Okay, sure, let's do this. "nomadic identity" 1. No one has ever even come close to explaining how using a did: uri is supposed to work2. Even assuming it works, no one can explain how it's different than oidc3. Even assuming it was different, what hap...
-
smallcircles (Humanity Now π)replied to smallcircles (Humanity Now π) on last edited by
@hrefna @keyoxide @JessTheUnstill @jenniferplusplus @ariadne
I cross-referenced this discussion on SocialHub in Nomadic Identity topic:
Nomadic identity for the fediverse?
hey all, was wondering, is anyone still actively working on #nomadicidentity for the fediverse? My interest in nomadic identity is somewhat inspired by scuttlebutt: to allow for migrating an account between servers, witβ¦
SocialHub (socialhub.activitypub.rocks)
-
smallcircles (Humanity Now π)replied to Irenes (many) on last edited by
Yeah, it's sad. Couple years ago I found this early draft spec about did:orb by a - unknown to me - club called Trustbloc. Focused on fedi, and not crypto-shenanigan-related afaics. I added the spec to delightful-activitypub-development curated list.
But I am not following this club and looking in the GH repo just now, I think we have a PoWaste going on. The spec is also related to a "Sidetree protocol" now (Not gonna check out more atm).
GitHub - trustbloc/orb: A DID method implementation that extends the Sidetree protocol into a Fediverse of interconnected nodes and witnessed using certificate transparency. Spec: https://trustbloc.github.io/did-method-orb/
A DID method implementation that extends the Sidetree protocol into a Fediverse of interconnected nodes and witnessed using certificate transparency. Spec: https://trustbloc.github.io/did-method-orb/ - trustbloc/orb
GitHub (github.com)
-
Mike Macgirvin π₯οΈreplied to Jenniferplusplus on last edited bya did:uri is a string that represents you. It is not tied toΒ Β DNS, so it can represent you at any server. Now the truth is the web is DNS based so we have to resolve it to a location to find you. This requires a DNS operation of some kind. But the location is not actually you. It's just where you're hanging out today. You can move. Your id is the same.
OIDC is an authentication and authorisation framework. DID is just an identity. Proving it's your identity requires you to sign something.
Finding the responsible adult youΒ Β mention is just a slightly different algorithm. You can forget about the location. It is only relevant for knowing somewhere to look for the identity. But you're looking for the identity. In practice this means you won't have just 'user' storage. You'll have user (identity) storage and location storage, and it isn't necessarily a 1:1 mapping. You can have several locations for a given identity. For traditional fediverse accounts, there will be a 1:1 mapping.Β Β
If you want toΒ Β block a person, blocking locations isn't going to cut it. You will need to block the identity.
That's the short and sweet. -
Mike Macgirvin π₯οΈreplied to Mike Macgirvin π₯οΈ on last edited byOh, and the did resolver algorithm we're going to be using with ActivityPub does not rely on proof of waste technology. It uses ed25519 keys and a lookup on participating servers at a .well-known endpoint. That's it.
-
Ariadne Conill π°:therian:replied to JessπΎ on last edited by
@JessTheUnstill @hrefna @jenniferplusplus this is why iβve always proposed a form of encrypted key escrow instead. you store the key(s) on the server as an encrypted blob and then decrypt it on the device when you need it.
problem is, we can talk about steps to mitigate shitty admins who want to do performative power plays, but those same admins like the status quo because they benefit from the power imbalance and user lock-in. you wonβt sell the empire builders on tools which make keeping the empire going more difficult.
this is why every time i get interested in this space again i conclude that we would basically have to start over from scratch to build a more fair social networking system.
-
Jenniferplusplusreplied to Mike Macgirvin π₯οΈ on last edited by
@mikedev A very quick scan of the dashboard says that Fedidb is aware of at least 23,000 fediverse servers. The current location for a DID could be any of those. You're going to poll the entire fediverse to find where to send messages?
