Idk if its in the works but really want transportable profiles,
Yeah. That’s gonna be necessary for people to deal with instances that maybe go down.
I’d like that to be based on a pub/privkey pair, with the privkey not being uploaded. Like, I can sign a message in the profile on each account saying “I am both blah@instance1.com and blah@instance2.com; blah@instance2.com isn’t some imposter”.
You can do that manually in your profile and have humans verify it, I guess, but it’s something that software could handle automatically.
Other benefits:
If someone breaks into an instance and compromises the password database and attacks it offline, as things stand, you have no way to prove that you are who you say you are. If you have the private key, you can come back and re-establish trusted identity, since it’s tied to a pubkey.
It doesn’t even need to deal with permanent moves. If an instance is just down temporarily – which does happen – it’d be nice to just seamlessly browse on another instance. I dunno if there’s a great way to do that from a browser, absent plugins, but for native clients, the client could dump the subscription list, etc and sync them. Help reliability of the service in general.
Yeah. That’s gonna be necessary for people to deal with instances that maybe go down.
I’d like that to be based on a pub/privkey pair, with the privkey not being uploaded. Like, I can sign a message in the profile on each account saying “I am both blah@instance1.com and blah@instance2.com; blah@instance2.com isn’t some imposter”.
You can do that manually in your profile and have humans verify it, I guess, but it’s something that software could handle automatically.
Other benefits:
If someone breaks into an instance and compromises the password database and attacks it offline, as things stand, you have no way to prove that you are who you say you are. If you have the private key, you can come back and re-establish trusted identity, since it’s tied to a pubkey.
It doesn’t even need to deal with permanent moves. If an instance is just down temporarily – which does happen – it’d be nice to just seamlessly browse on another instance. I dunno if there’s a great way to do that from a browser, absent plugins, but for native clients, the client could dump the subscription list, etc and sync them. Help reliability of the service in general.
I love how u independantly came to my ideal implementation. It solve so many problems and helps make security tight af.