why does the fediverse not serve the authentication problem?
I still have many different accounts on matrix, lemmy, mastodon, etc. and although you may communicate somehow, it doesn't work properly.
You are viewing a single comment
I still have many different accounts on matrix, lemmy, mastodon, etc. and although you may communicate somehow, it doesn't work properly.
Why would I trust a random Lemmy server admin with authentication for anything other than Lemmy?
You can use federated SSO. The remote site never sees your credentials but only a token that you’ve been authenticated against your home instance.
That being said, that’s probably the problem, in order to do federation a small degree of trust is required between the two instances. I guess that is already done with activityPub since you’re getting content from remote instances.
I assume you are talking about OpenId Connect (or OAuth 2.0 but that is basically what OpenId Connect is based on) here. The crucial bit that didn't really work out with this is the part where users just specify their OpenId Connect provider at login time. All uses I have seen in at least 10 years have a fixed list of providers to choose from because of these trust issues.