Jupiter Rowland@<a href="https://mastodon.nzoss.nz/users/strypey" rel="nofollow noopener" target="_blank">Strypey</a> <strong>Locally writing content to the database of an ActivityPub-based server will inevitably require a local user account on that very server.</strong><br><br>I mean, we already have <a href="https://magicsignon.org/page/openwebauth/home" rel="nofollow noopener" target="_blank">OpenWebAuth magic sign-on</a> which was invented by @<a class="" href="https://fediversity.site/channel/mikedev" rel="nofollow noopener" target="_blank">Mike Macgirvin ?️</a> for <a href="https://hubzilla.org" rel="nofollow noopener" target="_blank">Hubzilla</a> in 2017, and which also has full implementations in his later server applications <a href="https://codeberg.org/streams/streams" rel="nofollow noopener" target="_blank">(streams)</a> and <a href="https://codeberg.org/fortified/forte" rel="nofollow noopener" target="_blank">Forte</a> and a client-side implementation on Mike's first project, <a href="https://friendi.ca" rel="nofollow noopener" target="_blank">Friendica</a>. But without an actual account on another server, OpenWebAuth can only authenticate you on that other server as a guest and grant you certain guest permissions. It does not give you all the powers of a local user, at least not without a local account.<br><br>Also, <strong>if you want to <em>actually log in</em> on another server, you will inevitably need local login credentials on that server.</strong> Which means that a user account with these login credentials must be created prior to you logging in on that server so that that server knows your login name and your password. Even if you want to use something like OAuth, that server will still require to know your credentials. They will have to be in that server's database before you can successfully log in.<br><br><strong>A server cannot and will not authenticate you against credentials in a wholly different remote server's database.</strong> What you and many other Fediverse users dream of can only be solved in two ways and both only theoretically because, in practice, they are just as impossible or at least very unfeasible.<br><br>Either if you register an account on one Fediverse server, that account with the exact same credentials is simultaneously created on literally all other Fediverse servers, and on Hubzilla, (streams) and Forte, you also automatically get a channel along with that account. This also means that each Fediverse server that's installed and spun up for the first time will immediately have to create tens of millions of accounts so that everyone all over the Fediverse automatically has login credentials on that server. I guess it should be clear that this is impossible, also because this requires a) a centralised list of absolutely all Fediverse accounts and identities and b) a centralised list of all Fediverse servers to be hard-coded into every last instance of every last Fediverse server out there.<br><br>Now, I keep reading stuff like, "But I don't want to use <em>all</em> Fediverse servers!" No, but you want to be able to use <em>any</em> Fediverse server. And then you will have to have an account there. How is the Fediverse supposed to know in advance which servers you will visit this year, the next two years, five years, ten years so that accounts can be automatically created for you exactly there and nowhere else?<br><br>See? And that's why, if you want to be able to use <em>any</em> server like with a local account, <em>every</em> server must be prepared for it before you arrive.<br><br>Or drive-by registration: You visit a Fediverse server for the first time, your active login is recognised by that Fediverse server, and an account is created for you on the fly with the exact same login credentials as where you're already logged in. That's its own can of worms.<br><br>Also, it requires remote authentication. OpenWebAuth. As I've already said: This is technology that's eight years old, and that's being daily-driven right now. But: You will never have this on Mastodon. <a href="https://github.com/mastodon/mastodon/pull/25012" rel="nofollow noopener" target="_blank">There actually is a pull request for Mastodon from two years ago that would have implemented client-side OpenWebAuth support.</a> It was never merged. It was silently rejected by the Mastodon developers. The PR was closed in November, 2024.<br><br>Some people go even further: They don't just want their login credentials wherever they go, they want their whole identity cloned to everywhere. They want all their stuff, all their posts and comments and DMs, all their followers and followed, all their settings, all their filters etc. etc. pp., they want it everywhere all the same. Like a <a href="https://joinfediverse.wiki/Nomadic_identity" rel="nofollow noopener" target="_blank">nomadic identity</a> (an invention by Mike from 2011, first implemented in 2012) across up to 30,000 servers.<br><br>Now, you and many others on Mastodon are probably going to cry out, "YES, YES, PLEASE MAKE THIS REALITY!"<br><br>But seriously: I myself have actually cloned enough Hubzilla and (streams) channels of mine in my time. None of them even had nearly as much content on them as your Mastodon account. And I can tell from a lot of personal experience that this cannot be done within a blink of an eye.<br><br>Nomadic identity won't come to Mastodon anyway. Nomadic identity via ActivityPub is probably being daily-driven already. Forte has it, and it relies on it. But Mastodon will never implement it. In particular, Mastodon would rather re-invent the "nomadic identity" wheel in a way that's incompatible with what we already have than implement something made by Mike Macgirvin. Not after all the head-butting that has happened between Mike and Gargron over the years.<br><br>And OpenWebAuth won't come to Mastodon either. Probably also for the same reason.<br><br>CC: @<a href="https://indieweb.social/users/tchambers" rel="nofollow noopener" target="_blank">Tim Chambers</a> @<a href="https://blah.rako.space/users/rakoo" rel="nofollow noopener" target="_blank">rakoo</a> @<a href="https://mastodon.social/@benpate" rel="nofollow noopener" target="_blank">Ben Pate 🤘🏻</a><br><br>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Long" rel="nofollow noopener" target="_blank">Long</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=LongPost" rel="nofollow noopener" target="_blank">LongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLong" rel="nofollow noopener" target="_blank">CWLong</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLongPost" rel="nofollow noopener" target="_blank">CWLongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediMeta" rel="nofollow noopener" target="_blank">FediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediverseMeta" rel="nofollow noopener" target="_blank">FediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediMeta" rel="nofollow noopener" target="_blank">CWFediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediverseMeta" rel="nofollow noopener" target="_blank">CWFediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Fediverse" rel="nofollow noopener" target="_blank">Fediverse</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Mastodon" rel="nofollow noopener" target="_blank">Mastodon</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Friendica" rel="nofollow noopener" target="_blank">Friendica</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Hubzilla" rel="nofollow noopener" target="_blank">Hubzilla</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Streams" rel="nofollow noopener" target="_blank">Streams</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=%28streams%29" rel="nofollow noopener" target="_blank">(streams)</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Forte" rel="nofollow noopener" target="_blank">Forte</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=OpenWebAuth" rel="nofollow noopener" target="_blank">OpenWebAuth</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=SingleSignOn" rel="nofollow noopener" target="_blank">SingleSignOn</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=NomadicIdentity" rel="nofollow noopener" target="_blank">NomadicIdentity</a>
med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon
Administered by:
Server stats:
364active users
med-mastodon.com: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#singlesignon
0 posts · 0 participants · 0 posts today
Marcel SIneM(S)US<p>Von <a href="https://social.tchncs.de/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleSignOn</span></a> Systemen bin ich noch nie ein Freund gewesen: Einmal gehackt, stehen einem sämtliche damit verbundene Accounts offen. Jeder Service verdient seine eigenen Zugangsdaten. Thanks god for password managers :mastowink: </p><p>«In the darkness bind them»: Intransparenz bei OneLog - Das Netz ist politisch<br>- von <span class="h-card" translate="no"><a href="https://infosec.exchange/@adfichter" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>adfichter</span></a></span> & <span class="h-card" translate="no"><a href="https://waldvogel.family/@marcel" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>marcel</span></a></span> </p><p><a href="https://dnip.ch/2024/11/05/onelog-darkness-intransparenz/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dnip.ch/2024/11/05/onelog-dark</span><span class="invisible">ness-intransparenz/</span></a> <a href="https://social.tchncs.de/tags/Journalismus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Journalismus</span></a> <a href="https://social.tchncs.de/tags/journalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>journalism</span></a> <a href="https://social.tchncs.de/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Datenschutz</span></a> <a href="https://social.tchncs.de/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://social.tchncs.de/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataLeak</span></a> <a href="https://social.tchncs.de/tags/Datenleck" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Datenleck</span></a> <a href="https://social.tchncs.de/tags/OneLog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OneLog</span></a> <a href="https://social.tchncs.de/tags/Zensur" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zensur</span></a> <a href="https://social.tchncs.de/tags/censorship" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>censorship</span></a></p>
