ShoqJan 8, 2023
We are at most, a few months away from apps with content and sharing mechanisms just not possible on Twitter or other centralized, closed-source platforms. That's when the momentum will really start to build for Activitypub and other protocols supporting federated networks. We have stop talking about it being a twitter "alternative" and start talking about is as an evolutionary step forward in global social networking. Because that's what it is.
Show threadParanoid FactoidJan 9, 2023

@shoq

Why is anyone using an app to access a #freesoftware project like #Mastodon that's free and doesn't track users or violate #privacy?

Wouldn't it make more sense to focus that effort on #mobileweb and let everyone use the same interface regardless of platform? The way the web intended.

Show threadImbolc

@ParanoidFactoid @shoq The individual web UIs of the Mastodon servers will probably never be able to fix the cross-server follow/boost/like usability barriers that exist now, because of cross-server web/JavaScript security barriers.

Native third-party apps don't have these restrictions.

Though, as a compromise maybe third-party web apps like Pinafore or Elk, can also solve these problems.

Jan 9, 2023 at 4:34amWeb
Show threadParanoid FactoidJan 9, 2023

@eob @shoq

I don't understand this argument. Are you speaking specifically to mobile browser implementations differing from desktop?

Show threadJoel de BruijnJan 9, 2023
@ParanoidFactoid @eob @shoq
No is a browser thing in general.
If I click a profile on another instance I cant follow because I am not logged in there.
Show threadParanoid FactoidJan 9, 2023

@joeldebruijn @eob @shoq

Wait. I'm on Mastodon.social. if I load the url:

Https://Fosston.org/joeldebruijn

I will not be logged in at Fosston.org and will be unable to follow. Correct?

But if I load:

Https://mastodon.social/@joeld[email protected]

I will get your profile and I can follow from my home server.

What's the problem?

Show threadJoel de BruijnJan 9, 2023
@ParanoidFactoid @eob @shoq
The problem is:
- knowing the steps you mention and juggling urls for mainstream users versus their skills
- the friction it adds
Show threadParanoid FactoidJan 9, 2023

@joeldebruijn @eob @shoq

Also:

Kerberos single sign on, problem solved.

Show threadJoel de BruijnJan 9, 2023
@ParanoidFactoid @eob @shoq
I dont want to proliferate users on every instance I follow someone on.
Show threadImbolcJan 9, 2023

@ParanoidFactoid @joeldebruijn @shoq Well, probably not actually the Kerberos protocol, as it requires a trusted third party, i.e. a centralized server, which of something you cannot have in a decentralized system like Mastodon.

But maybe you could build something on top of the OAuth or OpenID protocols.

Show threadImbolcJan 9, 2023

@ParanoidFactoid @shoq Both mobile and desktop browsers have the same restrictions. In general they store data for each web site separately in a way that makes it hard to write browser-only apps that seamlessly talk to multiple web sites.

Because each Mastodon server's built-in web UI is at a different web site, it is hard to create frictionless user flows that span across different Mastodon servers.

Show threadParanoid FactoidJan 9, 2023

@eob @shoq

Is this due to cross site scripting blocks some ten years ago?

Single sign on solves this problem server side.