Is decentralised federated social media over engineered?

Can’t get this brain fart out of my head.

What would the simplest, FOSS, alternative look like and would it be worth it?

Quick thoughts:

* FOSS platforms intended to be big single servers, but dedicated to …
* Shared/Single Sign On
* Easy cross posting
* Enabling and building universal Multi-platform clients.
* Unlike email, supporting small servers

No duplication/federation/protocol required, just software.

#fediverse
@fediverse

    • Joël de Bruijn@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      10 months ago

      Trusting other peoples identification and authorizattion isnt about sharing accounts and passwords. If user A of server X want to log in at server Y, server Y asks server X if it knows this user A. If so server X handles the password/mfa check and just gives the green light to server Y.

        • Sean@liberal.city
          link
          fedilink
          arrow-up
          0
          ·
          10 months ago

          @Aatube @maegul@hachyderm.io @1984 @mindlight @maegul@lemmy.ml
          The private key doesn’t need to be memorized, it stays saved on the device that the client software is on, allowing the user to integrate mobile device’s biometric reader (fingerprint/face/iris/whatever) to confirm identity, or use security key, there are already different ways to implement it that doesn’t require pw memorization.

          I’ve got a long unmemorizable string for Firefox sync, Brave, Proton Mail/Pass, it’s still more secure than pw memorized

    • maegul@hachyderm.ioOP
      link
      fedilink
      arrow-up
      0
      ·
      10 months ago

      @Aatube @1984 @mindlight @maegul@lemmy.ml

      Yea I don’t know the best approach to that. Either a separate server for managing IDs. Or you always a principal server that manages authentication for its platform and others within the trusted “circle”. And then, should the principal server fail, you can switch to another server as your principal. Hubzilla/Streams has some process like that AFAIK.