Jupiter Rowland@<a href="https://mastodon.social/@benpate" rel="nofollow noopener" target="_blank">Ben Pate 🤘🏻</a> Allow me to take a look at this from a Hubzilla/(streams)/Forte point of view.<br><br><p><strong>The Sin of Overwhelming Complexity: Instance Selection Paralysis</strong></p><br>The only way to really combat this effectively is by hiding the whole concept of servers/instances at first, railroading everyone to a server and only letting them know about decentralisation and servers/instances after the fact.<br><br>In theory, this could be doable with Hubzilla, (streams) and Forte, and even better than with Mastodon with its themed servers. It wouldn't make sense to offer Hubzilla, (streams) or Forte servers for certain topics or target audiences, seeing as the whole thing would become moot the very moment when you make your first clone on another server. Simply build a kind of "automatic on-boarder" that sends everyone to the geographically closest open-registration server.<br><br>In practice, that'd be a bad idea, but for a different reason than on Mastodon. And that's how these servers tend to be very different. Not in topic. Not in target audiences. Not in rules. But in <em>features</em>. Hubzilla is modular, (streams) is modular, Forte is modular, and each admin decides differently on which "apps" to activate. Then you want to join Hubzilla for one cool feature, but the on-boarder railroads you to a server where that very feature isn't even activated.<br><br>Sure, the on-boarder could include the option to select certain features that you absolutely must have in your new home and then pick a server that has them. But that'd be extra hassle and extra confusing.<br><br>Besides, where'd you put that on-boarder? On the official Hubzilla website? Haha, no can do. <a href="https://hubzilla.org" rel="nofollow noopener" target="_blank">The official Hubzilla website is a webpage on a Hubzilla channel itself.</a> It's all just dumb old static HTML with a CSS. If it's even HTML and not Markdown or BBcode, that is. You couldn't add scripts to it if you tried.<br><br>Oh, and (streams) and Forte don't even have official websites. And (streams) will never have one, seeing as it's officially and intentionally nameless, brandless and totally not even a project. Their "websites" are readme files in their code repositories on Codeberg.<br><br><p><strong>The Sin of Inconsistent Navigation: Timeline Turmoil</strong></p><br>The streams on Hubzilla, (streams) and Forte are quite a bit different from Mastodon timelines.<br><br>First of all, what you usually don't have on public servers is the counterpart to Mastodon's local timeline and Mastodon's federated timeline. On all three, this would be only one stream, the "public stream" or "pubstream". It can be switched by the admin to either what'd be local or what'd be federated. However, public servers usually have it off entirely. Unavailable even to local users. That's because the admins don't want to be held liable for what's happening on the pubstream.<br><br>Technically speaking, you only have one stream on a public server, and that's your channel stream. It's much more efficient than a Mastodon timeline because it always shows entire conversations by default instead of detached single-message piecemeal, and because it has a counter for unread messages which even lists these unread messages for you to directly go to the corresponding conversation. But that's another story.<br><br>However, your channel stream can be viewed on your channel page, conversation by conversation, or it can be viewed on the stream page as an actual stream with all conversations shown in a feed/timeline-like fashion, one upon another, and with its own set of built-in filters such as "only my own messages" or "only conversations started by members of one particular privacy group/access list" or "only conversations from one particular group actor". It's actually much more convenient than any Mastodon timeline, but for those who want a Twitter clone for dumb-dumbs, it can be very overwhelming.<br><br>Yes, Hubzilla, (streams) and Forte are much more complex in handling than, say, snac2. But they're also much more complex in <em>features</em> than snac2. That power is their USP. And that power must be harnessed somehow.<br><br><p><strong>The Sin of Remote Interaction Purgatory: Federation Gymnastics</strong></p><br>Sure, Hubzilla, (streams) and Forte have some of the best built-in search systems in the whole Fediverse. They can pull almost everything onto your channel stream just by searching for it. And if it has replies, chances are they pull these in as well.<br><br>But still, they're geared towards desktop users. They still require copy-paste. Phone users don't copy paste. Most of them don't even know the very concept of copy-paste. For most of those who do, copy-paste is much too fumbly if the input device available to them is a 6" touch screen.<br><br>You can't blame them, though. This is next to impossible to do any differently. I mean, you won't see a button magically appear with which you can pull in just that one post or comment you want to pull in.<br><br>Rather, the issue is that they can only reel in <em>almost</em> everything. Sometimes the search returns nothing, like a void. Sometimes the search runs indefinitely without any kind of result. This may be because someone has blocked your channel, because someone has blocked your entire server, because the server someone is on has blocked you or your entire server, because Hubzilla/(streams)/Forte doesn't understand the URI pasted into the search field or whatever.<br><br>So this is made worse by Hubzilla, (streams) and Forte not knowing what they can search for, what they can't and why not.<br><br>Connecting with someone whom you encounter on your channel stream is fairly easy. Connections can be initiated with only two clicks. Either you click their long name, and you're taken to a pretty much distraction-less local "intermediate page" with a striking green button that's labelled "+ Connect". Or if you don't want to leave the channel page, you hover your mouse cursor over their profile picture, click on the little white arrow that appears, and you get a small menu that offers you the "Connect" option as well. Granted, even some veterans don't know the latter trick because it isn't immediately advertised on the channel page.<br><br>Also, sure, you don't simply follow them right off the bat with nothing else to do like on Mastodon. You're taken to your Connections page, and you have to configure the connection (you don't have to do that on Mastodon because <em>you can't configure connections</em> on Mastodon).<br><br>Following accounts/channels from the directory is a bit easier. The green "+ Connect" button is there right away (unless you're already connected). However, Hubzilla's directory only lists channels based on the Nomad protocol, i.e. Hubzilla and (streams) channels, because ActivityPub is only implemented in an optional, off-by-default-for-new-channels add-on whereas it's in the core and on by default on (streams) and the only available protocol on Forte.<br><br>Importing contents or following actors when seeing them locally on other servers without copy-pasting and searching can be done. It requires OpenWebAuth magic single sign-on, however, and it requires it to be implemented on all servers of all Fediverse server applications from Mastodon to WordPress to Ghost to Flipboard. Hubzilla, (streams) and Forte are the only Fediverse server applications with full (client-side and server-side) OpenWebAuth implementations. But that's of little use if the rest of the Fediverse doesn't have server-side implementations, and Mastodon has even silently rejected a mere client-side implementation already developed to a pull request two years ago.<br><br><p><strong>The Sin of DM Disasters Waiting to Happen</strong></p><br>I think this is less of an issue on Hubzilla, (streams) and Forte because they handle DMs differently from Mastodon (which "the Fediverse" actually refers to in the article).<br><br>On all three, DMs are integrated into their extensive, fine-grained permissions system in which everything is only public if it's really public. The difference between a post and a DM is not just a switch.<br><br>If I want to DM you, I can either tag you <code>@!{benpate@mastodon.social}</code> rather than <code>@[url=https://mastodon.social/@benpate]Ben Pate 🤘🏻[/url]</code>. Then you're a) the only one to whom the message is sent (it literally doesn't even go out to any other server than mastodon.social plus my clone on hub.hubzilla.de as can be seen in the delivery report) and b) the only one who is granted permission to view the message.<br><br>Or I can use the padlock icon and select you from the opening list as the sole recipient. The very moment that I select certain recipients, the post I'm composing quits being public, and the padlock icon switches from open to closed. This isn't a one-click or two-click toggle. You don't do that <em>casually</em>. It's basically <em>configuration</em>. It requires so many mouse clicks that you do it <em>consciously</em> and <em>intentionally</em>. If you want to post in private, you have to <em>really</em> want to post in private.<br><br>Better yet: <em>You can default to posting only to a certain limited target audience</em>. In fact, by default on a brand-new channel, <em>you only post to the members of one privacy group/access list</em> (which is a Mastodon list on coke and 'roids). You have to manually reconfigure your new channel if you want to post to the general public by default.<br><br>If you preview your post, you can see whether it's a direct message to one or multiple single connections (envelope icon next to your long name), a limited-permissions message to one or multiple privacy groups/access lists/group actors (closed padlock icon) or actually public (no icon).<br><br>Even better yet: Posts to group actors generally aren't public. Posts to at least Friendica groups, Hubzilla forums, (streams) groups and Forte groups are never public. They do not go out to your followers as well unless they're connected to the same group. And this is independent from whether a group is public or private. You can't accidentially post to a group actor in public, and if you do, you don't post to that group actor at all, at least not in a way that makes the group actor forward your post to its other connections.<br><br>Granted, what does not happen is your background switching from your background colour or background image (which can be user-configured) to red #800000 or a yellow-and-back chevron pattern when you change visibility and permissions to something that isn't public.<br><br><p><strong>The Sin of Ghost Conversations and Phantom Follower Counts</strong></p><br>And again, when @<a href="https://indieweb.social/users/tchambers" rel="nofollow noopener" target="_blank">Tim Chambers</a> says, "the Fediverse", he almost exclusively means Mastodon. He writes as if the entire Fediverse handled conversations as terribly as Mastodon, as if the entire Fediverse was as blissfully unaware of enclosed conversations as Mastodon. Which is not the case.<br><br>Hubzilla, (streams) and Forte, as well as their ancestor Friendica, handle conversations in ways that exceed Mastodon users' imaginations and wildest dreams by magnitudes. Unlike Mastodon, they know threaded conversations, and they see them as enclosed objects where only the start post counts as a post, and everything else counts as a comment.<br><br>This means that once you've received a post on your stream, you will also receive all comments on that post, regardless of whether or not you follow the commenters, regardless of whether or not they mention you. That's because all four reel in the comments not from the commentors, but from the original poster who is perceived as the owner of the thread. Only blocks or channel-wide filters can prevent comments from coming in.<br><br>Beyond that, (streams) was the first to introduce <a href="https://fediversity.site/help/develop/en/Containers" rel="nofollow noopener" target="_blank">Conversation Containers</a>. Forte inherited them from (streams), and when they were defined in <a href="https://codeberg.org/fediverse/fep/src/branch/main/fep/171b/fep-171b.md" rel="nofollow noopener" target="_blank">FEP-171b</a>, Hubzilla implemented them, too.