-
JessπΎreplied to Ariadne Conill π°:therian: on last edited by
For a lot of admins/mods, the sense of power and control over others is the currency they require to do the work of maintaining their instances. A whole part of the draw for building and maintaining a community is to have the power over your little fiefdom.
-
@JessTheUnstill
I try to extend a little more grace than that. I'm sure there's a contingent of admins who just wanted to provide a service for people, and they get pushed into this defensive and controlling stance by the lack of tools and support. -
Mike Macgirvin π₯οΈreplied to Jenniferplusplus on last edited byAll Mastodon is going to see is a resolvable URL that returns an actor record. Just like they see today. The URL is probably going to look a bit strange -- but if you fetch it, it will behave like any fediverse actor id.
It will have some properties which might be of interest to you if you wish to support nomadic identity. If you don't, you may go about your life and have your entire online existence tied to a temporary rental name just like you do now. -
Jenniferplusplusreplied to Mike Macgirvin π₯οΈ on last edited by
@mikedev OK? Except I'm asking for someone to show me how to draw the rest of the owl. This kind of hand-wavy don't-worry-about-it response is extremely unhelpful.
-
Vasya Sovarireplied to Jenniferplusplus on last edited by
@jenniferplusplus is it bad that I have exactly zero clue what any of this means? If so, scale 1-10
-
Jenniferplusplusreplied to Vasya Sovari on last edited by
@VasyaSovari No, I think it means you've made better life choices than I did
-
@hrefna @JessTheUnstill @jenniferplusplus @ariadne i'm with hrefna here, the question "are dids dumb and why?" kinda misses the point-- DIDs are an interop layer for key management systems, and DID URLs are an immature extension of that (the WG never really shipped them). if you have good-faith questions about how DIDs work i was in that W3C WG and can explain as much or as little as is helpful, but this thread isn't really meeting my minimum threshold of good-faith as is...
-
@by_caballero
I'm not sure who this is directed at? Assuming it's me: I'm approaching the topic with the same level of bombast as I've seen from others. But sure, I'll pull it back.Cryptographic keys are not an identity. They are a credential. In context of communication systems, identity is mostly the place where messages to you will be delivered. Making credentials portable does not untether you from that delivery address.
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne that's a great argument against coupling AP actors to one permanent identifier (particularly to an identifier that maps 1:1 to a self-managed key), but it's not really a good argument against using DIDs or DID URLs? or even the use-cases that the nomadic identity people are targeting in the first place?
-
@by_caballero
In that case, the nomadic identity fans are not being clear -
Ariadne Conill π°:therian:replied to bumblefudge on last edited by
@by_caballero @hrefna @JessTheUnstill @jenniferplusplus cool story, but the people who were pushing for this crap in that WG were largely crypto bros who wanted them for Web3 bullshit, so no, i think the question is quite valid in and of itself
-
bumblefudgereplied to Ariadne Conill π°:therian: on last edited by
@ariadne @hrefna @JessTheUnstill @jenniferplusplus https://en.wikipedia.org/wiki/Good_faith
i was in that WG, even flew to the in-person meetings. i work in crypto. i am not a bro. you're failing miserably at engaging in good faith with someone who is engaging you as a peer with relevant expertise. please stop insulting me
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne well, i certainly have my differences of strategy and would not have approached the developer community in the same way, but I think they're coming from a well-intended place and trying to convince the developer community to make a MAJOR change in the identity model of the fediverse stack. i like the general direction, even if i don't like the specific proposal and I encourage people to think through the usecases they're trying to enable...
-
Ariadne Conill π°:therian:replied to bumblefudge on last edited by
@by_caballero @hrefna @JessTheUnstill @jenniferplusplus
you work in a planet incinerating industry, which attaches itself to whatever buzzword it can find in order to sell pumped assets to pensioners who donβt know any better.
i design distributed systems for a living.
we are not the same.