That was absolutely true 5 years ago. But it's getting less true all the time. As I say, there are a number of server and app projects with implementations now. Which is producing a lot of feedback about how to improve it for a future iteration of the AP spec.
People keep pointing out the UX fail of expecting people to have multiple accounts to use all the different fedi services. But that wouldn't be true if every #AP app and server used a general purpose #C2S API, defined in the AP spec (whether the existing one or not).
Then we could, for example, use a Mastodon account to login to a PeerTube service to browse and post videos. Or use a PT account to login to a Mastodon service to browse and post Notes.
There's over a dozen implementations now;
https://codeberg.org/fediverse/delightful-fediverse-experience/issues/130
#HatTip to @smallcircles for compiling this list, and @benpate for reminding me where he keeps it : )
If any of you are still interested in the evolution of the AP C2S spec, I highly recommend Steve Bate's blog piece about his Flowz client;
https://www.stevebate.net/activitypub-client-api-a-way-forward/
Yes, brought it to a SocialHub topic as well..
https://socialhub.activitypub.rocks/t/activitypub-client-api-a-way-forward/5410
@Tim Chambers I guess the main obstacle in development right now is that there are no clients to pair the server applications with and test them against.
Then again, it would take a whole lot of clients. One unified client that covers e.g. Pleroma just as neatly as (streams) is impossible, seeing as how extremely different the two are.
CC: @Strypey @ just small circles 🕊 @ Ben Pate 🤘🏻 @rakoo
# FediMeta # FediverseMeta # CWFediMeta # CWFediverseMeta # ActivityPub # Pleroma # Streams # (streams)
@StrypeyLocally writing content to the database of an ActivityPub-based server will inevitably require a local user account on that very server.
I mean, we already have OpenWebAuth magic sign-on which was invented by @ Mike Macgirvin ?️ for Hubzilla in 2017, and which also has full implementations in his later server applications (streams) and Forte and a client-side implementation on Mike's first project, Friendica. But without an actual account on another server, OpenWebAuth can only authenticate you on that other server as a guest and grant you certain guest permissions. It does not give you all the powers of a local user, at least not without a local account.
Also, if you want to actually log in on another server, you will inevitably need local login credentials on that server. Which means that a user account with these login credentials must be created prior to you logging in on that server so that that server knows your login name and your password. Even if you want to use something like OAuth, that server will still require to know your credentials. They will have to be in that server's database before you can successfully log in.
A server cannot and will not authenticate you against credentials in a wholly different remote server's database. What you and many other Fediverse users dream of can only be solved in two ways and both only theoretically because, in practice, they are just as impossible or at least very unfeasible.
Either if you register an account on one Fediverse server, that account with the exact same credentials is simultaneously created on literally all other Fediverse servers, and on Hubzilla, (streams) and Forte, you also automatically get a channel along with that account. This also means that each Fediverse server that's installed and spun up for the first time will immediately have to create tens of millions of accounts so that everyone all over the Fediverse automatically has login credentials on that server. I guess it should be clear that this is impossible, also because this requires a) a centralised list of absolutely all Fediverse accounts and identities and b) a centralised list of all Fediverse servers to be hard-coded into every last instance of every last Fediverse server out there.
Now, I keep reading stuff like, "But I don't want to use all Fediverse servers!" No, but you want to be able to use any Fediverse server. And then you will have to have an account there. How is the Fediverse supposed to know in advance which servers you will visit this year, the next two years, five years, ten years so that accounts can be automatically created for you exactly there and nowhere else?
See? And that's why, if you want to be able to use any server like with a local account, every server must be prepared for it before you arrive.
Or drive-by registration: You visit a Fediverse server for the first time, your active login is recognised by that Fediverse server, and an account is created for you on the fly with the exact same login credentials as where you're already logged in. That's its own can of worms.
Also, it requires remote authentication. OpenWebAuth. As I've already said: This is technology that's eight years old, and that's being daily-driven right now. But: You will never have this on Mastodon. There actually is a pull request for Mastodon from two years ago that would have implemented client-side OpenWebAuth support. It was never merged. It was silently rejected by the Mastodon developers. The PR was closed in November, 2024.
Some people go even further: They don't just want their login credentials wherever they go, they want their whole identity cloned to everywhere. They want all their stuff, all their posts and comments and DMs, all their followers and followed, all their settings, all their filters etc. etc. pp., they want it everywhere all the same. Like a nomadic identity (an invention by Mike from 2011, first implemented in 2012) across up to 30,000 servers.
Now, you and many others on Mastodon are probably going to cry out, "YES, YES, PLEASE MAKE THIS REALITY!"
But seriously: I myself have actually cloned enough Hubzilla and (streams) channels of mine in my time. None of them even had nearly as much content on them as your Mastodon account. And I can tell from a lot of personal experience that this cannot be done within a blink of an eye.
Nomadic identity won't come to Mastodon anyway. Nomadic identity via ActivityPub is probably being daily-driven already. Forte has it, and it relies on it. But Mastodon will never implement it. In particular, Mastodon would rather re-invent the "nomadic identity" wheel in a way that's incompatible with what we already have than implement something made by Mike Macgirvin. Not after all the head-butting that has happened between Mike and Gargron over the years.
And OpenWebAuth won't come to Mastodon either. Probably also for the same reason.
CC: @Tim Chambers @rakoo @ Ben Pate 🤘🏻
# Long # LongPost # CWLong # CWLongPost # FediMeta # FediverseMeta # CWFediMeta # CWFediverseMeta # Fediverse # Mastodon # Friendica # Hubzilla # Streams # (streams) # Forte # OpenWebAuth # SingleSignOn # NomadicIdentity
A space for Bonfire maintainers and contributors to communicate
