Why can’t we have federated identity to login into fediverse instead of creating login for each instance?

  • ScaNtuRd@lemmy.world
    link
    fedilink
    English
    arrow-up
    27
    arrow-down
    2
    ·
    1 year ago

    Because then there would need to be a centralized entity to host all user accounts, and we don’t want centralization 'round here

    • jhulten@infosec.pub
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      1 year ago

      And all of the “decentralized” options are wrapped in crypto schemes and tax considerations.

    • CoderKat@lemm.ee
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      You could do what Oauth does, allowing many providers to create credentials. That’s what some sites already use to let you login with google/Facebook/etc on their site. Except you theoretically could use any arbitrary sites you trust.

      • SQL_InjectMe@partizle.com
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        1
        ·
        1 year ago

        and then when your main instance shuts down you can’t log into any again. So what’s the benefit asides from bypassing defederation? (And this wouldn’t even be a benefit, because instances defederate because they don’t like the users, so if you let people log in with oauth from a hated instance then you’d also get defederated

        • loics2@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          The problem already exists now, having oauth wouldn’t change anything.

        • brain_pan@infosec.pub
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          exactly what I was thinking

          and on top of that what happens with a proven bad actor

          would they be allowed to just jump to a new instance to harrass people?