⚠️ .io domain^1 likely being phased-out^2 — seven suggested steps Good article in The Verge summarizing recent .io related events, see that for more context if this is news to you: * https://www.theverge.com/2024/10/8/24265441/uk-treaty-end-io-domain-chagos-islands It looks likely .io (and .io domains) will go away in the next few years (as .cs and .yu did^3), so here are my suggested steps to take depending on your usage of .io domains: 1. Avoid buying new .io domains (or making plans with existing ones; sell if you can) 2. If you currently run a .io service^4 (for a company or community), make and publicize a transition plan (like a new domain, redirection, orderly shutdown plan for redirects) 3. If you have a personal site on a .io domain^5 or subdomain, make your own transition plan, and perhaps post about how others should link to your posts 4. If you are using someone else’s .io domain to publish (like #GitHubPages^6), make a transition plan to publish elsewhere and leave a forwarding note and link behind 5. If you use a .io domain as your Web sign-in login on any sites, switch them to another non-io personal domain 6. Similarly if your site accepts #WebSignIn logins (via #IndieAuth, #RelMeAuth, or even #OpenID), consider discouraging any new sign-ups from .io domains, and warning any existing users with .io domains to switch per # 5 7. If you have posts (or a whole #indieweb site) with links to .io sites or pages (like those in 2-4 above), make a plan for editing those links to point to an alternative or an archival copy (like on the Internet Archive) And of course, post about your #dotIO plans. Glossary Domain https://indieweb.org/domain IndieAuth https://indieweb.org/IndieAuth Internet Archive https://web.archive.org/ OpenID https://indieweb.org/OpenID Redirect https://indieweb.org/redirect RelMeAuth https://indieweb.org/RelMeAuth Web sign-in https://indieweb.org/Web_sign-in References: ^1 https://indieweb.org/.io ^2 https://en.wikipedia.org/wiki/.io#Phasing_Out ^3 https://en.wikipedia.org/wiki/.cs ^4 E.g. https://indieweb.org/webmention.io or https://indieweb.org/granary.io ^5 E.g. https://indieweb.org/werd.io ^6 https://indieweb.org/github.io This is post 25 of #100PostsOfIndieWeb. #100Posts ← https://tantek.com/2024/283/t1/metaphors-constructive-cooperative-joyful → https://tantek.com/2024/287/t1/fediverse-unfollow-bridgyfed-bug - Tantek

IndieAuth

IndieAuth is an identity layer on top of OAuth 2.0 [RFC6749], primarily used to obtain an OAuth 2.0 Bearer Token [RFC6750] for use by [Micropub] clients. End-Users and Clients are all represented by URLs. IndieAuth enables Clients to verify the identity of an End-User, as well as to obtain an access token that can be used to access resources under the control of the End-User.

IndieAuth for your site

Log in to other sites with your domain via RelMeAuth/IndieAuth.

AWS Marketplace: Virtuoso 08.03.3330 PAGO Ubuntu 20.04 Focal Instance

Cloud Hosted Pay-As-You-Go edition of a High-Performance, Scalable, Secure, Platform for Data Access, Integration, Virtualization, and Native Data Man...

13 years ago today: created #RelMeAuth with @progrium.com, to replace OpenID 1&2 for *reasons* * modest proposal: authentication using domain as identity, rel=me link to OAuth profile with rel=me link back^1 * @progrium.com suggested RelMeAuth name^2 * I agreed, and wrote up a draft algorithm^3 All on the same day. A few months later I wrote it up as a draft spec: * https://microformats.org/wiki/RelMeAuth (could use some updates) More updates and discussion: * https://indieweb.org/RelMeAuth See those links for RelMeAuth implementations in: * PHP, Python, Node, Ruby, Go RelMeAuth is simpler for both publishers & parsers (consuming code) than OpenID. There are now more sites that support RelMeAuth (and the complementary IndieAuth) than OpenID (which is largely abandoned^4). And today, @Github.com rolled out support for multiple rel=me profile links!^5 This means you can now use @Github.com’s OAuth (and their multifactor login etc.) to authenticate as your own domain via RelMeAuth on even more services. E.g. see my profile https://tantek.com/github (not a typo^6). The left sidebar links to my personal site, Twitter, and https://micro.blog/t all with rel=me markup. This is day 26 of #100DaysOfIndieWeb #100Days ← Day 25: https://tantek.com/2023/029/t1/indieweb-beyond-blogging → Day 27: https://tantek.com/2023/033/t1/twitter-api-log-in-web-sign-in-relmeauth ^1 https://tantek.com/2010/032/t5/modest-proposal-authentication-oauth-twitter-rel-me ^2 https://twitter.com/progrium/status/8521001762 ^3 https://tantek.com/2010/032/t6/relmeauth-oauth-rel-me-auto-fallback-authentication ^4 OpenID 1&2 were abandoned for OIDC (OpenID Connect), a supposed update/replacement, despite dropping the goal of domain as identity, the use-case for OpenID in the first place, so the #IndieWeb picked up that use-case with RelMeAuth & IndieAuth. ^5 https://hachyderm.io/@nova/109790530971147702 ^6 https://tantek.com/2022/144/t1/redirected-github-ownyourlinks - Tantek