<br><br>Here on Hubzilla, I can see all comments in this thread because my channel has fetched them directly from @<a href="https://j12t.social/@j12t" rel="nofollow noopener" target="_blank">Johannes Ernst</a>. And I can <em>actually</em> see them <em>right away</em> because that's the default view here on Hubzilla, rather than Mastodon's piecemeal.<br><br>Even if you import a post manually using the search feature (and you better import the actual start post), AFAIK existing comments will eventually be backfilled. Comments that come in after importing will definitely end up on your stream as part of the thread.<br><br>So this is not a shortcoming of the Fediverse. The Fediverse has been able to do better for 15 years. It's a shortcoming of Mastodon.<br><br>The only "issue" here may be that it sometimes takes some time for a comment to show up for some reasons. But unless there are blocks or filters in play, it eventually will.<br><br><p><strong>The Sin of Invisible Discovery: The Content Mirage</strong></p><br>I'm not going to pick on the audacious implication that "Eugen and team" invented the Fediverse.<br><br>But Tim writes like literally everyone wants "the Fediverse" (read, actually Mastodon) to be literally Twitter without Musk.<br><br>Also:<br><ul><li>Friendica has had full-blown full-text search since its inception as early as 2010. Five and a half years longer than Mastodon has even existed.</li><li>Hubzilla has had full-blown full-text search since its inception as early as 2011 when it was forked from Free-Friendika. It has inherited full-text search from Friendica.</li><li>(streams) and Forte have had full-blown full-text search since their respective inception in 2021 and 2024, both having inherited it themselves.</li></ul><br>Oh, and none of them has an explicit opt-in switch to soothe panicking Twitter converts because panicking Twitter converts have never been the primary target audience of either of them.<br><br>Instead, on Hubzilla, whether someone can find your content depends on whether they've got permission to view it in the first place ("Can view my channel stream and posts"). If it's public, they have it. Full stop. Public is public is public. Stop whining. You've made it public, now deal with everything being able to see it.<br><br>(streams) and Forte behave the same. In addition, they have an extra permission: "Grant search access to your channel stream and posts". This controls who may search your channel stream using your own local search feature while visiting your channel locally. Something that isn't even possible on Mastodon.<br><br>As for not having any content on my channel stream before I connect to anyone: I, for one, do <em>not</em> want some algorithm to force content upon me that I'm not interested in. Full. Frigging. Stop. I want to have full and exclusive control over what I see and what I don't.<br><br><p><strong>The Sin of User Discovery Hell</strong></p><br>Can it really be that Mastodon's directory is so much worse than Friendica's, Hubzilla's, (streams)' and Forte's directories? I guess it is because it really only lists <em>local</em> accounts <em>on that one particular server</em>. A side-effect of Mastodon being a microblogging service and Twitter clone. And not a full-blown, fully-featured social network and Facebook alternative. No, seriously, it isn't that.<br><br>Friendica is. It was designed as such. It was designed to take Facebook's place, and not by aping and cloning Facebook, but by being better than Facebook.<br><br>The directory on each node is decentralised. It lists all actors known to that node. What's outright unimaginable from a Mastodon point of view: It takes the keywords in the profiles into account. Better even: It ranks suggestions by the number of matching keywords.<br><br>Want something centralised instead? Try the <a href="https://dir.friendica.social/" rel="nofollow noopener" target="_blank">Friendica Directory</a>. Looking for people? Looking for news accounts? Looking for groups? There are specialised tabs for that. Friendica can tell them apart, and so can the Friendica Directory.<br><br>Caveat: The Friendica Directory only lists Friendica accounts. Friendica's built-in directory should list everything it knows. I haven't used Friendica in many years, but I guess this even includes diaspora* accounts because why not?<br><br>Hubzilla has indirectly inherited its directory from Friendica. <a href="https://hub.netzgemeinde.eu/directory" rel="nofollow noopener" target="_blank">This is the directory on Netzgemeinde, the biggest Hubzilla hub.</a><br><br>Again, it lists local as well as federated channels. You can choose whether to see only local channels ("This Website Only") or federated channels as well. You can choose whether channels flagged NSFW shall be listed or not ("Safe Mode"). You can choose to only have group actors listed that let themselves be listed ("Public Forums Only"). You have a cloud of keywords from the keyword lists in the profiles that you can filter by (Mastodon doesn't even have keyword lists in profiles). You have full-text search for names and keywords. There's even a Facebook-style suggestion mode that proposes connections to you with a ranking based on your keywords and their keywords as well as the number of common connections, and that still has the same filters.<br><br>Caveat this time: Hubzilla's directory only supports the one sole protocol built into Hubzilla's core. And that's Zot6. This means that Hubzilla's directory only lists Hubzilla and (streams) channels because Hubzilla and (streams) are the only Fediverse server applications that support Zot6.<br><br>(streams) and Forte have inherited their directories again. And they probably have the most powerful decentralised directories in the entire Fediverse. I'd give you a link, but (streams) directories generally aren't public; only local channels can access them.<br><br>These directories are similar to the ones on Hubzilla. You see local and federated actors, and you can choose to only see local actors ("This Website Only"). You can choose to only see group actors ("Groups Only"). You can choose to not see channels flagged NSFW ("Safe Mode"). What's new: Inactive actors can be kept out, too ("Recently Updated").<br><br>Now it comes: (streams) has ActivityPub built into its core, and it's on by default on new channels. Forte is entirely based on ActivityPub.<br><br>This means that their directories can list anything from anywhere that uses ActivityPub. "Groups Only" gives you Guppe groups, Lemmy communities, /kbin and Mbin magazines, PieFed communities, Mobilizon groups, Flipboard magazines, Friendica groups, Hubzilla forums, (streams) groups, Forte groups etc., all on one list.<br><br>(streams) has a slight edge over Forte here because it also lists Hubzilla and (streams) channels that have ActivityPub off such as the Streams Users Tea Garden where ActivityPub was turned off with the very intention to keep Mastodon out.<br><br>If there was a gigantic Forte server, as big as mastodon.social, and its directory was accessible to the public, that directory would be the best directory in the Fediverse for anything really. If it was on (streams), it would list more, but it would confuse some users of e.g. Mastodon who'd try to follow Hubzilla or (streams) channels that have ActivityPub off. Forte simply doesn't list these because it can't find them.<br><br>A global directory of everything sounds like a good idea, but it's next to impossible to implement.<br><br>Either the directory would go look for actors itself. In order to do that, it would have to know within a split-second not only whenever a new actor is created somewhere so it can index that actor right away, but also whenever a new server is spun up so that the admin actor can be indexed, and that server can be watched. How is it supposed to know all that?<br><br>Well, or the directory, a single, monolithic, centralised website, would have to be hard-coded into all Fediverse server software. That way, each server could immediately report newly created actors to the central directory upon their creation.<br><br>For starters, this would make the whole Fediverse depend on one single centralised website under the control of, if bad comes to worse, one person.<br><br>Besides, this would be a privacy nightmare. Let's suppose I create a new (streams) channel that's supposed to be private. Its existence and all its properties would be sent to the central directory before I can set it to private and restrict its permissions. This wouldn't be so bad on Hubzilla because I'd make the channel private before I turn on PubCrawl and make the channel accessible to the directory in the first place because the directory would only understand ActivityPub.<br><br>Of course, the directory would mostly be built against Mastodon. It would not understand the permissions systems implemented on Hubzilla, (streams) and Forte, and it might happily siphon off the profiles of channels where access to the profile is restricted and make them publicly accessible. On the other hand, this is likely to mean that the directory couldn't read most of Hubzilla's, (streams)' and Forte's profile text fields anyway because Mastodon doesn't have them.<br><br>But such a centralised directory wouldn't make connecting to other users that much easier and more convenient. You'd still have to copy and paste URLs or IDs into your local search and search for them (unless you're on Friendica, Hubzilla, (streams) or Forte where you can connect to URLs directly). At the very least, you should be able to go to the centralised directory and follow anyone just by clicking or tapping them. That, however, would require OpenWebAuth support on both your home server and that directory.<br><br>Ideally, that directory would be firmly built into all instances of all Fediverse software from snac2 to Mastodon to Hubzilla, even replacing any existing directory to confuse people less. But that would make the Fediverse even more dependent on one central website and its owner, something which should be avoided at all cost.<br><br>Lastly, nothing can ever be built into all instances of all Fediverse software. Remember that there's software with living instances that's barely being developed such as Plume. There's even software with living instances that's been officially pronounced dead such as Calckey, Firefish or /kbin. How are Firefish servers supposed to implement such a feature if nobody maintains Firefish anymore, and even the code repository was deleted?