I was always under the understanding that an account deletion deletes information, I would have thought they could just recreate the user. But I could be mistaken
when an account is deleted the associated private key used for signing activities is deleted as well. the activitypub protocol does not really define how software is supposed to deal with deleted and recreated actors (which includes users), so some software has been built with the assumption that any change of encryption keys for a user means it’s an invalid signature and will prevent activities involving that user to federate to that software.
That is probably intentionally prevented by just soft-deleting the user so links from comments, posts,… to their author aren’t lost. Not to mention potential security issues if you could just make a user that previously belonged to someone else. Honestly just isn’t worth the headache to allow reuse of usernames.
I was always under the understanding that an account deletion deletes information, I would have thought they could just recreate the user. But I could be mistaken
It might cause federation issues down the road, especially with interactions between different platforms
this is the important part.
when an account is deleted the associated private key used for signing activities is deleted as well. the activitypub protocol does not really define how software is supposed to deal with deleted and recreated actors (which includes users), so some software has been built with the assumption that any change of encryption keys for a user means it’s an invalid signature and will prevent activities involving that user to federate to that software.
That is probably intentionally prevented by just soft-deleting the user so links from comments, posts,… to their author aren’t lost. Not to mention potential security issues if you could just make a user that previously belonged to someone else. Honestly just isn’t worth the headache to allow reuse of usernames.