I'm really excited about all the activity in the federated, self-hosted space. However, I feel like there's still a missing piece around identity. I don't want to have to create a new user every time I want to use someone elses shiny new federated event sharing application or what have you.
There don't seem to be any great self hosted OpenID providers out there and OpenID only solves the authentication part anyway. Maybe I've missed some obvious solutions?
@alexl @zatnosk @cwebber As I understand that's exactly the problem that DID attempts to address. A DID document describes methods by which an entity can cryptographically prove that they are associated with a DID (https://w3c-ccg.github.io/did-spec/#authentication) so service providers like a Mastodon instance or a Peertube instance just have to ask the user to run through that authentication flow. Each instance can then use the DID document to lookup service endpoints like the users home mastodon instance. I think ...
@alex OK, and in my example how PeerTube instance can write in my Mastodon instance the reply without an API? If I need to log into Mastodon to check Mastodon notifications and in PeerTube to check PeerTube notifications I miss the point of cross-platform auth...
@alexl So there's every possibility I am being dumb here as I've only skimmed all the relevant specs but isn't that case already covered by the ActivityPub spec? Can the Peertube instance post to your Mastodon inbox to achieve what you want? Or something along those lines?
@alex Mastodon and PeerTube support only AP's server-server API
memoryandthought.me is one server in the network