application dedicated to hosting fediverse accounts. You could then use that account to register with any fediverse instance. Kind of like you can login to various websites with your Google or Facebook account.
That would mean a single account could be used with any Fediverse service (Lemmy, Mastodon, etc.), all post history could be aggregated, and you could easily move from one instance to another.
Lemmy, Mastodon, etc., would have to be enhanced to accept this mode of registration of course.
TORFdot0@lemmy.world 8 months ago
In my opinion a centralized authentication platform such as that requires a single point of failure or a level of trust between instances that isn’t and in my opinion shouldn’t be allowed as it would increase the attack surface for bad actors to exploit.
I think the best way would be for the community to create a docker image or other out of box solution that makes it easy for instance hosts to support multiple services on different subdomains from a single endpoint with shared authentication and as such your lemmy.example.com credentials would work for mastodon.example.com and would work for pixelfed.example.com and would work for peertube.example.com and so on and so forth.
Jilanico@lemmy.world 8 months ago
It wouldn’t be centralized. There would be multiple instances and you’d choose which one to use to host your account.
I like your idea, though. It doesn’t solve the problem of moving your account from one Lemmy instance to another, for example, but it does reduce barriers to entry for other fediverse platforms.
TORFdot0@lemmy.world 8 months ago
If it’s not centralized then that’s where the trust issues come in. How can I trust another node on the network that I should authenticate User X when I don’t have the secret key?