(no title)
iptq | 2 years ago
This is not exactly true, it just means the server that holds ur data (traditionally instance or home server) doesn't need to be involved in the transfer process. However, this has centralized identity resolution, which is not a good long term solution.
> For example, someone was able to get the AWS S3 domain as their handle!
This is easily hotfixable by requiring more stringent proof of ownership of the domain (like DNS records), rather than a problem with the protocol itself. But it's a valid concern
> But runs into the problem of algorithms being hijacked to show inappropriate/offensive/bigoted content.
I thought the whole point was that if you didn't like the algorithm you could swap it out for something simpler. This point puzzles me greatly
> that could’ve just been extensions to the ActivityPub protocol rather than a whole new protocol!
Not really. If you peel back the interface they're very different, since the transferability of accounts across servers is something baked deeply into how ActivityPub works and cannot be easily changed without rewriting the protocol. That being said, I personally hope there is some network that can solve the problem of untying resources from domains, since it is one of the big problems with any federated protocol
vidarh|2 years ago
A big improvement is possible "just" by making instances revalidate the URI against webfinger regularly (you'd still need to plan ahead for that, but it'd enable "stable" usernames) and secondly by allowing for a key pair to let users sign messages to make claims about ownership and which account is current. That would make it possible to enable fully unilateral moves.
Neither would require any changes to ActivityPub.
cycomanic|2 years ago
madeofpalk|2 years ago