<br><br>CC: @<a href="https://toot.risottobias.org/@risottobias" rel="nofollow noopener" target="_blank">Risotto Bias</a><br><br>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Long" rel="nofollow noopener" target="_blank">Long</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=LongPost" rel="nofollow noopener" target="_blank">LongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLong" rel="nofollow noopener" target="_blank">CWLong</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLongPost" rel="nofollow noopener" target="_blank">CWLongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediMeta" rel="nofollow noopener" target="_blank">FediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediverseMeta" rel="nofollow noopener" target="_blank">FediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediMeta" rel="nofollow noopener" target="_blank">CWFediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediverseMeta" rel="nofollow noopener" target="_blank">CWFediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Fediverse" rel="nofollow noopener" target="_blank">Fediverse</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Friendica" rel="nofollow noopener" target="_blank">Friendica</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Hubzilla" rel="nofollow noopener" target="_blank">Hubzilla</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Streams" rel="nofollow noopener" target="_blank">Streams</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=%28streams%29" rel="nofollow noopener" target="_blank">(streams)</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Forte" rel="nofollow noopener" target="_blank">Forte</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=OpenWebAuth" rel="nofollow noopener" target="_blank">OpenWebAuth</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=SingleSignOn" rel="nofollow noopener" target="_blank">SingleSignOn</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=NomadicIdentity" rel="nofollow noopener" target="_blank">NomadicIdentity</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Search" rel="nofollow noopener" target="_blank">Search</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FullTextSearch" rel="nofollow noopener" target="_blank">FullTextSearch</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Directory" rel="nofollow noopener" target="_blank">Directory</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Permissions" rel="nofollow noopener" target="_blank">Permissions</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Privacy" rel="nofollow noopener" target="_blank">Privacy</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Conversations" rel="nofollow noopener" target="_blank">Conversations</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=ThreadedConversations" rel="nofollow noopener" target="_blank">ThreadedConversations</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FEP_171b" rel="nofollow noopener" target="_blank">FEP_171b</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=ConversationContainers" rel="nofollow noopener" target="_blank">ConversationContainers</a>
Jupiter Rowland@<a href="https://j12t.social/@j12t" rel="nofollow noopener" target="_blank">Johannes Ernst</a> The first step is already done:<br><br><a href="https://codeberg.org/fortified/forte" rel="nofollow noopener" target="_blank">Forte</a>, @<a class="" href="https://fediversity.site/channel/mikedev" rel="nofollow noopener" target="_blank">Mike Macgirvin ?️</a> most recent project from the same family that started with Friendica 15 years ago, is the first and only stable Fediverse server application that uses ActivityPub for <a href="https://joinfediverse.wiki/Nomadic_identity" rel="nofollow noopener" target="_blank">nomadic identity</a>. Nomadic identity itself is a concept created by Mike in 2011 and first implemented by himself in 2012 in a very early version of Hubzilla which he called Red back then.<br><br>This means that you can have the exact same channel/identity (think Mastodon account, but without its own login) on multiple server instances with one account each. If one server goes down, you still have at least one clone (depending on how many clones you make).<br><br>@<a href="https://mitra.social/users/silverpill" rel="nofollow noopener" target="_blank">silverpill</a> is working on implementing this on <a href="https://codeberg.org/silverpill/mitra" rel="nofollow noopener" target="_blank">Mitra</a>. It's still only available in development versions, though. The difference is that Mike had already created a whole bunch of Fediverse server applications with nomadic identity since 2012; he "only" had to port nomadic identity from the Zot or Nomad protocol to ActivityPub. Silverpill, on the other hand, has to implement nomadic identity in something that was built upon ActivityPub with no nomadic identity.<br><br>Both recognise each other's nomadic identities. (For comparison: Mastodon doesn't recognise any nomadic identities. It takes the two instances of this Hubzilla channel of mine for two fully separate identities.) But that's all for now.<br><br>The next step, and that's way into the future, would be to be able to clone from Forte to Mitra or from Mitra to Forte. This would give you one identity on at least two server instances of two separate Fediverse server applications.<br><br>The obvious downside is that you won't be able to take <em>everything</em> with you <em>everywhere</em> when you clone to other server types. For example, if you clone a Forte channel to Mitra, you won't be able to take your permissions settings, your permission roles, your friend zoom settings, the contents of your cloud storage, your CalDAV calendars and your CardDAV addressbook with you over to Mitra. That's simply because Mitra doesn't have any of these features.<br><br>What you envision is another step further. And that's the adoption of nomadic identity via ActivityPub and ideally also OpenWebAuth magic single sign-on, another one of Mike's creations, by all Fediverse server applications. And I mean all of them. Including extremely minimalist stuff like snac2 or GoToSocial. Including stuff that isn't actively being worked on like Plume. Including stuff that's dead, but that still has running servers, like Calckey, Firefish or /kbin. And including Mastodon which stubbornly refuses to make itself more compatible with the "competition" in the Fediverse and adopt technologies created by anyone else in the Fediverse, even more so if that someone is Mike Macgirvin.<br><br>In other words, this won't happen. Mastodon would rather turn itself into its own federated walled garden by becoming incompatible with all other ActivityPub implementations.<br><br>What many Mastodon users who know nothing about decentralisation wish for is another step further. And that's to create <em>one</em> account on <em>one</em> server instance of <em>one</em> Fediverse server software, no matter which, and then to have full-blown user permissions on <em>any</em> instance of <em>any</em> Fediverse server software.<br><br>Like, create one account on mastodon.social, go to a Pixelfed instance, post pictures Instagram-style, go to a PeerTube instance, upload videos, go to a WriteFreely instance, blog away, go to a Hubzilla hub, build a webpage, all with only your mastodon.social login.<br><br>Of course, this is impossible to do. This would mean that if you create an account on one Fediverse server instance, it would have to be cloned to all 30,000+ servers in the whole Fediverse instantaneously. And if you start your own instance, it would have to trigger 30,000+ servers to clone their tens of millions of accounts and channels over to your instance.<br><br>Usually, when I explain this to people who want to use everything with one login, they tell me that they don't want to use <em>every</em> server in the Fediverse. No, but they want to use <em>any</em> server in the Fediverse. Any one of the 30,000+.<br><br>And they want to use it <em>immediately</em>. Like, go there, use it with full-blown local user permissions right away, no delay.<br><br>Now you may argue that their account or channel could be cloned to that server when they visit it for the first time. Drive-by cloning, so-to-speak. Still, won't happen. Cloning takes time. I myself have cloned enough Hubzilla and (streams) channels over the years to be able to estimate just how long it takes. And none of my channels has ever contained tens of thousands of posts and thousands of pictures.<br><br>Besides, drive-by cloning would inflate Fediverse instances senselessly, not to mention bog them down with extra network traffic. Whenever you visit a Fediverse server instance for whichever reason (like, you want to look at a post on Friendica or Hubzilla to see what it looks like without being botched by Mastodon), your account or channel would automagically be cloned to that server instance. Another account (and channel, if necessary) on that server instance, another deluge of posts and files flooding into the database, and that clone would have to be synced with your 600 other previous drive-by clones on the 600 Fediverse server instances you've visited before.<br><br>Extra nefarious: Some "websites" that have to do with Hubzilla or a certain aspect of Hubzilla are parts of Hubzilla channels themselves. This includes <a href="https://hubzilla.org" rel="nofollow noopener" target="_blank">the official Hubzilla website</a>. If you visited them, you'd create a drive-by clone on the Hubzilla hub which hosts that website.<br><br>So if someone set up a single-user Hubzilla hub with their personal channel and a website channel on it, and the website is interesting enough, and 10,000 Fediverse users visit it, it'll end up bigger than the biggest current Hubzilla hub within days. It'll have 10,001 accounts, namely the owner's account with two channels and 10,000 accounts with drive-by clones, automatically created by the 10,000 external visitors.<br><br>But this will remain utopic not only because it's technologically pretty much impossible and very much not feasible at all. It also requires a mechanism for one Fediverse server to recognise logins on other Fediverse servers. You know, like OpenWebAuth. You want your Mastodon account to drive-by clone itself, Mastodon will have to implement OpenWebAuth, and I mean fully implement it.<br><br>There actually is <a href="https://github.com/mastodon/mastodon/pull/25012" rel="nofollow noopener" target="_blank">a pull request in Mastodon's GitHub code repository that would have implemented client-side OpenWebAuth support</a> (= Hubzilla, (streams) and Forte would recognise Mastodon logins). This isn't even about full-support that'd include login recognition on Mastodon's own side. This pull request has been there for two years. It was never merged. And it probably will never be merged.<br><br>This means that the Mastodon devs have practically rejected OpenWebAuth as a feature to implement. Won't come. Ever. Not even half of it.<br><br>And this should say everything about the chances that Mastodon will ever implement nomadic identity.<br><br>CC: @<a href="https://liberal.city/@wjmaggos" rel="nofollow noopener" target="_blank">william.maggos</a> @<a href="https://mastodon.social/@ricmac" rel="nofollow noopener" target="_blank">Richard MacManus</a> @<a href="https://indieweb.social/users/tchambers" rel="nofollow noopener" target="_blank">Tim Chambers</a> @<a href="https://mastodon.social/@benpate" rel="nofollow noopener" target="_blank">Ben Pate 🤘🏻</a><br><br>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Long" rel="nofollow noopener" target="_blank">Long</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=LongPost" rel="nofollow noopener" target="_blank">LongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLong" rel="nofollow noopener" target="_blank">CWLong</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLongPost" rel="nofollow noopener" target="_blank">CWLongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediMeta" rel="nofollow noopener" target="_blank">FediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediverseMeta" rel="nofollow noopener" target="_blank">FediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediMeta" rel="nofollow noopener" target="_blank">CWFediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediverseMeta" rel="nofollow noopener" target="_blank">CWFediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Fediverse" rel="nofollow noopener" target="_blank">Fediverse</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Mitra" rel="nofollow noopener" target="_blank">Mitra</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Hubzilla" rel="nofollow noopener" target="_blank">Hubzilla</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Streams" rel="nofollow noopener" target="_blank">Streams</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=%28streams%29" rel="nofollow noopener" target="_blank">(streams)</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Forte" rel="nofollow noopener" target="_blank">Forte</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=OpenWebAuth" rel="nofollow noopener" target="_blank">OpenWebAuth</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=SingleSignOn" rel="nofollow noopener" target="_blank">SingleSignOn</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=NomadicIdentity" rel="nofollow noopener" target="_blank">NomadicIdentity</a>
