mccDec 5, 2018

Okay so tumblr is banning rotating cubes saying it's porn and facebook banned saying "i'm gay" saying it's sexual solicitation and Twitter always seemed like it could disappear at any moment

I feel like we need to be getting ready for Mass Migration to Mastodon, which means we need to fix anything that keeps Mastodon from being usable, and there is in fact something that keeps Mastodon from being usable, there's one specific thing, it's this:

https://github.com/tootsuite/mastodon/issues/177

Support account migration · Issue #177 · tootsuite/mastodon

A lot of people seem to be jumping on https://mastodon.social right now, even though the end goal is to have users separated out across multiple federated instances. However, if people start puttin...

Show threadeidolonDec 5, 2018

@mcc I don't know if there is a way to allow network migrations to be safe without requiring some sort of authentication method that the user in question holds the keys to, instead of the original publishing server.

If any instance could trigger a migration in absence of the original instance (ala w.t situation) that would be way more dangerous.

Show threadmccDec 5, 2018
@shaderphantom Sure, so now you just have an authentication problem. Consult the entire history of cryptography and see if any existing solutions for this problem are worth their downsides.
Show threadmcc
@shaderphantom What if you had to opt-in, so people can choose between "what if the instance shuts down" vs "what if hax"? You set a "this account may at some point in the future migrate, here's my public signing key" flag or something.
Dec 5, 2018 at 9:17pmWeb
Show threadeidolonDec 5, 2018
@mcc this is what I figured but I would imagine requiring people to hold their private keys is prohibitive for non technical users, so I'm not even sure if it would fully address the problem.
Show threadmccDec 5, 2018
@shaderphantom So consider the idea of a Bitcoin wallet— most people can't keep track of that private key, so sites exist that hold a private key for you. this is an example of *a* solution to a problem like this.
Show threadeidolonDec 5, 2018

@mcc hmm.

seems like you could provision that public key in the actor for a user. Then have an actor representing the server who posts an activity to the entire federation with the signature produced by the user's private key. Then the other servers would assume authorization when submitting Update activities for every Activity the old actor made, to reassign attribution. Would require an extension to the spec that other servers would need to support though. Hrm.

Show threadAubreyDec 5, 2018
@mcc @shaderphantom apps holding tokens could be another good one, and so on. but yeah, tech doesn't solve everything here. We mostly need a social understanding of how to resolve this, that people need to confirm the real person vs. a hacked system, levels of trust, etc. It'll likely vary depending on the users involved.