Is decentralised federated social media over engineered?

Can’t get this brain fart out of my head.

What would the simplest, FOSS, alternative look like and would it be worth it?

Quick thoughts:

* FOSS platforms intended to be big single servers, but dedicated to …
* Shared/Single Sign On
* Easy cross posting
* Enabling and building universal Multi-platform clients.
* Unlike email, supporting small servers

No duplication/federation/protocol required, just software.

#fediverse
@fediverse

  • mindlight@lemm.ee
    link
    fedilink
    arrow-up
    9
    ·
    11 months ago

    Single Sign On doesn’t mean that “American BigTech Servers” have to be used.

    Essentially, for the users, it means that an account for site A can be used to login on site B because site A and site B trust each other.

    A concept to Google if one wants to know more is “federated login”.

    • maegul (he/they)
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      Yea this is exactly what I was thinking about.

      The idea being that there would be circles of trusted platforms and once you have an account with one you have an account on all of them. Which, I imagine, would allow easy/quick cross posting from one platform to another when desired and make it easier to build and maintain an aggregating client that allows you to view all the platforms within such a “circle of trust” that you’re interested in through a unified interface.

        • Joël de Bruijn
          link
          fedilink
          arrow-up
          4
          ·
          11 months ago

          Trusting other peoples identification and authorizattion isnt about sharing accounts and passwords. If user A of server X want to log in at server Y, server Y asks server X if it knows this user A. If so server X handles the password/mfa check and just gives the green light to server Y.

        • maegul@hachyderm.ioOP
          link
          fedilink
          arrow-up
          2
          ·
          11 months ago

          @Aatube @1984 @mindlight @maegul@lemmy.ml

          Yea I don’t know the best approach to that. Either a separate server for managing IDs. Or you always a principal server that manages authentication for its platform and others within the trusted “circle”. And then, should the principal server fail, you can switch to another server as your principal. Hubzilla/Streams has some process like that AFAIK.

          • maegul@hachyderm.ioOP
            link
            fedilink
            arrow-up
            1
            ·
            11 months ago

            @Aatube @1984 @mindlight @maegul@lemmy.ml

            The key idea is that you can have a single unified identity on all the platforms you want. Signing into multiple platforms doesn’t require a new account every time. And cross posting from one platform to another, under your single identity is easy from every platform.

            Then leveraging those features (and an open API), a good unifying client will make that easy.

            There must be a way of doing that without fatal security issues or decentralisation.