OpenHistoricalMap<p>Do you already contribute to <span class="h-card" translate="no"><a href="https://en.osm.town/@openstreetmap" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>openstreetmap</span></a></span>? You can start contributing to OpenHistoricalMap too in just a few clicks, without having to juggle yet another password for yet another mapping site. Once you have a taste of OSM <a href="https://mapstodon.space/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleSignOn</span></a> via <a href="https://mapstodon.space/tags/OAuth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth2</span></a>, you’ll never look back.</p>
Marcel SIneM(S)US<p>Einloggen mit <a href="https://social.tchncs.de/tags/ChatGPT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChatGPT</span></a> – <a href="https://social.tchncs.de/tags/OpenAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenAI</span></a> macht sich weiter breit | heise online <a href="https://www.heise.de/news/Einloggen-mit-ChatGPT-OpenAI-macht-sich-weiter-breit-10417930.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Einloggen-mit-Ch</span><span class="invisible">atGPT-OpenAI-macht-sich-weiter-breit-10417930.html</span></a> <a href="https://social.tchncs.de/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSO</span></a> <a href="https://social.tchncs.de/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleSignOn</span></a></p>
Silke Meyer<p>Guten Morgen! Am 11. Juni findet wieder meine ganztägige Keycloak-Schulung statt und es gibt noch ein paar freie Plätze. Die Zielgruppe sind Admin*s, die den von <span class="h-card" translate="no"><a href="https://univention.social/@univention" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>univention</span></a></span> ausgelieferten Keycloak in Verbindung mit UCS einsetzen. SSO-Vorkenntnisse sind nicht nötig. Falls noch jemand teilnehmen möchte, sind hier die Details zur Anmeldung:</p><p><a href="https://www.univention.de/training/keycloak/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">univention.de/training/keycloa</span><span class="invisible">k/</span></a></p><p><a href="https://univention.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keycloak</span></a> <a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://univention.social/tags/saml" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>saml</span></a> <a href="https://univention.social/tags/univention" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>univention</span></a></p>
Alexander Schwartz<p>🚢 <a href="https://fosstodon.org/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keycloak</span></a> shipped release 26.2 today (Friday afternoon)! 🚢</p><p>Pimp your <a href="https://fosstodon.org/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleSignOn</span></a> with a lot of new features. And it became even simpler to host it yourself! </p><p>* Least-privileged delegated access without service desk tickets.<br>* Enhanced token-exchange for accurate and narrowly scoped tokens for <a href="https://fosstodon.org/tags/zerotrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zerotrust</span></a> architectures.<br>* Pre-defined <a href="https://fosstodon.org/tags/Grafana" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Grafana</span></a> dashboard to monitor service level indicators.<br>* Simplified update and configuration to increase availability.</p><p><a href="https://www.keycloak.org/2025/04/keycloak-2620-released" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">keycloak.org/2025/04/keycloak-</span><span class="invisible">2620-released</span></a></p>
Silke Meyer<p>Ein kurzer Werbe-Einschub, wenn Ihr gestattet: Hab gerade gesehen, dass in "meiner" Keycloak-Schulung am 25.3. noch ein einziger Platz frei ist. Die ganztägige Schulung richtet sich an Admin*s, die den von <span class="h-card" translate="no"><a href="https://univention.social/@univention" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>univention</span></a></span> ausgelieferten Keycloak in Verbindung mit UCS einsetzen. Falls noch jemand mag, sind hier die Details: <a href="https://www.univention.de/training/keycloak/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">univention.de/training/keycloa</span><span class="invisible">k/</span></a></p><p><a href="https://univention.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keycloak</span></a> <a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/training" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>training</span></a> <a href="https://univention.social/tags/schulung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>schulung</span></a> <a href="https://univention.social/tags/univention" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>univention</span></a></p>
NobleMajo<p>Ive liked Nextcloud, but:<br>Why isnt SSO login preinstalled when it can act as an auth provider?</p><p>Btw, if anyone knows a container image where env vars persist beyond setup, let me know. </p><p><a href="https://mastodon.social/tags/Nextcloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nextcloud</span></a> <a href="https://mastodon.social/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSO</span></a> <a href="https://mastodon.social/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleSignOn</span></a> <a href="https://mastodon.social/tags/AuthProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AuthProvider</span></a> <a href="https://mastodon.social/tags/ContainerImage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ContainerImage</span></a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://mastodon.social/tags/CloudStorage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudStorage</span></a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.social/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosted</span></a> <a href="https://mastodon.social/tags/TechCommunity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechCommunity</span></a> <a href="https://mastodon.social/tags/PrivacyFirst" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivacyFirst</span></a> <a href="https://mastodon.social/tags/DataSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataSecurity</span></a> <a href="https://mastodon.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebDevelopment</span></a> <a href="https://mastodon.social/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Docker</span></a> <a href="https://mastodon.social/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a> <a href="https://mastodon.social/tags/TechSupport" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechSupport</span></a> <a href="https://mastodon.social/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SysAdmin</span></a> <a href="https://mastodon.social/tags/ITInfrastructure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITInfrastructure</span></a></p>
Jupiter Rowland@<a href="https://caneandable.social/@DavidNason" rel="nofollow noopener" target="_blank">David Nason</a> Pixelfed is wholly separate software from Mastodon on wholly separate servers with wholly separate owners. So yes, you need a separate Pixelfed account. It's a bit easier on Pixelfed if you're already on Mastodon: Pixelfed lets you automatically create a new user account by "logging in" with your Mastodon login credentials. But only Pixelfed has this as far as I know.<br><br>Loops is wholly separate again, but there's only one instance so far because it's too unfinished to even be open-source. So you'll need a Loops account next to your Mastodon account and your Pixelfed account.<br><br>Also, you'll have different followers on Mastodon, on Pixelfed and on Loops. But what you could do if you want your followers on Mastodon to see your Pixelfed posts is: Follow your own Pixelfed account from Mastodon. And then, whenever you post something interesting on Pixelfed, wait for it to arrive on your Mastodon timeline, and then boost it.<br><br>@<a href="https://urbanists.social/@markstos" rel="nofollow noopener" target="_blank">Mark Stosberg</a> There's one thing that exists already now: OpenWebAuth magic single sign-on. But it's only available on Hubzilla, (streams) and Forte and partially on Friendica.<br><br>What it does is recognise your login on another instance, even on an instance of another server application. Hubzilla, (streams) and Forte recognise logins from Friendica, Hubzilla, (streams) and Forte, but Friendica can't recognise logins.<br><br>However, this is only used by the permissions system. For example, someone whom I'm connected to could have made their profile only visible to a certain subset of their connections, including myself. If you visit their profile, you won't see anything. If I visit their profile, their home instance recognises my Hubzilla login, and I can see the profile.<br><br>What it does not do is give you the same full-blown rights as a user with a local account. I can't just, like, go to some (streams) instance and post away as, what, jupiter_rowland@rumbly.net or go to a Hubzilla hub where I don't have an account and create a webpage or a wiki or a CalDAV calendar right away without logging in. That's not how it works.<br><br>By the way, client-side OpenWebAuth support (= your login is recognised on Hubzilla, (streams) and Forte) was proposed and actually developed to the point of a pull request for Mastodon. As far as I know, it was rejected. OpenWebAuth won't come to Mastodon.