So an earlier post got me musing idly on the topic of integration between multiple federated services. Wouldn’t it be nice to be able to integrate video hosting, discussions, microblogs, image sharing, and so on in beautiful seamless glory! Post a pic in Lemmy, it’s automatically added to your Pixelfed album; upload a song to your NextCloud and people can see it in your funkwhale profile. That kind of thing.
One of the things that I figure will be useful reach that goal, I figure, is a form of federated identity management. Linking accounts can be done, but there would be a lot of advantages to having one account that knows where the different services you subscribe to are located, allowing the integration to happen seamlessly in the background.
And looking around, I see that it already exists as a concept, but I can’t seem to find anyone discussing or implementing it in the Fediverse. For something that would solve a lot of problems, including decentralized (and self-controlled) identification, SSO, and account migration, it seems like something that everyone would be jumping on.
Am I missing something?
Data signing is something I hadn’t thought of. I was envisioning something simpler, like individual authentication servers. It would then be up to each content server to appropriately tag each entry. Each organization (or individual if they want) would have an authentication server that verifies identity. Throw in some OAuth so each organization can control how the user is identified, and I think it could work.
I can see the advantages of signing, though. Instance admins could pull a Spez, nor create posts in your name, and you can verify content ownership. There’s nothing that says a public key can’t be part of the authentication package. Drop in a LetsEncrypt integration and we have a solution.
That just seems like another reason to adopt it, to me.