Is decentralised federated social media over engineered?

Can’t get this brain fart out of my head.

What would the simplest, FOSS, alternative look like and would it be worth it?

Quick thoughts:

* FOSS platforms intended to be big single servers, but dedicated to …
* Shared/Single Sign On
* Easy cross posting
* Enabling and building universal Multi-platform clients.
* Unlike email, supporting small servers

No duplication/federation/protocol required, just software.

#fediverse
@fediverse

  • 1984
    link
    fedilink
    arrow-up
    16
    arrow-down
    1
    ·
    edit-2
    10 months ago

    Single sign in to the fediverse seems awful. Then we are logging in to it through American big tech servers. Forget anonymity and no tracking. Probably see ads on the login screen too.

    But otherwise, sure. A single server is not always a bad idea. In practice, this is how Lemmy is too. Most people are on Lemmy.world, and they picked that server because they don’t think decentralized is important.

    • mindlight@lemm.ee
      link
      fedilink
      arrow-up
      9
      ·
      10 months ago

      Single Sign On doesn’t mean that “American BigTech Servers” have to be used.

      Essentially, for the users, it means that an account for site A can be used to login on site B because site A and site B trust each other.

      A concept to Google if one wants to know more is “federated login”.

      • maegul (he/they)@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        Yea this is exactly what I was thinking about.

        The idea being that there would be circles of trusted platforms and once you have an account with one you have an account on all of them. Which, I imagine, would allow easy/quick cross posting from one platform to another when desired and make it easier to build and maintain an aggregating client that allows you to view all the platforms within such a “circle of trust” that you’re interested in through a unified interface.

          • Joël de Bruijn@lemmy.ml
            link
            fedilink
            arrow-up
            4
            ·
            10 months ago

            Trusting other peoples identification and authorizattion isnt about sharing accounts and passwords. If user A of server X want to log in at server Y, server Y asks server X if it knows this user A. If so server X handles the password/mfa check and just gives the green light to server Y.

          • maegul@hachyderm.ioOP
            link
            fedilink
            arrow-up
            2
            ·
            10 months ago

            @Aatube @1984 @mindlight @maegul@lemmy.ml

            Yea I don’t know the best approach to that. Either a separate server for managing IDs. Or you always a principal server that manages authentication for its platform and others within the trusted “circle”. And then, should the principal server fail, you can switch to another server as your principal. Hubzilla/Streams has some process like that AFAIK.

            • maegul@hachyderm.ioOP
              link
              fedilink
              arrow-up
              1
              ·
              10 months ago

              @Aatube @1984 @mindlight @maegul@lemmy.ml

              The key idea is that you can have a single unified identity on all the platforms you want. Signing into multiple platforms doesn’t require a new account every time. And cross posting from one platform to another, under your single identity is easy from every platform.

              Then leveraging those features (and an open API), a good unifying client will make that easy.

              There must be a way of doing that without fatal security issues or decentralisation.

      • FinchHaven@sfba.social
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        @mindlight

        “Essentially, for the users, it means that an account for site A can be used to login on site B because site A and site B trust each other”

        And what if site B takes actions that no longer make it trustworthy to site A?

        One more damn thing instance admins are going to have to monitor to prevent damage to their users

        How about if we don’t do “single sign on” and people just get over the “Mastodon is too harrddd!!!” trope?

        Maybe?

        Nah

        That’ll never happen

        The “One Fediverse To Rule Them All” crowd is just too influential

        cc @1984

    • maegul@hachyderm.ioOP
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      @1984

      By single sign on I didn’t mean using Google etc, but an account from one of the sorts of trusted platforms I suggested. I’m not talking about a single server/platform. But multiple at such scales that you can use only one if you want, but which are otherwise unified by infra-network SSO and aggregating clients, all tempered by operating within networks of trust.

  • Joël de Bruijn@lemmy.ml
    link
    fedilink
    arrow-up
    11
    ·
    10 months ago

    Sorry but I fail to understand the relation between your question and the additional text.

    Are the bulletpoints requirements for a less over-engineered attempt ?

    Or are they examples of the current situation?

    And just software without protocol seems. … oversimplification.

    • maegul@hachyderm.ioOP
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      10 months ago

      @joeldebruijn

      Quick attempt at coming up with an alternative.

      Something to bear in mind here is it’s my impression that federation creates difficulties that many struggle with. So while it might be over simplified, the scale for me is already weighed with the possibility that we over complication that may need to be remedied.

      Also, that big instances (eg mastodon.social) seem to be a natural thing even on the Fedi, there’s clearly perceived value for many there.

  • maegul@hachyderm.ioOP
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    10 months ago

    @fediverse

    All of the shared/single sign on and easy cross posting would probably be trust or allow-list based.

    As the platforms would be FOSS, anyone could run their own instance and start their own “circles of trust”. So even with big vs small server friction, there could be a few “gardens” of small and big server networks providing different “spaces” for different purposes … all without having to worry about defederation and the software difficulties of building against the protocol.

  • Joël de Bruijn@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    10 months ago

    Maybe good old blogosphere with comments pingbacks and pubsubhub(?) was a sort of simpler proto version of the fediverse.