<br><br>CC: @<a href="https://social.coop/@foolishowl" rel="nofollow noopener" target="_blank">FoolishOwl</a> @<a href="https://sociale.network/@oblomov" rel="nofollow noopener" target="_blank">Oblomov</a><br><br>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Long" rel="nofollow noopener" target="_blank">Long</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=LongPost" rel="nofollow noopener" target="_blank">LongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLong" rel="nofollow noopener" target="_blank">CWLong</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLongPost" rel="nofollow noopener" target="_blank">CWLongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediMeta" rel="nofollow noopener" target="_blank">FediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediverseMeta" rel="nofollow noopener" target="_blank">FediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediMeta" rel="nofollow noopener" target="_blank">CWFediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediverseMeta" rel="nofollow noopener" target="_blank">CWFediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Fediverse" rel="nofollow noopener" target="_blank">Fediverse</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Mastodon" rel="nofollow noopener" target="_blank">Mastodon</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Pixelfed" rel="nofollow noopener" target="_blank">Pixelfed</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Loops" rel="nofollow noopener" target="_blank">Loops</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Friendica" rel="nofollow noopener" target="_blank">Friendica</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Hubzilla" rel="nofollow noopener" target="_blank">Hubzilla</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Streams" rel="nofollow noopener" target="_blank">Streams</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=%28streams%29" rel="nofollow noopener" target="_blank">(streams)</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Forte" rel="nofollow noopener" target="_blank">Forte</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=OpenWebAuth" rel="nofollow noopener" target="_blank">OpenWebAuth</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=SingleSignOn" rel="nofollow noopener" target="_blank">SingleSignOn</a>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://anarres.family/@alex" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>alex</span></a></span> <span class="h-card" translate="no"><a href="https://kind.social/@EverBeyondReach" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>EverBeyondReach</span></a></span> <a href="https://infosec.space/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSO</span></a> before <a href="https://infosec.space/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleSignOn</span></a> was even envisioned! </p><p><a href="https://infosec.space/tags/Multipass" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Multipass</span></a> <a href="https://infosec.space/tags/FifthElement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FifthElement</span></a> <a href="https://infosec.space/tags/Meme" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Meme</span></a> <a href="https://infosec.space/tags/LeeloDallas" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LeeloDallas</span></a> <a href="https://infosec.space/tags/Leelo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Leelo</span></a> <a href="https://infosec.space/tags/Movie" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Movie</span></a></p>
Silke Meyer<p>Until now, our default identity provider was SimpleSAMLphp which speaks SAML 2.0 for authentication and authorization. Starting with UCS 5.2, we will switch to Keycloak, a solution that supports SAML, OAuth and OIDC. New terminology, new concepts! In this article I introduce you to OIDC scopes and their usage in Keycloak. Spoiler: It is about granular control over the user information you release to client apps.</p><p><a href="https://help.univention.com/t/how-to-release-user-information-in-keycloak-with-oidc-scopes/23558" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">help.univention.com/t/how-to-r</span><span class="invisible">elease-user-information-in-keycloak-with-oidc-scopes/23558</span></a></p><p><a href="https://univention.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keycloak</span></a> <a href="https://univention.social/tags/nubus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nubus</span></a> <a href="https://univention.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/sso" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sso</span></a> <span class="h-card" translate="no"><a href="https://univention.social/@univention" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>univention</span></a></span></p>
Jupiter Rowland@<a href="https://soc.redeagle.me/@bryan" rel="nofollow noopener" target="_blank">Bryan Redeagle</a> <blockquote>I found a really cool one called Zot that had cross site authentication, which made privacy settings really interesting and useful. Unfortunately, the developer took down all of the drive and instead created a reference application called (streams), the parenthesis are correct. (streams) has no good info or documentation. You have to read the code to figure it out.</blockquote><br><br>A few corrections. Source: I've been using that stuff since before Mastodon was hot. Oh, and this is going to be <em>long</em>.<br><br>First of all, the creator, @<a class="" href="https://fediversity.site/channel/mikedev" rel="nofollow noopener" target="_blank">Mike Macgirvin 🖥️</a>, not only created the Zot protocol, but also a reference implementation <em>at the same time</em>. As in 2012. The reference implementation was named Red and a fork of his very own Friendica from 2010. Since Red turned out to be a not-so-good name, it was renamed Red Matrix. And as it didn't really take off, it was redesigned and renamed into <a href="https://joinfediverse.wiki/What_is_Hubzilla%3F" rel="nofollow noopener" target="_blank">Hubzilla</a> in 2015. Hubzilla still exists today. I'm using it right now.<br><br>Mike kept advancing the Zot protocol further and further with a whole string of forks and forks of forks and so forth. Zot6 matured with Zap around 2019 and brought OpenWebAuth magic single sign-on with itself. Both were backported to Hubzilla, which has been maintained by someone else since 2018, in 2010.<br><br>Zot's killer feature is not OpenWebAuth magic single sign-on, though. It's <a href="https://joinfediverse.wiki/What_is_nomadic_identity%3F" rel="nofollow noopener" target="_blank">nomadic identity</a>. The very thing it was designed for.<br><br>In 2021, Zot11 was reached, but it had advanced so far that it was no longer compatible with Zot6, so it was renamed to Nomad. Today's Nomad would be Zot12.<br><br>(streams) is only a semi-official name, given to it by the community, based on the name of <a href="https://codeberg.org/streams/streams" rel="nofollow noopener" target="_blank">the code repository</a>. Officially, the application is not a project, it is intentionally nameless (no, I'm not kidding, this thing has no name), it is intentionally devoid of any traces of a brand identity, it intentionally had almost all nodeinfo code removed, and it was intentionally released into the public domain.<br><br>As (streams) is not a branded product, it does not have a website either.<br><br>The reason why it doesn't have any documentation is another one: The documentation it had was painfully outdated. It was basically handed on from fork to fork to fork and never touched. Parts of it have remained untouched since before Osada and Zap were forked from Hubzilla, and that was in 2018. Other parts still speak of Red, and that name ceased to exist in 2012. I know because Hubzilla's current documentation is every bit as old.<br><br>Hubzilla is right now having its entire documentation re-written from scratch in German and English by a community member.<br><br>For (streams), however, the only solution was to <em>rip the whole documentation out</em> because <em>no</em> documentation was deemed better than one that's so outdated it's useless.<br><br>It was considered not so bad for as long as how few people a) learned about (streams) and b) figured out how to find an open-registration instance of something that has neither third-party instance lists nor a unified instance identifier actually joined (streams). After all, they all came from Hubzilla, so they could figure out most themselves.<br><br>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Long" rel="nofollow noopener" target="_blank">Long</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=LongPost" rel="nofollow noopener" target="_blank">LongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLong" rel="nofollow noopener" target="_blank">CWLong</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWLongPost" rel="nofollow noopener" target="_blank">CWLongPost</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediMeta" rel="nofollow noopener" target="_blank">FediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=FediverseMeta" rel="nofollow noopener" target="_blank">FediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediMeta" rel="nofollow noopener" target="_blank">CWFediMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CWFediverseMeta" rel="nofollow noopener" target="_blank">CWFediverseMeta</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Fediverse" rel="nofollow noopener" target="_blank">Fediverse</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Zot" rel="nofollow noopener" target="_blank">Zot</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Zot6" rel="nofollow noopener" target="_blank">Zot6</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Nomad" rel="nofollow noopener" target="_blank">Nomad</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Hubzilla" rel="nofollow noopener" target="_blank">Hubzilla</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Streams" rel="nofollow noopener" target="_blank">Streams</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=%28streams%29" rel="nofollow noopener" target="_blank">(streams)</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=NomadicIdentity" rel="nofollow noopener" target="_blank">NomadicIdentity</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=SingleSignOn" rel="nofollow noopener" target="_blank">SingleSignOn</a> #<a class="" href="https://hub.netzgemeinde.eu/search?tag=OpenWebAuth" rel="nofollow noopener" target="_blank">OpenWebAuth</a>
Arcadiagt5<p>Now waiting to find out which allegedly <a href="https://mstdn.social/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleSignOn</span></a> system the <a href="https://mstdn.social/tags/PasswordChange" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PasswordChange</span></a> did NOT automatically propagate to…</p>
Silke Meyer<p>Vielen Dank für Euer Interesse an meinem Single Sign-on Vortrag. Ich habe mich total über den vollen Saal und die vielen Nachfragen und Anregungen gefreut! 😊</p><p><a href="https://univention.social/tags/clt2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>clt2024</span></a> <a href="https://univention.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keycloak</span></a><br><a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>singlesignon</span></a><br><span class="h-card" translate="no"><a href="https://univention.social/@univention" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>univention</span></a></span></p>
