Why can’t we have federated identity to login into fediverse instead of creating login for each instance?

  • CoderKat@lemm.ee
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    You could do what Oauth does, allowing many providers to create credentials. That’s what some sites already use to let you login with google/Facebook/etc on their site. Except you theoretically could use any arbitrary sites you trust.

    • SQL_InjectMe@partizle.com
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      1 year ago

      and then when your main instance shuts down you can’t log into any again. So what’s the benefit asides from bypassing defederation? (And this wouldn’t even be a benefit, because instances defederate because they don’t like the users, so if you let people log in with oauth from a hated instance then you’d also get defederated

      • loics2@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        The problem already exists now, having oauth wouldn’t change anything.

      • brain_pan@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        exactly what I was thinking

        and on top of that what happens with a proven bad actor

        would they be allowed to just jump to a new instance to harrass people?