why can't we have federated identity ?
Why can’t we have federated identity to login into fediverse instead of creating login for each instance?
You are viewing a single comment
Why can’t we have federated identity to login into fediverse instead of creating login for each instance?
Yeah, this is the real crux of the issue and is a large unsolved problem. We simply have no standardized system for decentralized identity verification.
SSO works as a way of maintaining identity across the fediverse, but that's not really federating identity so much as it's getting all instance to offload identity verification to various central services.
I believe I heard Microsoft had a research project in the area of decentralized identity verification but I don't know if it went anywhere or how suitable it would be.
@masterspace @mango_master @Kichae
The matter of fact is , just in simple terms for SSO to work, every fediverse implementation has to agree on a standard for federated authentication.
Maybe, I’m just not seeing the issues or don’t really grasp fediverse and it’s implementations yet.
My idea, every fediverse instance is unique (no matter the implementation, i.e. mastodon, lemmy, pixelfed,…).
@masterspace @mango_master @Kichae
…
If that’s given, every entity (@‘person, @‘community, …) on each instance is unique.
Therefore, there can never be a duplicate identity = <entity>@<instance.domain>
Which allows the general assumption (all implementations adhere to the standard) each instance (homing instance, where the user is based) can verify the every identity within it’s domain.
…
But do we need some kind of SSO layer with DID verification? All I need to prove my identity anywhere, technically, is my private+public keypair. As long as I hold on to this keypair, distribute it between apps/computers, back it up, I could log in anywhere on a federated platform and use it.
I hope we're going to see key-based decentralized identity on ActivityPub at some point... Having accounts tied to instances is just not very robust or scalable.