Silke Meyer<p>Ein <span class="h-card" translate="no"><a href="https://univention.social/@univention" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>univention</span></a></span> -Kollege und ich fahren am Wochenende zu meiner Lieblingsveranstaltung, den Chemnitzer Linuxtagen. </p><p>Für Sonntag morgen hab ich Input im Gepäck: Ich versuche mich in einem einführenden Rundumschlag zum Thema Single Sign-on für Webanwendungen. Was ist das überhaupt? Nimmt man SAML oder OIDC? Shibboleth IdP oder Keycloak? <br>Schaut vorbei - ich freue mich!</p><p><a href="https://chemnitzer.linux-tage.de/2024/de/programm/beitrag/213" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">chemnitzer.linux-tage.de/2024/</span><span class="invisible">de/programm/beitrag/213</span></a></p><p><a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keycloak</span></a> <a href="https://univention.social/tags/shibboleth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shibboleth</span></a> <a href="https://univention.social/tags/saml" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>saml</span></a> <a href="https://univention.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://univention.social/tags/univention" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>univention</span></a> <a href="https://univention.social/tags/clt2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>clt2024</span></a></p>
Jupiter Rowland@<a href="https://chaos.social/@kubikpixel" rel="nofollow noopener" target="_blank">KubikPixel™</a> Kommt ganz drauf an, was man will.<br><br>Die beste direkte Alternative dürfte <strong>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Firefish" rel="nofollow noopener" target="_blank">Firefish</a></strong> ex #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CalcKey" rel="nofollow noopener" target="_blank">CalcKey</a> sein, das #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Mastodon" rel="nofollow noopener" target="_blank">Mastodon</a> in Features weit voraus ist. #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Volltextsuche" rel="nofollow noopener" target="_blank">Volltextsuche</a> hat Mastodon gerade erst eingeführt, so daß die mangels brauchbarer Indizes noch gar nicht richtig nutzbar ist. Firefish hatte sie schon immer, weil auch #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Misskey" rel="nofollow noopener" target="_blank">Misskey</a> sie schon immer hatte.<br><br>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Textformatierungen" rel="nofollow noopener" target="_blank">Textformatierungen</a> und #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Zitate" rel="nofollow noopener" target="_blank">Zitate</a> konnten Firefish und Misskey meines Wissens auch schon immer. Mastodon kann beides nur anzeigen, während Firefish sogar Textformatierungen erzeugen kann, die Mastodon nicht anzeigen kann.<br><br>Oder Zeichenlimits beim Schreiben von Posts. Mastodon kann nur 500 Zeichen. Für mehr muß der Admin so tief in die Software einsteigen, daß man fast schon von einem Fork reden könnte. Firefish kann standardmäßig 3000 Zeichen, was der Admin meines Wissens auf der Oberfläche einstellen, also noch erhöhen kann. Zugegeben, beide hacken #<a class="" href="https://hub.netzgemeinde.eu/search?tag=AltText" rel="nofollow noopener" target="_blank">AltText</a> rigoros bei 1500 Zeichen ab.<br><br>Last but not least unterstützt Firefish meines Wissens die Mastodon-API, sollte also gute Unterstützung durch Mastodon-Apps haben bis darauf, daß man mit Apps, die nur für Mastodon entwickelt werden, auch fast nur das machen kann, was Mastodon kann.<br><br><strong>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Friendica" rel="nofollow noopener" target="_blank">Friendica</a></strong> ist natürlich noch mächtiger. Es hat Zeichenlimits in den Zigtausenden, es unterstützt wohl noch mehr Formatierungen, es hat einen Filehoster eingebaut, es hat einen öffentlichen Kalender eingebaut, man kann Konten als moderierte Gruppen/Foren einrichten usw. Und es hat mit all dem schon Erfahrungein seit 2010.<br><br>Der Hauptnachteil dürfte aber sein, daß es weiter von Mastodon entfernt ist als Firefish. Es gibt mehr, was anders ist und anders läuft. Was man auf Mastodon gelernt oder von Twitter mitgenommen hat, kann man auf Friendica eigentlich gleich wieder vergessen.<br><br>Posts schreibt man nicht wie Tweets, sondern wie Blogposts. Bilder werden nicht als Dateien angehängt, sondern woanders hochgeladen (meistens im eingebauten Dateispeicher) und irgendwo im Text eingebettet. Alt-Text ist kein separates Feld, sondern muß per Hand in den BBcode eingeflochten werden. Ein Content-Warning-Feld gibt's nicht, aber eins für den Titel und eins für die Zusammenfassung, wobei sich letzteres dann als dasselbe wie Content Warnings auf Mastodon entpuppt. Direktnachrichten gehen nicht mit @ und Rechteeinstellen, sondern mit !. Antworten sind nicht auch Posts, sondern Kommentare, und das ist ganz was anderes als ein Post. Und so weiter.<br><br>Klar, Friendica kann mehr und einiges auch besser, aber Mastodon-Umsteiger müssen im Prinzip alles ganz neu lernen.<br><br><strong>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Streams" rel="nofollow noopener" target="_blank">Streams</a></strong> von 2021 ist in Teilen <em>noch</em> mächtiger als Friendica (wobei ein Teil von Friendicas Features wieder fehlt), <strong>#<a class="" href="https://hub.netzgemeinde.eu/search?tag=Hubzilla" rel="nofollow noopener" target="_blank">Hubzilla</a></strong> von 2015 ist durchweg noch sehr viel mächtiger. Aber hier ist die Umgewöhnung noch heftiger, alleine schon, weil die eigene Identität nicht durchs Konto definiert ist, sondern in einem Kanal "containerisiert". Und man kann auf demselben Konto mehrere Kanäle mit separaten Identitäten haben. Und dann kommt noch #<a class="" href="https://hub.netzgemeinde.eu/search?tag=NomadischeIdentit%C3%A4t" rel="nofollow noopener" target="_blank">NomadischeIdentität</a> oben drauf, auch wenn die eigentlich der feuchte Traum vieler Mastodon-Nutzer ist. Sie erfordert nur eben Um-die-Ecke-Denken.<br><br>Hubzilla ist natürlich so ziemlich der ultimative Alleskönner. Es ist mehr als nur Friendica mit ein bißchen Extrazeugs, wobei vieles genauso funktioniert wie auf Friendica und somit ganz anders als auf Mastodon.<br><br>Hubzilla ist ein "Social CMS", das einem neben Social Networking und Gar-nicht-so-Microblogging auch voll formatiertes Macroblogging bietet, das sich in der Funktion kaum vom Gar-nicht-so-Microblogging unterscheidet, außerdem einfache Websites, Wikis, Cloudspeicher mit WebDAV, CalDAV und CardDAV und so weiter und so fort. Oben drauf gibt's ein sehr detailliertes Rechtemanagement, das auch eng verzahnt ist mit #<a class="" href="https://hub.netzgemeinde.eu/search?tag=SingleSignOn" rel="nofollow noopener" target="_blank">SingleSignOn</a> durch #<a class="" href="https://hub.netzgemeinde.eu/search?tag=OpenWebAuth" rel="nofollow noopener" target="_blank">OpenWebAuth</a>.<br><br>Aber auf der einen Seite steht dieser gigantische Funktionsberg, und auf der anderen Seite steht die Benutzeroberfläche. An sich könnte die extrem flexibel sein, sie unterstützt Komplett-Themes, die für jeden Kanal individuell wählbar wären. In der Praxis gibt es aber nur noch ein Theme, das gepflegt wird. Das ist noch von 2012, wurde aus einem Friendica-Standardthema für die #<a class="" href="https://hub.netzgemeinde.eu/search?tag=RedMatrix" rel="nofollow noopener" target="_blank">RedMatrix</a> umgebaut, hat sich seitdem kaum bis gar nicht verändert und hat mit Usability kaum etwas zu tun. Alternativen sind in der Mache, aber noch nicht offiziell verfügbar.<br><br>Dazu kommt die Dokumentation. Die wurde geschrieben von Entwicklern, die nicht wußten, wie man Nichtentwicklern etwas erklärt, also z. B. ganz normalen Endnutzern, und liest sich streckenweise eher wie ein technisches Lastenhaft. Noch dazu ist sie zu erheblichen Teilen so hoffnungslos veraltet, daß sie überhaupt nicht nutzbar ist.<br><br>Ach ja: Textformatierung gibt's. Textformatierung mit Klickibunti und Echtzeit-WYSIWYG gibt's nicht. Wer keinen BBcode kann, hat verloren, weil einem auch die Buttons nur BBcode in den Editor packen. Auch wenn zum Glück zumindest die BBcode-Implementation von Hubzilla ziemlich gut dokumentiert und halbwegs aktuell ist.<br><br>(streams) hat nicht mehr den Funktionsumfang von Hubzilla. Das Ziel ist hier eigentlich nicht, von vornherein einen Alleskönner zu haben, sondern eine Codebasis, um daraus was feines Eigenes zu bauen. Die Oberfläche sieht ganz ähnlich aus, ist aber einen Tick zugänglicher, vielleicht auch deshalb, weil es vieles einfach nicht mehr gibt. Erleichternd dürfte für einige dazukommen, daß auf (streams) alles wahlweise mit BBcode, Markdown oder HTML formatiert werden kann, so daß man keinen BBcode lernen muß, wenn man schon Markdown kann.<br><br>(streams) hat auch eine bessere Anbindung von #<a class="" href="https://hub.netzgemeinde.eu/search?tag=ActivityPub" rel="nofollow noopener" target="_blank">ActivityPub</a> und Verbesserungen in der nomadischen Identität. Dafür kann es sich mit nichts anderem mehr verbinden, außer daß es immer noch RSS-Feeds erzeugt und E-Mail-Benachrichtigungen verschicken kann.<br><br>Näher an Mastodon ist es damit aber nicht. Im Gegenteil: Verwirrend ist schon mal, daß es sich nicht um ein in sich geschlossenes Projekt mit Namen und Marke handelt. Es ist gar kein Projekt, sondern nur ein Code-Repository. Es hat auch keinen Namen und kein Logo. Es ist wirklich mit voller Absicht namenlos. Der Name "Streams" und das Wellenlogo gehören beide zum Repository, nicht zur Software. Daher auch die Klammern um den "Namen".<br><br>Das heißt auch, daß die einzelnen Instanzen keine einheitliche Projektidentität haben. Mastodon-Instanzen identifizieren sich alle als Mastodon. Hubzilla-Instanzen identifizieren sich alle als Hubzilla. (streams)-Instanzen identifizieren sich als <em>irgendwas</em>, weil man da selbst etwas eintragen kann und muß. Waitman Gobbles öffentliche Instanz namens Rumbly identifiziert sich beispielsweise nicht als "Streams", sondern als "-get".<br><br>Folge: Es ist nicht möglich, (streams)-Instanzen automatisiert zu crawlen, zu identifizieren und aufzulisten. Das wird noch zusätzlich dazu erschwert, daß mit ebenso voller Absicht die Statistikausgabe aus (streams) komplett entfernt wurde. Die einschlägigen Projekt- und Instanz-Listenseiten fürs #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Fediverse" rel="nofollow noopener" target="_blank">Fediverse</a> listen allesamt keine (streams)-Instanzen, und das werden sie auch nicht, weil das zum einen nicht gewollt und zum anderen wegen der uneinheitlichen Identifikation der Instanzen gar nicht möglich ist.<br><br>Folge: (streams)-Instanzen zu finden, ist <a href="https://hub.netzgemeinde.eu/item/7961d936-9ccd-45f0-b635-7cf512b02324" rel="nofollow noopener" target="_blank">Detektivarbeit</a>. Das dürfte auch erklären, warum es bei (streams) einen noch höheren Anteil an persönlichen Instanzen gibt, zumal es kaum öffentliche Instanzen mit offener Registrierung gibt.<br><br>Ein gemeinsamer Nachteil von Hubzilla und (streams) ist: Smartphone-Apps kann man vergessen. Für Hubzilla gibt's eine, die seit 2018 nicht mehr gepflegt wird, also mehr als die Hälfte der Zeit, die es Hubzilla gibt. Die funktioniert inzwischen gar nicht mehr. Und auch die hat den Fokus nur aufs Mikroblogging gelegt.<br><br>(streams) wird wohl nie eine Smartphone-App haben, eben weil es kein in sich geschlossenes Projekt mit fixer Projektidentität ist.<br><br>Beide unterstützen nicht die Mastodon-API, soweit ich weiß. Also ist man so oder so auf den Webbrowser angeweisen. Andererseits sind beide Projekte so mächtig, daß es kaum möglich sein dürfte, ihren jeweils kompletten Funktionsumfang in eine dann immer noch leicht bedienbare Smartphone-App zu pressen.
Jupiter RowlandWhat this channel is about, what it means that it's on Hubzilla and not on Mastodon, how I (don't actually) follow you back when you follow me; long (~14,000 characters in one post); CW: tech, FLOSS, a11y meta, alt-text meta, sensitivity meta, content warning meta, CW meta, mentions of memes/religion/science/history/philosophy/eye contact/public display of affection/family/food/alcohol/cats/health/medicine/work
Jupiter Rowland@<a href="https://toots.nu/@jens" rel="nofollow noopener" target="_blank">Jens Ljungkvist :mastodon:</a> @<a href="https://calckey.social/@box464" rel="nofollow noopener" target="_blank">Jeff Sikes</a> @<a href="https://calckey.social/@kainoa" rel="nofollow noopener" target="_blank">Kainoa</a> @<a href="https://calckey.social/@atomicpoet" rel="nofollow noopener" target="_blank">Chris Trottier</a> Something similar to "one account on all projects" is already in the works.<br><br>By and by, #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Fediverse" rel="nofollow noopener" target="_blank">Fediverse</a> projects may adopt #<a class="" href="https://hub.netzgemeinde.eu/search?tag=OpenWebAuth" rel="nofollow noopener" target="_blank">OpenWebAuth</a>, a #<a class="" href="https://hub.netzgemeinde.eu/search?tag=SingleSignOn" rel="nofollow noopener" target="_blank">SingleSignOn</a> implementation developed by @<a class="" href="https://macgirvin.com/channel/mike" rel="nofollow noopener" target="_blank">mike</a> for #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Hubzilla" rel="nofollow noopener" target="_blank">Hubzilla</a> and currently implemented on Hubzilla, its direct predecessor #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Friendica" rel="nofollow noopener" target="_blank">Friendica</a> and its latest not-quite direct descendant, #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Streams" rel="nofollow noopener" target="_blank">Streams</a>. An implementation is also in development on #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Mastodon" rel="nofollow noopener" target="_blank">Mastodon</a>. It should not be confused with #<a class="" href="https://hub.netzgemeinde.eu/search?tag=OAuth" rel="nofollow noopener" target="_blank">OAuth</a> and #<a class="" href="https://hub.netzgemeinde.eu/search?tag=OAuth2" rel="nofollow noopener" target="_blank">OAuth2</a>, these are something entirely different.<br><br>What OpenWebAuth is that it recognises logins elsewhere. When I'm logged into this Hubzilla account, and I visit another Hubzilla hub or maybe a Friendica node or a (streams) instance, it will automatically recognise me. And it will grant me some extra "guest permissions" like being able to post directly on the wall of another Hubzilla or (streams) channel.<br><br>What it does not do, however, is give me all the power on any Friendica node, Hubzilla hub or (streams) instance that a logged-in user with a user account has.<br><br>I can't go to another Hubzilla hub and create a clone of my channel or create a brand-new channel or post an article or start a wiki or upload files just with my OpenWebAuth login credentials. And when Mastodon introduces OpenWebAuth, I still won't be able to go to any one random Mastodon instance and start tooting. All this would still require a local user account on that one specific instance.<br><br>One account for the whole Fediverse is utopic. It's technologically impossible or just very very very unfeasible.<br><br>The Fediverse has 24,000+ instances of dozens of projects. If you want full local user power everywhere in the Fediverse, you'll need one registered account on each one of these 24,000+ instances.<br><br>Whenever someone joins mastodon.social, then RATATATATATATATATATATA, 24,000+ more accounts with the same login credentials will have to be created automatically.<br><br>Also, the Fediverse has 12,000,000+ users. If you want full local user power everywhere in the Fediverse, then everyone else must have it, too. So every single instance of each Fediverse project will have to have one account per Fediverse user. The only exceptions would be those very few projects which are designed for only one user account.<br><br>However, personal instances of projects that are designed for multiple user accounts will all be affected. The hapless Mastodon user who comes over to your personal Hubzilla hub to act like a registered user will neither know nor care if that hub is running on a root server in a data centre with two 36-core Xeon CPUs and enough RAM to make a 3-D CAD workstation cry or on a Raspberry Pi at your home.<br><br>Now, let's assume someone has set up a new Web server with some Fediverse project installed on it. It doesn't matter if that's Mastodon or #<a class="" href="https://hub.netzgemeinde.eu/search?tag=CalcKey" rel="nofollow noopener" target="_blank">CalcKey</a> or #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Lemmy" rel="nofollow noopener" target="_blank">Lemmy</a> or #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Mitra" rel="nofollow noopener" target="_blank">Mitra</a> or (streams) or whatever as long as it has #<a class="" href="https://hub.netzgemeinde.eu/search?tag=ActivityPub" rel="nofollow noopener" target="_blank">ActivityPub</a>. They start that thing up for the first time: <code>sudo systemctl start nginx</code> or so.<br><br>And RATATATATATATATATATATA TATATATATATATATATATATA TATATATATATATATATATATA TATATATATATATATATATATA TATATATATATATATATATATA TATATATATATATATATATATA, that poor thing will sit for WEEKS registering over twelve million user accounts.<br><br>Why? Because anyone in the Fediverse might come over anytime soon and want to use just this one specific instance as if they had registered their personal user account there. In order to be able to do that, they need a user account.<br><br>By the way, not even the notorious featherweight #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Pleroma" rel="nofollow noopener" target="_blank">Pleroma</a> could handle 12,000,000+ user accounts on one instance. Mastodon can do that even less, not to mention the heavyweight Friendica or the super-heavyweight Hubzilla.<br><br>Speaking of Hubzilla, maybe a new Hubzilla hub might get away more easily when starting up for the first time. On Hubzilla, ActivityPub is optional per hub and then per channel. The hub admin can switch it on and off, and if it's on, the users can switch it on and off again for each one of their channels.<br><br>So if ActivityPub is off on the admin side by default, new Hubzilla hubs will only register one user account for each Hubzilla and (streams) user out there, maybe also for the users on the few remaining instances of the #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Zotlabs" rel="nofollow noopener" target="_blank">Zotlabs</a> projects that went EOL on New Year's Eve 2022, #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Redmatrix" rel="nofollow noopener" target="_blank">Redmatrix</a>, #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Osada" rel="nofollow noopener" target="_blank">Osada</a>, #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Zap" rel="nofollow noopener" target="_blank">Zap</a>, #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Misty" rel="nofollow noopener" target="_blank">Misty</a> a.k.a. #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Mistpark2020" rel="nofollow noopener" target="_blank">Mistpark2020</a> and #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Roadhouse" rel="nofollow noopener" target="_blank">Roadhouse</a>. They all speak one native language, #<a class="" href="https://hub.netzgemeinde.eu/search?tag=Zot" rel="nofollow noopener" target="_blank">Zot</a>.<br><br>But once the admin activates the Pubcrawl app for their hub, that hub will immediately start registering user accounts for every user on every instance of every project that connects to Hubzilla via ActivityPub, each account with one channel with Pubcrawl on. And it will spend weeks or months doing so and not have any server resources left to do anything else in the meantime.<br><br>Speaking of Hubzilla, there's also #<a class="" href="https://hub.netzgemeinde.eu/search?tag=NomadicIdentity" rel="nofollow noopener" target="_blank">NomadicIdentity</a>, the killer feature of the Zot protocol. Hubzilla has it, (streams) has it, and the (un)dead Zotlabs projects have it.<br><br>Ideally, each Fediverse user would not get one account on each Hubzilla hub and each (streams) instance with one separate, unique channel on it. They would first get the accounts. On one account on one Hubzilla hub, one channel would be created. This channel would then be cloned across all Hubzilla hubs and to (streams).<br><br>Advantage: Each Fediverse user would only have one channel for Hubzilla and (streams) together. They would have the exact same content on all Hubzilla hubs and, minus what Hubzilla can do that (streams) can't, all (streams) instances.<br><br>Obvious disadvantage: Whenever someone decides to do something on that channel, it would have to be synced to all its clones in near-real-time, causing a lot of network traffic.<br><br>And if you set up a new Hubzilla hub or (streams) instance, the creation of 12,000,000+ accounts would actually become a lesser problem. The bigger problem would be the 12,000,000+ channels that will be cloned onto your machine with everything on them. You'd better attach a few petabytes worth of HDD capacities to your personal little Raspberry Pi.<br><br>By the way, if everyone had full local user rights on each Fediverse instance, the Fediverse would have over 300 billion local accounts.
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload