home.social

#openwebauth — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #openwebauth, aggregated by home.social.

  1. Das ist ja mal eine sehr coole Nachricht. Hubzilla hat Collaboraonline in sein Addon System aufgenommen. Mit OpenWebAuth kann auf Friendica von dieser Innovation partizipieren, in dem es sich einfach die Hubzilla Ressourcen ausleiht. Dafür ist kein Account auf Hubzilla erforderlich, sondern lediglich das Recht, auf die Anwendung, als auch auf den Cloudspeicher zu zugreifen.

    So macht Kollaboration Sinn
    #fediverse #hubzilla #friendica #collaboraonline #OpenWebAuth #innovation
    RE: hub.somaton.com/item/978b89a2-…

  2. @FenTiger I think it does. And even then, it doesn't have a full, server-side and client-side implementation, only a client-side implementation like Friendica and Tootik.

    #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #OpenWebAuth #Mitra #Friendica #Tootik
  3. @Tokyo Outsider (337ppm) First of all, Lemmy would need OpenWebAuth server support because all that stuff would happen on a Lemmy server.

    Mastodon would need OpenWebAuth client support because you as the Mastodon user would be the visitor, and Mastodon would basically act as a client.

    Even then, you wouldn't actually log onto that Lemmy instance. In order to do that, you'd need a local account on that Lemmy instance that you could log onto, and Lemmy would have to use your Mastodon login via OpenWebAuth to recognise you and automatically log you onto your Lemmy account.

    Even that wouldn't work because the Lemmy instance wouldn't have any way of knowing that your Mastodon login as a guest belongs to the same person as your local Lemmy account. You'd still only have guest permissions.

    So OpenWebAuth won't fix your very problem.

    And Mastodon didn't just reject an OpenWebAuth proposal. It rejected an actually coded, tested, ready-to-be-merged-into-dev pull request. Existing code that could have been built into Mastodon immediately.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Mastodon #Lemmy #OpenWebAuth
  4. @Tokyo Outsider (337ppm) Well, there is OpenWebAuth magic sign-on. It works by one Fediverse server recognising your login on another Fediverse server and then granting you permissions.

    However, it cannot replace a local account. If you don't have a local account on a server that has server-side OpenWebAuth support, it does not give you all the power that you'd have with a local account on that server. It only gives you guest permissions.

    This also means that server-side OpenWebAuth support is completely useless on Fediverse software that doesn't have a permission system such as Mastodon or Lemmy. This is why not much more than Hubzilla, (streams) and Forte has both client-side and server-side OpenWebAuth support.

    In fact, the Mastodon developers have silenty rejected an already submitted merge request that would have added client-side OpenWebAuth support. What chances are there that Mastodon will introduce server-side OpenWebAuth support, seeing as that'd be completely useless on something as deliberately simple as Mastodon?

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Mastodon #Lemmy #Hubzilla #Streams #(streams) #Forte #OpenWebAuth
  5. @Strypey Locally writing content to the database of an ActivityPub-based server will inevitably require a local user account on that very server.

    I mean, we already have OpenWebAuth magic sign-on which was invented by @Mike Macgirvin ?️ for Hubzilla in 2017, and which also has full implementations in his later server applications (streams) and Forte and a client-side implementation on Mike's first project, Friendica. But without an actual account on another server, OpenWebAuth can only authenticate you on that other server as a guest and grant you certain guest permissions. It does not give you all the powers of a local user, at least not without a local account.

    Also, if you want to actually log in on another server, you will inevitably need local login credentials on that server. Which means that a user account with these login credentials must be created prior to you logging in on that server so that that server knows your login name and your password. Even if you want to use something like OAuth, that server will still require to know your credentials. They will have to be in that server's database before you can successfully log in.

    A server cannot and will not authenticate you against credentials in a wholly different remote server's database. What you and many other Fediverse users dream of can only be solved in two ways and both only theoretically because, in practice, they are just as impossible or at least very unfeasible.

    Either if you register an account on one Fediverse server, that account with the exact same credentials is simultaneously created on literally all other Fediverse servers, and on Hubzilla, (streams) and Forte, you also automatically get a channel along with that account. This also means that each Fediverse server that's installed and spun up for the first time will immediately have to create tens of millions of accounts so that everyone all over the Fediverse automatically has login credentials on that server. I guess it should be clear that this is impossible, also because this requires a) a centralised list of absolutely all Fediverse accounts and identities and b) a centralised list of all Fediverse servers to be hard-coded into every last instance of every last Fediverse server out there.

    Now, I keep reading stuff like, "But I don't want to use all Fediverse servers!" No, but you want to be able to use any Fediverse server. And then you will have to have an account there. How is the Fediverse supposed to know in advance which servers you will visit this year, the next two years, five years, ten years so that accounts can be automatically created for you exactly there and nowhere else?

    See? And that's why, if you want to be able to use any server like with a local account, every server must be prepared for it before you arrive.

    Or drive-by registration: You visit a Fediverse server for the first time, your active login is recognised by that Fediverse server, and an account is created for you on the fly with the exact same login credentials as where you're already logged in. That's its own can of worms.

    Also, it requires remote authentication. OpenWebAuth. As I've already said: This is technology that's eight years old, and that's being daily-driven right now. But: You will never have this on Mastodon. There actually is a pull request for Mastodon from two years ago that would have implemented client-side OpenWebAuth support. It was never merged. It was silently rejected by the Mastodon developers. The PR was closed in November, 2024.

    Some people go even further: They don't just want their login credentials wherever they go, they want their whole identity cloned to everywhere. They want all their stuff, all their posts and comments and DMs, all their followers and followed, all their settings, all their filters etc. etc. pp., they want it everywhere all the same. Like a nomadic identity (an invention by Mike from 2011, first implemented in 2012) across up to 30,000 servers.

    Now, you and many others on Mastodon are probably going to cry out, "YES, YES, PLEASE MAKE THIS REALITY!"

    But seriously: I myself have actually cloned enough Hubzilla and (streams) channels of mine in my time. None of them even had nearly as much content on them as your Mastodon account. And I can tell from a lot of personal experience that this cannot be done within a blink of an eye.

    Nomadic identity won't come to Mastodon anyway. Nomadic identity via ActivityPub is probably being daily-driven already. Forte has it, and it relies on it. But Mastodon will never implement it. In particular, Mastodon would rather re-invent the "nomadic identity" wheel in a way that's incompatible with what we already have than implement something made by Mike Macgirvin. Not after all the head-butting that has happened between Mike and Gargron over the years.

    And OpenWebAuth won't come to Mastodon either. Probably also for the same reason.

    CC: @Tim Chambers @rakoo @Ben Pate 🤘🏻

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Mastodon #Friendica #Hubzilla #Streams #(streams) #Forte #OpenWebAuth #SingleSignOn #NomadicIdentity
  6. @Ben Pate 🤘🏻 Allow me to take a look at this from a Hubzilla/(streams)/Forte point of view.

    The Sin of Overwhelming Complexity: Instance Selection Paralysis


    The only way to really combat this effectively is by hiding the whole concept of servers/instances at first, railroading everyone to a server and only letting them know about decentralisation and servers/instances after the fact.

    In theory, this could be doable with Hubzilla, (streams) and Forte, and even better than with Mastodon with its themed servers. It wouldn't make sense to offer Hubzilla, (streams) or Forte servers for certain topics or target audiences, seeing as the whole thing would become moot the very moment when you make your first clone on another server. Simply build a kind of "automatic on-boarder" that sends everyone to the geographically closest open-registration server.

    In practice, that'd be a bad idea, but for a different reason than on Mastodon. And that's how these servers tend to be very different. Not in topic. Not in target audiences. Not in rules. But in features. Hubzilla is modular, (streams) is modular, Forte is modular, and each admin decides differently on which "apps" to activate. Then you want to join Hubzilla for one cool feature, but the on-boarder railroads you to a server where that very feature isn't even activated.

    Sure, the on-boarder could include the option to select certain features that you absolutely must have in your new home and then pick a server that has them. But that'd be extra hassle and extra confusing.

    Besides, where'd you put that on-boarder? On the official Hubzilla website? Haha, no can do. The official Hubzilla website is a webpage on a Hubzilla channel itself. It's all just dumb old static HTML with a CSS. If it's even HTML and not Markdown or BBcode, that is. You couldn't add scripts to it if you tried.

    Oh, and (streams) and Forte don't even have official websites. And (streams) will never have one, seeing as it's officially and intentionally nameless, brandless and totally not even a project. Their "websites" are readme files in their code repositories on Codeberg.

    The Sin of Inconsistent Navigation: Timeline Turmoil


    The streams on Hubzilla, (streams) and Forte are quite a bit different from Mastodon timelines.

    First of all, what you usually don't have on public servers is the counterpart to Mastodon's local timeline and Mastodon's federated timeline. On all three, this would be only one stream, the "public stream" or "pubstream". It can be switched by the admin to either what'd be local or what'd be federated. However, public servers usually have it off entirely. Unavailable even to local users. That's because the admins don't want to be held liable for what's happening on the pubstream.

    Technically speaking, you only have one stream on a public server, and that's your channel stream. It's much more efficient than a Mastodon timeline because it always shows entire conversations by default instead of detached single-message piecemeal, and because it has a counter for unread messages which even lists these unread messages for you to directly go to the corresponding conversation. But that's another story.

    However, your channel stream can be viewed on your channel page, conversation by conversation, or it can be viewed on the stream page as an actual stream with all conversations shown in a feed/timeline-like fashion, one upon another, and with its own set of built-in filters such as "only my own messages" or "only conversations started by members of one particular privacy group/access list" or "only conversations from one particular group actor". It's actually much more convenient than any Mastodon timeline, but for those who want a Twitter clone for dumb-dumbs, it can be very overwhelming.

    Yes, Hubzilla, (streams) and Forte are much more complex in handling than, say, snac2. But they're also much more complex in features than snac2. That power is their USP. And that power must be harnessed somehow.

    The Sin of Remote Interaction Purgatory: Federation Gymnastics


    Sure, Hubzilla, (streams) and Forte have some of the best built-in search systems in the whole Fediverse. They can pull almost everything onto your channel stream just by searching for it. And if it has replies, chances are they pull these in as well.

    But still, they're geared towards desktop users. They still require copy-paste. Phone users don't copy paste. Most of them don't even know the very concept of copy-paste. For most of those who do, copy-paste is much too fumbly if the input device available to them is a 6" touch screen.

    You can't blame them, though. This is next to impossible to do any differently. I mean, you won't see a button magically appear with which you can pull in just that one post or comment you want to pull in.

    Rather, the issue is that they can only reel in almost everything. Sometimes the search returns nothing, like a void. Sometimes the search runs indefinitely without any kind of result. This may be because someone has blocked your channel, because someone has blocked your entire server, because the server someone is on has blocked you or your entire server, because Hubzilla/(streams)/Forte doesn't understand the URI pasted into the search field or whatever.

    So this is made worse by Hubzilla, (streams) and Forte not knowing what they can search for, what they can't and why not.

    Connecting with someone whom you encounter on your channel stream is fairly easy. Connections can be initiated with only two clicks. Either you click their long name, and you're taken to a pretty much distraction-less local "intermediate page" with a striking green button that's labelled "+ Connect". Or if you don't want to leave the channel page, you hover your mouse cursor over their profile picture, click on the little white arrow that appears, and you get a small menu that offers you the "Connect" option as well. Granted, even some veterans don't know the latter trick because it isn't immediately advertised on the channel page.

    Also, sure, you don't simply follow them right off the bat with nothing else to do like on Mastodon. You're taken to your Connections page, and you have to configure the connection (you don't have to do that on Mastodon because you can't configure connections on Mastodon).

    Following accounts/channels from the directory is a bit easier. The green "+ Connect" button is there right away (unless you're already connected). However, Hubzilla's directory only lists channels based on the Nomad protocol, i.e. Hubzilla and (streams) channels, because ActivityPub is only implemented in an optional, off-by-default-for-new-channels add-on whereas it's in the core and on by default on (streams) and the only available protocol on Forte.

    Importing contents or following actors when seeing them locally on other servers without copy-pasting and searching can be done. It requires OpenWebAuth magic single sign-on, however, and it requires it to be implemented on all servers of all Fediverse server applications from Mastodon to WordPress to Ghost to Flipboard. Hubzilla, (streams) and Forte are the only Fediverse server applications with full (client-side and server-side) OpenWebAuth implementations. But that's of little use if the rest of the Fediverse doesn't have server-side implementations, and Mastodon has even silently rejected a mere client-side implementation already developed to a pull request two years ago.

    The Sin of DM Disasters Waiting to Happen


    I think this is less of an issue on Hubzilla, (streams) and Forte because they handle DMs differently from Mastodon (which "the Fediverse" actually refers to in the article).

    On all three, DMs are integrated into their extensive, fine-grained permissions system in which everything is only public if it's really public. The difference between a post and a DM is not just a switch.

    If I want to DM you, I can either tag you @!{[email protected]} rather than @[url=https://mastodon.social/@benpate]Ben Pate 🤘🏻[/url]. Then you're a) the only one to whom the message is sent (it literally doesn't even go out to any other server than mastodon.social plus my clone on hub.hubzilla.de as can be seen in the delivery report) and b) the only one who is granted permission to view the message.

    Or I can use the padlock icon and select you from the opening list as the sole recipient. The very moment that I select certain recipients, the post I'm composing quits being public, and the padlock icon switches from open to closed. This isn't a one-click or two-click toggle. You don't do that casually. It's basically configuration. It requires so many mouse clicks that you do it consciously and intentionally. If you want to post in private, you have to really want to post in private.

    Better yet: You can default to posting only to a certain limited target audience. In fact, by default on a brand-new channel, you only post to the members of one privacy group/access list (which is a Mastodon list on coke and 'roids). You have to manually reconfigure your new channel if you want to post to the general public by default.

    If you preview your post, you can see whether it's a direct message to one or multiple single connections (envelope icon next to your long name), a limited-permissions message to one or multiple privacy groups/access lists/group actors (closed padlock icon) or actually public (no icon).

    Even better yet: Posts to group actors generally aren't public. Posts to at least Friendica groups, Hubzilla forums, (streams) groups and Forte groups are never public. They do not go out to your followers as well unless they're connected to the same group. And this is independent from whether a group is public or private. You can't accidentially post to a group actor in public, and if you do, you don't post to that group actor at all, at least not in a way that makes the group actor forward your post to its other connections.

    Granted, what does not happen is your background switching from your background colour or background image (which can be user-configured) to red #800000 or a yellow-and-back chevron pattern when you change visibility and permissions to something that isn't public.

    The Sin of Ghost Conversations and Phantom Follower Counts


    And again, when @Tim Chambers says, "the Fediverse", he almost exclusively means Mastodon. He writes as if the entire Fediverse handled conversations as terribly as Mastodon, as if the entire Fediverse was as blissfully unaware of enclosed conversations as Mastodon. Which is not the case.

    Hubzilla, (streams) and Forte, as well as their ancestor Friendica, handle conversations in ways that exceed Mastodon users' imaginations and wildest dreams by magnitudes. Unlike Mastodon, they know threaded conversations, and they see them as enclosed objects where only the start post counts as a post, and everything else counts as a comment.

    This means that once you've received a post on your stream, you will also receive all comments on that post, regardless of whether or not you follow the commenters, regardless of whether or not they mention you. That's because all four reel in the comments not from the commentors, but from the original poster who is perceived as the owner of the thread. Only blocks or channel-wide filters can prevent comments from coming in.

    Beyond that, (streams) was the first to introduce Conversation Containers. Forte inherited them from (streams), and when they were defined in FEP-171b, Hubzilla implemented them, too.

    Here on Hubzilla, I can see all comments in this thread because my channel has fetched them directly from @Johannes Ernst. And I can actually see them right away because that's the default view here on Hubzilla, rather than Mastodon's piecemeal.

    Even if you import a post manually using the search feature (and you better import the actual start post), AFAIK existing comments will eventually be backfilled. Comments that come in after importing will definitely end up on your stream as part of the thread.

    So this is not a shortcoming of the Fediverse. The Fediverse has been able to do better for 15 years. It's a shortcoming of Mastodon.

    The only "issue" here may be that it sometimes takes some time for a comment to show up for some reasons. But unless there are blocks or filters in play, it eventually will.

    The Sin of Invisible Discovery: The Content Mirage


    I'm not going to pick on the audacious implication that "Eugen and team" invented the Fediverse.

    But Tim writes like literally everyone wants "the Fediverse" (read, actually Mastodon) to be literally Twitter without Musk.

    Also:
    • Friendica has had full-blown full-text search since its inception as early as 2010. Five and a half years longer than Mastodon has even existed.
    • Hubzilla has had full-blown full-text search since its inception as early as 2011 when it was forked from Free-Friendika. It has inherited full-text search from Friendica.
    • (streams) and Forte have had full-blown full-text search since their respective inception in 2021 and 2024, both having inherited it themselves.

    Oh, and none of them has an explicit opt-in switch to soothe panicking Twitter converts because panicking Twitter converts have never been the primary target audience of either of them.

    Instead, on Hubzilla, whether someone can find your content depends on whether they've got permission to view it in the first place ("Can view my channel stream and posts"). If it's public, they have it. Full stop. Public is public is public. Stop whining. You've made it public, now deal with everything being able to see it.

    (streams) and Forte behave the same. In addition, they have an extra permission: "Grant search access to your channel stream and posts". This controls who may search your channel stream using your own local search feature while visiting your channel locally. Something that isn't even possible on Mastodon.

    As for not having any content on my channel stream before I connect to anyone: I, for one, do not want some algorithm to force content upon me that I'm not interested in. Full. Frigging. Stop. I want to have full and exclusive control over what I see and what I don't.

    The Sin of User Discovery Hell


    Can it really be that Mastodon's directory is so much worse than Friendica's, Hubzilla's, (streams)' and Forte's directories? I guess it is because it really only lists local accounts on that one particular server. A side-effect of Mastodon being a microblogging service and Twitter clone. And not a full-blown, fully-featured social network and Facebook alternative. No, seriously, it isn't that.

    Friendica is. It was designed as such. It was designed to take Facebook's place, and not by aping and cloning Facebook, but by being better than Facebook.

    The directory on each node is decentralised. It lists all actors known to that node. What's outright unimaginable from a Mastodon point of view: It takes the keywords in the profiles into account. Better even: It ranks suggestions by the number of matching keywords.

    Want something centralised instead? Try the Friendica Directory. Looking for people? Looking for news accounts? Looking for groups? There are specialised tabs for that. Friendica can tell them apart, and so can the Friendica Directory.

    Caveat: The Friendica Directory only lists Friendica accounts. Friendica's built-in directory should list everything it knows. I haven't used Friendica in many years, but I guess this even includes diaspora* accounts because why not?

    Hubzilla has indirectly inherited its directory from Friendica. This is the directory on Netzgemeinde, the biggest Hubzilla hub.

    Again, it lists local as well as federated channels. You can choose whether to see only local channels ("This Website Only") or federated channels as well. You can choose whether channels flagged NSFW shall be listed or not ("Safe Mode"). You can choose to only have group actors listed that let themselves be listed ("Public Forums Only"). You have a cloud of keywords from the keyword lists in the profiles that you can filter by (Mastodon doesn't even have keyword lists in profiles). You have full-text search for names and keywords. There's even a Facebook-style suggestion mode that proposes connections to you with a ranking based on your keywords and their keywords as well as the number of common connections, and that still has the same filters.

    Caveat this time: Hubzilla's directory only supports the one sole protocol built into Hubzilla's core. And that's Zot6. This means that Hubzilla's directory only lists Hubzilla and (streams) channels because Hubzilla and (streams) are the only Fediverse server applications that support Zot6.

    (streams) and Forte have inherited their directories again. And they probably have the most powerful decentralised directories in the entire Fediverse. I'd give you a link, but (streams) directories generally aren't public; only local channels can access them.

    These directories are similar to the ones on Hubzilla. You see local and federated actors, and you can choose to only see local actors ("This Website Only"). You can choose to only see group actors ("Groups Only"). You can choose to not see channels flagged NSFW ("Safe Mode"). What's new: Inactive actors can be kept out, too ("Recently Updated").

    Now it comes: (streams) has ActivityPub built into its core, and it's on by default on new channels. Forte is entirely based on ActivityPub.

    This means that their directories can list anything from anywhere that uses ActivityPub. "Groups Only" gives you Guppe groups, Lemmy communities, /kbin and Mbin magazines, PieFed communities, Mobilizon groups, Flipboard magazines, Friendica groups, Hubzilla forums, (streams) groups, Forte groups etc., all on one list.

    (streams) has a slight edge over Forte here because it also lists Hubzilla and (streams) channels that have ActivityPub off such as the Streams Users Tea Garden where ActivityPub was turned off with the very intention to keep Mastodon out.

    If there was a gigantic Forte server, as big as mastodon.social, and its directory was accessible to the public, that directory would be the best directory in the Fediverse for anything really. If it was on (streams), it would list more, but it would confuse some users of e.g. Mastodon who'd try to follow Hubzilla or (streams) channels that have ActivityPub off. Forte simply doesn't list these because it can't find them.

    A global directory of everything sounds like a good idea, but it's next to impossible to implement.

    Either the directory would go look for actors itself. In order to do that, it would have to know within a split-second not only whenever a new actor is created somewhere so it can index that actor right away, but also whenever a new server is spun up so that the admin actor can be indexed, and that server can be watched. How is it supposed to know all that?

    Well, or the directory, a single, monolithic, centralised website, would have to be hard-coded into all Fediverse server software. That way, each server could immediately report newly created actors to the central directory upon their creation.

    For starters, this would make the whole Fediverse depend on one single centralised website under the control of, if bad comes to worse, one person.

    Besides, this would be a privacy nightmare. Let's suppose I create a new (streams) channel that's supposed to be private. Its existence and all its properties would be sent to the central directory before I can set it to private and restrict its permissions. This wouldn't be so bad on Hubzilla because I'd make the channel private before I turn on PubCrawl and make the channel accessible to the directory in the first place because the directory would only understand ActivityPub.

    Of course, the directory would mostly be built against Mastodon. It would not understand the permissions systems implemented on Hubzilla, (streams) and Forte, and it might happily siphon off the profiles of channels where access to the profile is restricted and make them publicly accessible. On the other hand, this is likely to mean that the directory couldn't read most of Hubzilla's, (streams)' and Forte's profile text fields anyway because Mastodon doesn't have them.

    But such a centralised directory wouldn't make connecting to other users that much easier and more convenient. You'd still have to copy and paste URLs or IDs into your local search and search for them (unless you're on Friendica, Hubzilla, (streams) or Forte where you can connect to URLs directly). At the very least, you should be able to go to the centralised directory and follow anyone just by clicking or tapping them. That, however, would require OpenWebAuth support on both your home server and that directory.

    Ideally, that directory would be firmly built into all instances of all Fediverse software from snac2 to Mastodon to Hubzilla, even replacing any existing directory to confuse people less. But that would make the Fediverse even more dependent on one central website and its owner, something which should be avoided at all cost.

    Lastly, nothing can ever be built into all instances of all Fediverse software. Remember that there's software with living instances that's barely being developed such as Plume. There's even software with living instances that's been officially pronounced dead such as Calckey, Firefish or /kbin. How are Firefish servers supposed to implement such a feature if nobody maintains Firefish anymore, and even the code repository was deleted?

    CC: @Risotto Bias

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Streams #(streams) #Forte #OpenWebAuth #SingleSignOn #NomadicIdentity #Search #FullTextSearch #Directory #Permissions #Privacy #Conversations #ThreadedConversations #FEP_171b #ConversationContainers
  7. @Ben Pate 🤘🏻 Allow me to take a look at this from a Hubzilla/(streams)/Forte point of view.

    The Sin of Overwhelming Complexity: Instance Selection Paralysis


    The only way to really combat this effectively is by hiding the whole concept of servers/instances at first, railroading everyone to a server and only letting them know about decentralisation and servers/instances after the fact.

    In theory, this could be doable with Hubzilla, (streams) and Forte, and even better than with Mastodon with its themed servers. It wouldn't make sense to offer Hubzilla, (streams) or Forte servers for certain topics or target audiences, seeing as the whole thing would become moot the very moment when you make your first clone on another server. Simply build a kind of "automatic on-boarder" that sends everyone to the geographically closest open-registration server.

    In practice, that'd be a bad idea, but for a different reason than on Mastodon. And that's how these servers tend to be very different. Not in topic. Not in target audiences. Not in rules. But in features. Hubzilla is modular, (streams) is modular, Forte is modular, and each admin decides differently on which "apps" to activate. Then you want to join Hubzilla for one cool feature, but the on-boarder railroads you to a server where that very feature isn't even activated.

    Sure, the on-boarder could include the option to select certain features that you absolutely must have in your new home and then pick a server that has them. But that'd be extra hassle and extra confusing.

    Besides, where'd you put that on-boarder? On the official Hubzilla website? Haha, no can do. The official Hubzilla website is a webpage on a Hubzilla channel itself. It's all just dumb old static HTML with a CSS. If it's even HTML and not Markdown or BBcode, that is. You couldn't add scripts to it if you tried.

    Oh, and (streams) and Forte don't even have official websites. And (streams) will never have one, seeing as it's officially and intentionally nameless, brandless and totally not even a project. Their "websites" are readme files in their code repositories on Codeberg.

    The Sin of Inconsistent Navigation: Timeline Turmoil


    The streams on Hubzilla, (streams) and Forte are quite a bit different from Mastodon timelines.

    First of all, what you usually don't have on public servers is the counterpart to Mastodon's local timeline and Mastodon's federated timeline. On all three, this would be only one stream, the "public stream" or "pubstream". It can be switched by the admin to either what'd be local or what'd be federated. However, public servers usually have it off entirely. Unavailable even to local users. That's because the admins don't want to be held liable for what's happening on the pubstream.

    Technically speaking, you only have one stream on a public server, and that's your channel stream. It's much more efficient than a Mastodon timeline because it always shows entire conversations by default instead of detached single-message piecemeal, and because it has a counter for unread messages which even lists these unread messages for you to directly go to the corresponding conversation. But that's another story.

    However, your channel stream can be viewed on your channel page, conversation by conversation, or it can be viewed on the stream page as an actual stream with all conversations shown in a feed/timeline-like fashion, one upon another, and with its own set of built-in filters such as "only my own messages" or "only conversations started by members of one particular privacy group/access list" or "only conversations from one particular group actor". It's actually much more convenient than any Mastodon timeline, but for those who want a Twitter clone for dumb-dumbs, it can be very overwhelming.

    Yes, Hubzilla, (streams) and Forte are much more complex in handling than, say, snac2. But they're also much more complex in features than snac2. That power is their USP. And that power must be harnessed somehow.

    The Sin of Remote Interaction Purgatory: Federation Gymnastics


    Sure, Hubzilla, (streams) and Forte have some of the best built-in search systems in the whole Fediverse. They can pull almost everything onto your channel stream just by searching for it. And if it has replies, chances are they pull these in as well.

    But still, they're geared towards desktop users. They still require copy-paste. Phone users don't copy paste. Most of them don't even know the very concept of copy-paste. For most of those who do, copy-paste is much too fumbly if the input device available to them is a 6" touch screen.

    You can't blame them, though. This is next to impossible to do any differently. I mean, you won't see a button magically appear with which you can pull in just that one post or comment you want to pull in.

    Rather, the issue is that they can only reel in almost everything. Sometimes the search returns nothing, like a void. Sometimes the search runs indefinitely without any kind of result. This may be because someone has blocked your channel, because someone has blocked your entire server, because the server someone is on has blocked you or your entire server, because Hubzilla/(streams)/Forte doesn't understand the URI pasted into the search field or whatever.

    So this is made worse by Hubzilla, (streams) and Forte not knowing what they can search for, what they can't and why not.

    Connecting with someone whom you encounter on your channel stream is fairly easy. Connections can be initiated with only two clicks. Either you click their long name, and you're taken to a pretty much distraction-less local "intermediate page" with a striking green button that's labelled "+ Connect". Or if you don't want to leave the channel page, you hover your mouse cursor over their profile picture, click on the little white arrow that appears, and you get a small menu that offers you the "Connect" option as well. Granted, even some veterans don't know the latter trick because it isn't immediately advertised on the channel page.

    Also, sure, you don't simply follow them right off the bat with nothing else to do like on Mastodon. You're taken to your Connections page, and you have to configure the connection (you don't have to do that on Mastodon because you can't configure connections on Mastodon).

    Following accounts/channels from the directory is a bit easier. The green "+ Connect" button is there right away (unless you're already connected). However, Hubzilla's directory only lists channels based on the Nomad protocol, i.e. Hubzilla and (streams) channels, because ActivityPub is only implemented in an optional, off-by-default-for-new-channels add-on whereas it's in the core and on by default on (streams) and the only available protocol on Forte.

    Importing contents or following actors when seeing them locally on other servers without copy-pasting and searching can be done. It requires OpenWebAuth magic single sign-on, however, and it requires it to be implemented on all servers of all Fediverse server applications from Mastodon to WordPress to Ghost to Flipboard. Hubzilla, (streams) and Forte are the only Fediverse server applications with full (client-side and server-side) OpenWebAuth implementations. But that's of little use if the rest of the Fediverse doesn't have server-side implementations, and Mastodon has even silently rejected a mere client-side implementation already developed to a pull request two years ago.

    The Sin of DM Disasters Waiting to Happen


    I think this is less of an issue on Hubzilla, (streams) and Forte because they handle DMs differently from Mastodon (which "the Fediverse" actually refers to in the article).

    On all three, DMs are integrated into their extensive, fine-grained permissions system in which everything is only public if it's really public. The difference between a post and a DM is not just a switch.

    If I want to DM you, I can either tag you @!{[email protected]} rather than @[url=https://mastodon.social/@benpate]Ben Pate 🤘🏻[/url]. Then you're a) the only one to whom the message is sent (it literally doesn't even go out to any other server than mastodon.social plus my clone on hub.hubzilla.de as can be seen in the delivery report) and b) the only one who is granted permission to view the message.

    Or I can use the padlock icon and select you from the opening list as the sole recipient. The very moment that I select certain recipients, the post I'm composing quits being public, and the padlock icon switches from open to closed. This isn't a one-click or two-click toggle. You don't do that casually. It's basically configuration. It requires so many mouse clicks that you do it consciously and intentionally. If you want to post in private, you have to really want to post in private.

    Better yet: You can default to posting only to a certain limited target audience. In fact, by default on a brand-new channel, you only post to the members of one privacy group/access list (which is a Mastodon list on coke and 'roids). You have to manually reconfigure your new channel if you want to post to the general public by default.

    If you preview your post, you can see whether it's a direct message to one or multiple single connections (envelope icon next to your long name), a limited-permissions message to one or multiple privacy groups/access lists/group actors (closed padlock icon) or actually public (no icon).

    Even better yet: Posts to group actors generally aren't public. Posts to at least Friendica groups, Hubzilla forums, (streams) groups and Forte groups are never public. They do not go out to your followers as well unless they're connected to the same group. And this is independent from whether a group is public or private. You can't accidentially post to a group actor in public, and if you do, you don't post to that group actor at all, at least not in a way that makes the group actor forward your post to its other connections.

    Granted, what does not happen is your background switching from your background colour or background image (which can be user-configured) to red #800000 or a yellow-and-back chevron pattern when you change visibility and permissions to something that isn't public.

    The Sin of Ghost Conversations and Phantom Follower Counts


    And again, when @Tim Chambers says, "the Fediverse", he almost exclusively means Mastodon. He writes as if the entire Fediverse handled conversations as terribly as Mastodon, as if the entire Fediverse was as blissfully unaware of enclosed conversations as Mastodon. Which is not the case.

    Hubzilla, (streams) and Forte, as well as their ancestor Friendica, handle conversations in ways that exceed Mastodon users' imaginations and wildest dreams by magnitudes. Unlike Mastodon, they know threaded conversations, and they see them as enclosed objects where only the start post counts as a post, and everything else counts as a comment.

    This means that once you've received a post on your stream, you will also receive all comments on that post, regardless of whether or not you follow the commenters, regardless of whether or not they mention you. That's because all four reel in the comments not from the commentors, but from the original poster who is perceived as the owner of the thread. Only blocks or channel-wide filters can prevent comments from coming in.

    Beyond that, (streams) was the first to introduce Conversation Containers. Forte inherited them from (streams), and when they were defined in FEP-171b, Hubzilla implemented them, too.

    Here on Hubzilla, I can see all comments in this thread because my channel has fetched them directly from @Johannes Ernst. And I can actually see them right away because that's the default view here on Hubzilla, rather than Mastodon's piecemeal.

    Even if you import a post manually using the search feature (and you better import the actual start post), AFAIK existing comments will eventually be backfilled. Comments that come in after importing will definitely end up on your stream as part of the thread.

    So this is not a shortcoming of the Fediverse. The Fediverse has been able to do better for 15 years. It's a shortcoming of Mastodon.

    The only "issue" here may be that it sometimes takes some time for a comment to show up for some reasons. But unless there are blocks or filters in play, it eventually will.

    The Sin of Invisible Discovery: The Content Mirage


    I'm not going to pick on the audacious implication that "Eugen and team" invented the Fediverse.

    But Tim writes like literally everyone wants "the Fediverse" (read, actually Mastodon) to be literally Twitter without Musk.

    Also:
    • Friendica has had full-blown full-text search since its inception as early as 2010. Five and a half years longer than Mastodon has even existed.
    • Hubzilla has had full-blown full-text search since its inception as early as 2011 when it was forked from Free-Friendika. It has inherited full-text search from Friendica.
    • (streams) and Forte have had full-blown full-text search since their respective inception in 2021 and 2024, both having inherited it themselves.

    Oh, and none of them has an explicit opt-in switch to soothe panicking Twitter converts because panicking Twitter converts have never been the primary target audience of either of them.

    Instead, on Hubzilla, whether someone can find your content depends on whether they've got permission to view it in the first place ("Can view my channel stream and posts"). If it's public, they have it. Full stop. Public is public is public. Stop whining. You've made it public, now deal with everything being able to see it.

    (streams) and Forte behave the same. In addition, they have an extra permission: "Grant search access to your channel stream and posts". This controls who may search your channel stream using your own local search feature while visiting your channel locally. Something that isn't even possible on Mastodon.

    As for not having any content on my channel stream before I connect to anyone: I, for one, do not want some algorithm to force content upon me that I'm not interested in. Full. Frigging. Stop. I want to have full and exclusive control over what I see and what I don't.

    The Sin of User Discovery Hell


    Can it really be that Mastodon's directory is so much worse than Friendica's, Hubzilla's, (streams)' and Forte's directories? I guess it is because it really only lists local accounts on that one particular server. A side-effect of Mastodon being a microblogging service and Twitter clone. And not a full-blown, fully-featured social network and Facebook alternative. No, seriously, it isn't that.

    Friendica is. It was designed as such. It was designed to take Facebook's place, and not by aping and cloning Facebook, but by being better than Facebook.

    The directory on each node is decentralised. It lists all actors known to that node. What's outright unimaginable from a Mastodon point of view: It takes the keywords in the profiles into account. Better even: It ranks suggestions by the number of matching keywords.

    Want something centralised instead? Try the Friendica Directory. Looking for people? Looking for news accounts? Looking for groups? There are specialised tabs for that. Friendica can tell them apart, and so can the Friendica Directory.

    Caveat: The Friendica Directory only lists Friendica accounts. Friendica's built-in directory should list everything it knows. I haven't used Friendica in many years, but I guess this even includes diaspora* accounts because why not?

    Hubzilla has indirectly inherited its directory from Friendica. This is the directory on Netzgemeinde, the biggest Hubzilla hub.

    Again, it lists local as well as federated channels. You can choose whether to see only local channels ("This Website Only") or federated channels as well. You can choose whether channels flagged NSFW shall be listed or not ("Safe Mode"). You can choose to only have group actors listed that let themselves be listed ("Public Forums Only"). You have a cloud of keywords from the keyword lists in the profiles that you can filter by (Mastodon doesn't even have keyword lists in profiles). You have full-text search for names and keywords. There's even a Facebook-style suggestion mode that proposes connections to you with a ranking based on your keywords and their keywords as well as the number of common connections, and that still has the same filters.

    Caveat this time: Hubzilla's directory only supports the one sole protocol built into Hubzilla's core. And that's Zot6. This means that Hubzilla's directory only lists Hubzilla and (streams) channels because Hubzilla and (streams) are the only Fediverse server applications that support Zot6.

    (streams) and Forte have inherited their directories again. And they probably have the most powerful decentralised directories in the entire Fediverse. I'd give you a link, but (streams) directories generally aren't public; only local channels can access them.

    These directories are similar to the ones on Hubzilla. You see local and federated actors, and you can choose to only see local actors ("This Website Only"). You can choose to only see group actors ("Groups Only"). You can choose to not see channels flagged NSFW ("Safe Mode"). What's new: Inactive actors can be kept out, too ("Recently Updated").

    Now it comes: (streams) has ActivityPub built into its core, and it's on by default on new channels. Forte is entirely based on ActivityPub.

    This means that their directories can list anything from anywhere that uses ActivityPub. "Groups Only" gives you Guppe groups, Lemmy communities, /kbin and Mbin magazines, PieFed communities, Mobilizon groups, Flipboard magazines, Friendica groups, Hubzilla forums, (streams) groups, Forte groups etc., all on one list.

    (streams) has a slight edge over Forte here because it also lists Hubzilla and (streams) channels that have ActivityPub off such as the Streams Users Tea Garden where ActivityPub was turned off with the very intention to keep Mastodon out.

    If there was a gigantic Forte server, as big as mastodon.social, and its directory was accessible to the public, that directory would be the best directory in the Fediverse for anything really. If it was on (streams), it would list more, but it would confuse some users of e.g. Mastodon who'd try to follow Hubzilla or (streams) channels that have ActivityPub off. Forte simply doesn't list these because it can't find them.

    A global directory of everything sounds like a good idea, but it's next to impossible to implement.

    Either the directory would go look for actors itself. In order to do that, it would have to know within a split-second not only whenever a new actor is created somewhere so it can index that actor right away, but also whenever a new server is spun up so that the admin actor can be indexed, and that server can be watched. How is it supposed to know all that?

    Well, or the directory, a single, monolithic, centralised website, would have to be hard-coded into all Fediverse server software. That way, each server could immediately report newly created actors to the central directory upon their creation.

    For starters, this would make the whole Fediverse depend on one single centralised website under the control of, if bad comes to worse, one person.

    Besides, this would be a privacy nightmare. Let's suppose I create a new (streams) channel that's supposed to be private. Its existence and all its properties would be sent to the central directory before I can set it to private and restrict its permissions. This wouldn't be so bad on Hubzilla because I'd make the channel private before I turn on PubCrawl and make the channel accessible to the directory in the first place because the directory would only understand ActivityPub.

    Of course, the directory would mostly be built against Mastodon. It would not understand the permissions systems implemented on Hubzilla, (streams) and Forte, and it might happily siphon off the profiles of channels where access to the profile is restricted and make them publicly accessible. On the other hand, this is likely to mean that the directory couldn't read most of Hubzilla's, (streams)' and Forte's profile text fields anyway because Mastodon doesn't have them.

    But such a centralised directory wouldn't make connecting to other users that much easier and more convenient. You'd still have to copy and paste URLs or IDs into your local search and search for them (unless you're on Friendica, Hubzilla, (streams) or Forte where you can connect to URLs directly). At the very least, you should be able to go to the centralised directory and follow anyone just by clicking or tapping them. That, however, would require OpenWebAuth support on both your home server and that directory.

    Ideally, that directory would be firmly built into all instances of all Fediverse software from snac2 to Mastodon to Hubzilla, even replacing any existing directory to confuse people less. But that would make the Fediverse even more dependent on one central website and its owner, something which should be avoided at all cost.

    Lastly, nothing can ever be built into all instances of all Fediverse software. Remember that there's software with living instances that's barely being developed such as Plume. There's even software with living instances that's been officially pronounced dead such as Calckey, Firefish or /kbin. How are Firefish servers supposed to implement such a feature if nobody maintains Firefish anymore, and even the code repository was deleted?

    CC: @Risotto Bias

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Streams #(streams) #Forte #OpenWebAuth #SingleSignOn #NomadicIdentity #Search #FullTextSearch #Directory #Permissions #Privacy #Conversations #ThreadedConversations #FEP_171b #ConversationContainers
  8. @Ben Pate 🤘🏻 Allow me to take a look at this from a Hubzilla/(streams)/Forte point of view.

    The Sin of Overwhelming Complexity: Instance Selection Paralysis


    The only way to really combat this effectively is by hiding the whole concept of servers/instances at first, railroading everyone to a server and only letting them know about decentralisation and servers/instances after the fact.

    In theory, this could be doable with Hubzilla, (streams) and Forte, and even better than with Mastodon with its themed servers. It wouldn't make sense to offer Hubzilla, (streams) or Forte servers for certain topics or target audiences, seeing as the whole thing would become moot the very moment when you make your first clone on another server. Simply build a kind of "automatic on-boarder" that sends everyone to the geographically closest open-registration server.

    In practice, that'd be a bad idea, but for a different reason than on Mastodon. And that's how these servers tend to be very different. Not in topic. Not in target audiences. Not in rules. But in features. Hubzilla is modular, (streams) is modular, Forte is modular, and each admin decides differently on which "apps" to activate. Then you want to join Hubzilla for one cool feature, but the on-boarder railroads you to a server where that very feature isn't even activated.

    Sure, the on-boarder could include the option to select certain features that you absolutely must have in your new home and then pick a server that has them. But that'd be extra hassle and extra confusing.

    Besides, where'd you put that on-boarder? On the official Hubzilla website? Haha, no can do. The official Hubzilla website is a webpage on a Hubzilla channel itself. It's all just dumb old static HTML with a CSS. If it's even HTML and not Markdown or BBcode, that is. You couldn't add scripts to it if you tried.

    Oh, and (streams) and Forte don't even have official websites. And (streams) will never have one, seeing as it's officially and intentionally nameless, brandless and totally not even a project. Their "websites" are readme files in their code repositories on Codeberg.

    The Sin of Inconsistent Navigation: Timeline Turmoil


    The streams on Hubzilla, (streams) and Forte are quite a bit different from Mastodon timelines.

    First of all, what you usually don't have on public servers is the counterpart to Mastodon's local timeline and Mastodon's federated timeline. On all three, this would be only one stream, the "public stream" or "pubstream". It can be switched by the admin to either what'd be local or what'd be federated. However, public servers usually have it off entirely. Unavailable even to local users. That's because the admins don't want to be held liable for what's happening on the pubstream.

    Technically speaking, you only have one stream on a public server, and that's your channel stream. It's much more efficient than a Mastodon timeline because it always shows entire conversations by default instead of detached single-message piecemeal, and because it has a counter for unread messages which even lists these unread messages for you to directly go to the corresponding conversation. But that's another story.

    However, your channel stream can be viewed on your channel page, conversation by conversation, or it can be viewed on the stream page as an actual stream with all conversations shown in a feed/timeline-like fashion, one upon another, and with its own set of built-in filters such as "only my own messages" or "only conversations started by members of one particular privacy group/access list" or "only conversations from one particular group actor". It's actually much more convenient than any Mastodon timeline, but for those who want a Twitter clone for dumb-dumbs, it can be very overwhelming.

    Yes, Hubzilla, (streams) and Forte are much more complex in handling than, say, snac2. But they're also much more complex in features than snac2. That power is their USP. And that power must be harnessed somehow.

    The Sin of Remote Interaction Purgatory: Federation Gymnastics


    Sure, Hubzilla, (streams) and Forte have some of the best built-in search systems in the whole Fediverse. They can pull almost everything onto your channel stream just by searching for it. And if it has replies, chances are they pull these in as well.

    But still, they're geared towards desktop users. They still require copy-paste. Phone users don't copy paste. Most of them don't even know the very concept of copy-paste. For most of those who do, copy-paste is much too fumbly if the input device available to them is a 6" touch screen.

    You can't blame them, though. This is next to impossible to do any differently. I mean, you won't see a button magically appear with which you can pull in just that one post or comment you want to pull in.

    Rather, the issue is that they can only reel in almost everything. Sometimes the search returns nothing, like a void. Sometimes the search runs indefinitely without any kind of result. This may be because someone has blocked your channel, because someone has blocked your entire server, because the server someone is on has blocked you or your entire server, because Hubzilla/(streams)/Forte doesn't understand the URI pasted into the search field or whatever.

    So this is made worse by Hubzilla, (streams) and Forte not knowing what they can search for, what they can't and why not.

    Connecting with someone whom you encounter on your channel stream is fairly easy. Connections can be initiated with only two clicks. Either you click their long name, and you're taken to a pretty much distraction-less local "intermediate page" with a striking green button that's labelled "+ Connect". Or if you don't want to leave the channel page, you hover your mouse cursor over their profile picture, click on the little white arrow that appears, and you get a small menu that offers you the "Connect" option as well. Granted, even some veterans don't know the latter trick because it isn't immediately advertised on the channel page.

    Also, sure, you don't simply follow them right off the bat with nothing else to do like on Mastodon. You're taken to your Connections page, and you have to configure the connection (you don't have to do that on Mastodon because you can't configure connections on Mastodon).

    Following accounts/channels from the directory is a bit easier. The green "+ Connect" button is there right away (unless you're already connected). However, Hubzilla's directory only lists channels based on the Nomad protocol, i.e. Hubzilla and (streams) channels, because ActivityPub is only implemented in an optional, off-by-default-for-new-channels add-on whereas it's in the core and on by default on (streams) and the only available protocol on Forte.

    Importing contents or following actors when seeing them locally on other servers without copy-pasting and searching can be done. It requires OpenWebAuth magic single sign-on, however, and it requires it to be implemented on all servers of all Fediverse server applications from Mastodon to WordPress to Ghost to Flipboard. Hubzilla, (streams) and Forte are the only Fediverse server applications with full (client-side and server-side) OpenWebAuth implementations. But that's of little use if the rest of the Fediverse doesn't have server-side implementations, and Mastodon has even silently rejected a mere client-side implementation already developed to a pull request two years ago.

    The Sin of DM Disasters Waiting to Happen


    I think this is less of an issue on Hubzilla, (streams) and Forte because they handle DMs differently from Mastodon (which "the Fediverse" actually refers to in the article).

    On all three, DMs are integrated into their extensive, fine-grained permissions system in which everything is only public if it's really public. The difference between a post and a DM is not just a switch.

    If I want to DM you, I can either tag you @!{[email protected]} rather than @[url=https://mastodon.social/@benpate]Ben Pate 🤘🏻[/url]. Then you're a) the only one to whom the message is sent (it literally doesn't even go out to any other server than mastodon.social plus my clone on hub.hubzilla.de as can be seen in the delivery report) and b) the only one who is granted permission to view the message.

    Or I can use the padlock icon and select you from the opening list as the sole recipient. The very moment that I select certain recipients, the post I'm composing quits being public, and the padlock icon switches from open to closed. This isn't a one-click or two-click toggle. You don't do that casually. It's basically configuration. It requires so many mouse clicks that you do it consciously and intentionally. If you want to post in private, you have to really want to post in private.

    Better yet: You can default to posting only to a certain limited target audience. In fact, by default on a brand-new channel, you only post to the members of one privacy group/access list (which is a Mastodon list on coke and 'roids). You have to manually reconfigure your new channel if you want to post to the general public by default.

    If you preview your post, you can see whether it's a direct message to one or multiple single connections (envelope icon next to your long name), a limited-permissions message to one or multiple privacy groups/access lists/group actors (closed padlock icon) or actually public (no icon).

    Even better yet: Posts to group actors generally aren't public. Posts to at least Friendica groups, Hubzilla forums, (streams) groups and Forte groups are never public. They do not go out to your followers as well unless they're connected to the same group. And this is independent from whether a group is public or private. You can't accidentially post to a group actor in public, and if you do, you don't post to that group actor at all, at least not in a way that makes the group actor forward your post to its other connections.

    Granted, what does not happen is your background switching from your background colour or background image (which can be user-configured) to red #800000 or a yellow-and-back chevron pattern when you change visibility and permissions to something that isn't public.

    The Sin of Ghost Conversations and Phantom Follower Counts


    And again, when @Tim Chambers says, "the Fediverse", he almost exclusively means Mastodon. He writes as if the entire Fediverse handled conversations as terribly as Mastodon, as if the entire Fediverse was as blissfully unaware of enclosed conversations as Mastodon. Which is not the case.

    Hubzilla, (streams) and Forte, as well as their ancestor Friendica, handle conversations in ways that exceed Mastodon users' imaginations and wildest dreams by magnitudes. Unlike Mastodon, they know threaded conversations, and they see them as enclosed objects where only the start post counts as a post, and everything else counts as a comment.

    This means that once you've received a post on your stream, you will also receive all comments on that post, regardless of whether or not you follow the commenters, regardless of whether or not they mention you. That's because all four reel in the comments not from the commentors, but from the original poster who is perceived as the owner of the thread. Only blocks or channel-wide filters can prevent comments from coming in.

    Beyond that, (streams) was the first to introduce Conversation Containers. Forte inherited them from (streams), and when they were defined in FEP-171b, Hubzilla implemented them, too.

    Here on Hubzilla, I can see all comments in this thread because my channel has fetched them directly from @Johannes Ernst. And I can actually see them right away because that's the default view here on Hubzilla, rather than Mastodon's piecemeal.

    Even if you import a post manually using the search feature (and you better import the actual start post), AFAIK existing comments will eventually be backfilled. Comments that come in after importing will definitely end up on your stream as part of the thread.

    So this is not a shortcoming of the Fediverse. The Fediverse has been able to do better for 15 years. It's a shortcoming of Mastodon.

    The only "issue" here may be that it sometimes takes some time for a comment to show up for some reasons. But unless there are blocks or filters in play, it eventually will.

    The Sin of Invisible Discovery: The Content Mirage


    I'm not going to pick on the audacious implication that "Eugen and team" invented the Fediverse.

    But Tim writes like literally everyone wants "the Fediverse" (read, actually Mastodon) to be literally Twitter without Musk.

    Also:
    • Friendica has had full-blown full-text search since its inception as early as 2010. Five and a half years longer than Mastodon has even existed.
    • Hubzilla has had full-blown full-text search since its inception as early as 2011 when it was forked from Free-Friendika. It has inherited full-text search from Friendica.
    • (streams) and Forte have had full-blown full-text search since their respective inception in 2021 and 2024, both having inherited it themselves.

    Oh, and none of them has an explicit opt-in switch to soothe panicking Twitter converts because panicking Twitter converts have never been the primary target audience of either of them.

    Instead, on Hubzilla, whether someone can find your content depends on whether they've got permission to view it in the first place ("Can view my channel stream and posts"). If it's public, they have it. Full stop. Public is public is public. Stop whining. You've made it public, now deal with everything being able to see it.

    (streams) and Forte behave the same. In addition, they have an extra permission: "Grant search access to your channel stream and posts". This controls who may search your channel stream using your own local search feature while visiting your channel locally. Something that isn't even possible on Mastodon.

    As for not having any content on my channel stream before I connect to anyone: I, for one, do not want some algorithm to force content upon me that I'm not interested in. Full. Frigging. Stop. I want to have full and exclusive control over what I see and what I don't.

    The Sin of User Discovery Hell


    Can it really be that Mastodon's directory is so much worse than Friendica's, Hubzilla's, (streams)' and Forte's directories? I guess it is because it really only lists local accounts on that one particular server. A side-effect of Mastodon being a microblogging service and Twitter clone. And not a full-blown, fully-featured social network and Facebook alternative. No, seriously, it isn't that.

    Friendica is. It was designed as such. It was designed to take Facebook's place, and not by aping and cloning Facebook, but by being better than Facebook.

    The directory on each node is decentralised. It lists all actors known to that node. What's outright unimaginable from a Mastodon point of view: It takes the keywords in the profiles into account. Better even: It ranks suggestions by the number of matching keywords.

    Want something centralised instead? Try the Friendica Directory. Looking for people? Looking for news accounts? Looking for groups? There are specialised tabs for that. Friendica can tell them apart, and so can the Friendica Directory.

    Caveat: The Friendica Directory only lists Friendica accounts. Friendica's built-in directory should list everything it knows. I haven't used Friendica in many years, but I guess this even includes diaspora* accounts because why not?

    Hubzilla has indirectly inherited its directory from Friendica. This is the directory on Netzgemeinde, the biggest Hubzilla hub.

    Again, it lists local as well as federated channels. You can choose whether to see only local channels ("This Website Only") or federated channels as well. You can choose whether channels flagged NSFW shall be listed or not ("Safe Mode"). You can choose to only have group actors listed that let themselves be listed ("Public Forums Only"). You have a cloud of keywords from the keyword lists in the profiles that you can filter by (Mastodon doesn't even have keyword lists in profiles). You have full-text search for names and keywords. There's even a Facebook-style suggestion mode that proposes connections to you with a ranking based on your keywords and their keywords as well as the number of common connections, and that still has the same filters.

    Caveat this time: Hubzilla's directory only supports the one sole protocol built into Hubzilla's core. And that's Zot6. This means that Hubzilla's directory only lists Hubzilla and (streams) channels because Hubzilla and (streams) are the only Fediverse server applications that support Zot6.

    (streams) and Forte have inherited their directories again. And they probably have the most powerful decentralised directories in the entire Fediverse. I'd give you a link, but (streams) directories generally aren't public; only local channels can access them.

    These directories are similar to the ones on Hubzilla. You see local and federated actors, and you can choose to only see local actors ("This Website Only"). You can choose to only see group actors ("Groups Only"). You can choose to not see channels flagged NSFW ("Safe Mode"). What's new: Inactive actors can be kept out, too ("Recently Updated").

    Now it comes: (streams) has ActivityPub built into its core, and it's on by default on new channels. Forte is entirely based on ActivityPub.

    This means that their directories can list anything from anywhere that uses ActivityPub. "Groups Only" gives you Guppe groups, Lemmy communities, /kbin and Mbin magazines, PieFed communities, Mobilizon groups, Flipboard magazines, Friendica groups, Hubzilla forums, (streams) groups, Forte groups etc., all on one list.

    (streams) has a slight edge over Forte here because it also lists Hubzilla and (streams) channels that have ActivityPub off such as the Streams Users Tea Garden where ActivityPub was turned off with the very intention to keep Mastodon out.

    If there was a gigantic Forte server, as big as mastodon.social, and its directory was accessible to the public, that directory would be the best directory in the Fediverse for anything really. If it was on (streams), it would list more, but it would confuse some users of e.g. Mastodon who'd try to follow Hubzilla or (streams) channels that have ActivityPub off. Forte simply doesn't list these because it can't find them.

    A global directory of everything sounds like a good idea, but it's next to impossible to implement.

    Either the directory would go look for actors itself. In order to do that, it would have to know within a split-second not only whenever a new actor is created somewhere so it can index that actor right away, but also whenever a new server is spun up so that the admin actor can be indexed, and that server can be watched. How is it supposed to know all that?

    Well, or the directory, a single, monolithic, centralised website, would have to be hard-coded into all Fediverse server software. That way, each server could immediately report newly created actors to the central directory upon their creation.

    For starters, this would make the whole Fediverse depend on one single centralised website under the control of, if bad comes to worse, one person.

    Besides, this would be a privacy nightmare. Let's suppose I create a new (streams) channel that's supposed to be private. Its existence and all its properties would be sent to the central directory before I can set it to private and restrict its permissions. This wouldn't be so bad on Hubzilla because I'd make the channel private before I turn on PubCrawl and make the channel accessible to the directory in the first place because the directory would only understand ActivityPub.

    Of course, the directory would mostly be built against Mastodon. It would not understand the permissions systems implemented on Hubzilla, (streams) and Forte, and it might happily siphon off the profiles of channels where access to the profile is restricted and make them publicly accessible. On the other hand, this is likely to mean that the directory couldn't read most of Hubzilla's, (streams)' and Forte's profile text fields anyway because Mastodon doesn't have them.

    But such a centralised directory wouldn't make connecting to other users that much easier and more convenient. You'd still have to copy and paste URLs or IDs into your local search and search for them (unless you're on Friendica, Hubzilla, (streams) or Forte where you can connect to URLs directly). At the very least, you should be able to go to the centralised directory and follow anyone just by clicking or tapping them. That, however, would require OpenWebAuth support on both your home server and that directory.

    Ideally, that directory would be firmly built into all instances of all Fediverse software from snac2 to Mastodon to Hubzilla, even replacing any existing directory to confuse people less. But that would make the Fediverse even more dependent on one central website and its owner, something which should be avoided at all cost.

    Lastly, nothing can ever be built into all instances of all Fediverse software. Remember that there's software with living instances that's barely being developed such as Plume. There's even software with living instances that's been officially pronounced dead such as Calckey, Firefish or /kbin. How are Firefish servers supposed to implement such a feature if nobody maintains Firefish anymore, and even the code repository was deleted?

    CC: @Risotto Bias

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Streams #(streams) #Forte #OpenWebAuth #SingleSignOn #NomadicIdentity #Search #FullTextSearch #Directory #Permissions #Privacy #Conversations #ThreadedConversations #FEP_171b #ConversationContainers
  9. @Ben Pate 🤘🏻 Allow me to take a look at this from a Hubzilla/(streams)/Forte point of view.

    The Sin of Overwhelming Complexity: Instance Selection Paralysis


    The only way to really combat this effectively is by hiding the whole concept of servers/instances at first, railroading everyone to a server and only letting them know about decentralisation and servers/instances after the fact.

    In theory, this could be doable with Hubzilla, (streams) and Forte, and even better than with Mastodon with its themed servers. It wouldn't make sense to offer Hubzilla, (streams) or Forte servers for certain topics or target audiences, seeing as the whole thing would become moot the very moment when you make your first clone on another server. Simply build a kind of "automatic on-boarder" that sends everyone to the geographically closest open-registration server.

    In practice, that'd be a bad idea, but for a different reason than on Mastodon. And that's how these servers tend to be very different. Not in topic. Not in target audiences. Not in rules. But in features. Hubzilla is modular, (streams) is modular, Forte is modular, and each admin decides differently on which "apps" to activate. Then you want to join Hubzilla for one cool feature, but the on-boarder railroads you to a server where that very feature isn't even activated.

    Sure, the on-boarder could include the option to select certain features that you absolutely must have in your new home and then pick a server that has them. But that'd be extra hassle and extra confusing.

    Besides, where'd you put that on-boarder? On the official Hubzilla website? Haha, no can do. The official Hubzilla website is a webpage on a Hubzilla channel itself. It's all just dumb old static HTML with a CSS. If it's even HTML and not Markdown or BBcode, that is. You couldn't add scripts to it if you tried.

    Oh, and (streams) and Forte don't even have official websites. And (streams) will never have one, seeing as it's officially and intentionally nameless, brandless and totally not even a project. Their "websites" are readme files in their code repositories on Codeberg.

    The Sin of Inconsistent Navigation: Timeline Turmoil


    The streams on Hubzilla, (streams) and Forte are quite a bit different from Mastodon timelines.

    First of all, what you usually don't have on public servers is the counterpart to Mastodon's local timeline and Mastodon's federated timeline. On all three, this would be only one stream, the "public stream" or "pubstream". It can be switched by the admin to either what'd be local or what'd be federated. However, public servers usually have it off entirely. Unavailable even to local users. That's because the admins don't want to be held liable for what's happening on the pubstream.

    Technically speaking, you only have one stream on a public server, and that's your channel stream. It's much more efficient than a Mastodon timeline because it always shows entire conversations by default instead of detached single-message piecemeal, and because it has a counter for unread messages which even lists these unread messages for you to directly go to the corresponding conversation. But that's another story.

    However, your channel stream can be viewed on your channel page, conversation by conversation, or it can be viewed on the stream page as an actual stream with all conversations shown in a feed/timeline-like fashion, one upon another, and with its own set of built-in filters such as "only my own messages" or "only conversations started by members of one particular privacy group/access list" or "only conversations from one particular group actor". It's actually much more convenient than any Mastodon timeline, but for those who want a Twitter clone for dumb-dumbs, it can be very overwhelming.

    Yes, Hubzilla, (streams) and Forte are much more complex in handling than, say, snac2. But they're also much more complex in features than snac2. That power is their USP. And that power must be harnessed somehow.

    The Sin of Remote Interaction Purgatory: Federation Gymnastics


    Sure, Hubzilla, (streams) and Forte have some of the best built-in search systems in the whole Fediverse. They can pull almost everything onto your channel stream just by searching for it. And if it has replies, chances are they pull these in as well.

    But still, they're geared towards desktop users. They still require copy-paste. Phone users don't copy paste. Most of them don't even know the very concept of copy-paste. For most of those who do, copy-paste is much too fumbly if the input device available to them is a 6" touch screen.

    You can't blame them, though. This is next to impossible to do any differently. I mean, you won't see a button magically appear with which you can pull in just that one post or comment you want to pull in.

    Rather, the issue is that they can only reel in almost everything. Sometimes the search returns nothing, like a void. Sometimes the search runs indefinitely without any kind of result. This may be because someone has blocked your channel, because someone has blocked your entire server, because the server someone is on has blocked you or your entire server, because Hubzilla/(streams)/Forte doesn't understand the URI pasted into the search field or whatever.

    So this is made worse by Hubzilla, (streams) and Forte not knowing what they can search for, what they can't and why not.

    Connecting with someone whom you encounter on your channel stream is fairly easy. Connections can be initiated with only two clicks. Either you click their long name, and you're taken to a pretty much distraction-less local "intermediate page" with a striking green button that's labelled "+ Connect". Or if you don't want to leave the channel page, you hover your mouse cursor over their profile picture, click on the little white arrow that appears, and you get a small menu that offers you the "Connect" option as well. Granted, even some veterans don't know the latter trick because it isn't immediately advertised on the channel page.

    Also, sure, you don't simply follow them right off the bat with nothing else to do like on Mastodon. You're taken to your Connections page, and you have to configure the connection (you don't have to do that on Mastodon because you can't configure connections on Mastodon).

    Following accounts/channels from the directory is a bit easier. The green "+ Connect" button is there right away (unless you're already connected). However, Hubzilla's directory only lists channels based on the Nomad protocol, i.e. Hubzilla and (streams) channels, because ActivityPub is only implemented in an optional, off-by-default-for-new-channels add-on whereas it's in the core and on by default on (streams) and the only available protocol on Forte.

    Importing contents or following actors when seeing them locally on other servers without copy-pasting and searching can be done. It requires OpenWebAuth magic single sign-on, however, and it requires it to be implemented on all servers of all Fediverse server applications from Mastodon to WordPress to Ghost to Flipboard. Hubzilla, (streams) and Forte are the only Fediverse server applications with full (client-side and server-side) OpenWebAuth implementations. But that's of little use if the rest of the Fediverse doesn't have server-side implementations, and Mastodon has even silently rejected a mere client-side implementation already developed to a pull request two years ago.

    The Sin of DM Disasters Waiting to Happen


    I think this is less of an issue on Hubzilla, (streams) and Forte because they handle DMs differently from Mastodon (which "the Fediverse" actually refers to in the article).

    On all three, DMs are integrated into their extensive, fine-grained permissions system in which everything is only public if it's really public. The difference between a post and a DM is not just a switch.

    If I want to DM you, I can either tag you @!{[email protected]} rather than @[url=https://mastodon.social/@benpate]Ben Pate 🤘🏻[/url]. Then you're a) the only one to whom the message is sent (it literally doesn't even go out to any other server than mastodon.social plus my clone on hub.hubzilla.de as can be seen in the delivery report) and b) the only one who is granted permission to view the message.

    Or I can use the padlock icon and select you from the opening list as the sole recipient. The very moment that I select certain recipients, the post I'm composing quits being public, and the padlock icon switches from open to closed. This isn't a one-click or two-click toggle. You don't do that casually. It's basically configuration. It requires so many mouse clicks that you do it consciously and intentionally. If you want to post in private, you have to really want to post in private.

    Better yet: You can default to posting only to a certain limited target audience. In fact, by default on a brand-new channel, you only post to the members of one privacy group/access list (which is a Mastodon list on coke and 'roids). You have to manually reconfigure your new channel if you want to post to the general public by default.

    If you preview your post, you can see whether it's a direct message to one or multiple single connections (envelope icon next to your long name), a limited-permissions message to one or multiple privacy groups/access lists/group actors (closed padlock icon) or actually public (no icon).

    Even better yet: Posts to group actors generally aren't public. Posts to at least Friendica groups, Hubzilla forums, (streams) groups and Forte groups are never public. They do not go out to your followers as well unless they're connected to the same group. And this is independent from whether a group is public or private. You can't accidentially post to a group actor in public, and if you do, you don't post to that group actor at all, at least not in a way that makes the group actor forward your post to its other connections.

    Granted, what does not happen is your background switching from your background colour or background image (which can be user-configured) to red #800000 or a yellow-and-back chevron pattern when you change visibility and permissions to something that isn't public.

    The Sin of Ghost Conversations and Phantom Follower Counts


    And again, when @Tim Chambers says, "the Fediverse", he almost exclusively means Mastodon. He writes as if the entire Fediverse handled conversations as terribly as Mastodon, as if the entire Fediverse was as blissfully unaware of enclosed conversations as Mastodon. Which is not the case.

    Hubzilla, (streams) and Forte, as well as their ancestor Friendica, handle conversations in ways that exceed Mastodon users' imaginations and wildest dreams by magnitudes. Unlike Mastodon, they know threaded conversations, and they see them as enclosed objects where only the start post counts as a post, and everything else counts as a comment.

    This means that once you've received a post on your stream, you will also receive all comments on that post, regardless of whether or not you follow the commenters, regardless of whether or not they mention you. That's because all four reel in the comments not from the commentors, but from the original poster who is perceived as the owner of the thread. Only blocks or channel-wide filters can prevent comments from coming in.

    Beyond that, (streams) was the first to introduce Conversation Containers. Forte inherited them from (streams), and when they were defined in FEP-171b, Hubzilla implemented them, too.

    Here on Hubzilla, I can see all comments in this thread because my channel has fetched them directly from @Johannes Ernst. And I can actually see them right away because that's the default view here on Hubzilla, rather than Mastodon's piecemeal.

    Even if you import a post manually using the search feature (and you better import the actual start post), AFAIK existing comments will eventually be backfilled. Comments that come in after importing will definitely end up on your stream as part of the thread.

    So this is not a shortcoming of the Fediverse. The Fediverse has been able to do better for 15 years. It's a shortcoming of Mastodon.

    The only "issue" here may be that it sometimes takes some time for a comment to show up for some reasons. But unless there are blocks or filters in play, it eventually will.

    The Sin of Invisible Discovery: The Content Mirage


    I'm not going to pick on the audacious implication that "Eugen and team" invented the Fediverse.

    But Tim writes like literally everyone wants "the Fediverse" (read, actually Mastodon) to be literally Twitter without Musk.

    Also:
    • Friendica has had full-blown full-text search since its inception as early as 2010. Five and a half years longer than Mastodon has even existed.
    • Hubzilla has had full-blown full-text search since its inception as early as 2011 when it was forked from Free-Friendika. It has inherited full-text search from Friendica.
    • (streams) and Forte have had full-blown full-text search since their respective inception in 2021 and 2024, both having inherited it themselves.

    Oh, and none of them has an explicit opt-in switch to soothe panicking Twitter converts because panicking Twitter converts have never been the primary target audience of either of them.

    Instead, on Hubzilla, whether someone can find your content depends on whether they've got permission to view it in the first place ("Can view my channel stream and posts"). If it's public, they have it. Full stop. Public is public is public. Stop whining. You've made it public, now deal with everything being able to see it.

    (streams) and Forte behave the same. In addition, they have an extra permission: "Grant search access to your channel stream and posts". This controls who may search your channel stream using your own local search feature while visiting your channel locally. Something that isn't even possible on Mastodon.

    As for not having any content on my channel stream before I connect to anyone: I, for one, do not want some algorithm to force content upon me that I'm not interested in. Full. Frigging. Stop. I want to have full and exclusive control over what I see and what I don't.

    The Sin of User Discovery Hell


    Can it really be that Mastodon's directory is so much worse than Friendica's, Hubzilla's, (streams)' and Forte's directories? I guess it is because it really only lists local accounts on that one particular server. A side-effect of Mastodon being a microblogging service and Twitter clone. And not a full-blown, fully-featured social network and Facebook alternative. No, seriously, it isn't that.

    Friendica is. It was designed as such. It was designed to take Facebook's place, and not by aping and cloning Facebook, but by being better than Facebook.

    The directory on each node is decentralised. It lists all actors known to that node. What's outright unimaginable from a Mastodon point of view: It takes the keywords in the profiles into account. Better even: It ranks suggestions by the number of matching keywords.

    Want something centralised instead? Try the Friendica Directory. Looking for people? Looking for news accounts? Looking for groups? There are specialised tabs for that. Friendica can tell them apart, and so can the Friendica Directory.

    Caveat: The Friendica Directory only lists Friendica accounts. Friendica's built-in directory should list everything it knows. I haven't used Friendica in many years, but I guess this even includes diaspora* accounts because why not?

    Hubzilla has indirectly inherited its directory from Friendica. This is the directory on Netzgemeinde, the biggest Hubzilla hub.

    Again, it lists local as well as federated channels. You can choose whether to see only local channels ("This Website Only") or federated channels as well. You can choose whether channels flagged NSFW shall be listed or not ("Safe Mode"). You can choose to only have group actors listed that let themselves be listed ("Public Forums Only"). You have a cloud of keywords from the keyword lists in the profiles that you can filter by (Mastodon doesn't even have keyword lists in profiles). You have full-text search for names and keywords. There's even a Facebook-style suggestion mode that proposes connections to you with a ranking based on your keywords and their keywords as well as the number of common connections, and that still has the same filters.

    Caveat this time: Hubzilla's directory only supports the one sole protocol built into Hubzilla's core. And that's Zot6. This means that Hubzilla's directory only lists Hubzilla and (streams) channels because Hubzilla and (streams) are the only Fediverse server applications that support Zot6.

    (streams) and Forte have inherited their directories again. And they probably have the most powerful decentralised directories in the entire Fediverse. I'd give you a link, but (streams) directories generally aren't public; only local channels can access them.

    These directories are similar to the ones on Hubzilla. You see local and federated actors, and you can choose to only see local actors ("This Website Only"). You can choose to only see group actors ("Groups Only"). You can choose to not see channels flagged NSFW ("Safe Mode"). What's new: Inactive actors can be kept out, too ("Recently Updated").

    Now it comes: (streams) has ActivityPub built into its core, and it's on by default on new channels. Forte is entirely based on ActivityPub.

    This means that their directories can list anything from anywhere that uses ActivityPub. "Groups Only" gives you Guppe groups, Lemmy communities, /kbin and Mbin magazines, PieFed communities, Mobilizon groups, Flipboard magazines, Friendica groups, Hubzilla forums, (streams) groups, Forte groups etc., all on one list.

    (streams) has a slight edge over Forte here because it also lists Hubzilla and (streams) channels that have ActivityPub off such as the Streams Users Tea Garden where ActivityPub was turned off with the very intention to keep Mastodon out.

    If there was a gigantic Forte server, as big as mastodon.social, and its directory was accessible to the public, that directory would be the best directory in the Fediverse for anything really. If it was on (streams), it would list more, but it would confuse some users of e.g. Mastodon who'd try to follow Hubzilla or (streams) channels that have ActivityPub off. Forte simply doesn't list these because it can't find them.

    A global directory of everything sounds like a good idea, but it's next to impossible to implement.

    Either the directory would go look for actors itself. In order to do that, it would have to know within a split-second not only whenever a new actor is created somewhere so it can index that actor right away, but also whenever a new server is spun up so that the admin actor can be indexed, and that server can be watched. How is it supposed to know all that?

    Well, or the directory, a single, monolithic, centralised website, would have to be hard-coded into all Fediverse server software. That way, each server could immediately report newly created actors to the central directory upon their creation.

    For starters, this would make the whole Fediverse depend on one single centralised website under the control of, if bad comes to worse, one person.

    Besides, this would be a privacy nightmare. Let's suppose I create a new (streams) channel that's supposed to be private. Its existence and all its properties would be sent to the central directory before I can set it to private and restrict its permissions. This wouldn't be so bad on Hubzilla because I'd make the channel private before I turn on PubCrawl and make the channel accessible to the directory in the first place because the directory would only understand ActivityPub.

    Of course, the directory would mostly be built against Mastodon. It would not understand the permissions systems implemented on Hubzilla, (streams) and Forte, and it might happily siphon off the profiles of channels where access to the profile is restricted and make them publicly accessible. On the other hand, this is likely to mean that the directory couldn't read most of Hubzilla's, (streams)' and Forte's profile text fields anyway because Mastodon doesn't have them.

    But such a centralised directory wouldn't make connecting to other users that much easier and more convenient. You'd still have to copy and paste URLs or IDs into your local search and search for them (unless you're on Friendica, Hubzilla, (streams) or Forte where you can connect to URLs directly). At the very least, you should be able to go to the centralised directory and follow anyone just by clicking or tapping them. That, however, would require OpenWebAuth support on both your home server and that directory.

    Ideally, that directory would be firmly built into all instances of all Fediverse software from snac2 to Mastodon to Hubzilla, even replacing any existing directory to confuse people less. But that would make the Fediverse even more dependent on one central website and its owner, something which should be avoided at all cost.

    Lastly, nothing can ever be built into all instances of all Fediverse software. Remember that there's software with living instances that's barely being developed such as Plume. There's even software with living instances that's been officially pronounced dead such as Calckey, Firefish or /kbin. How are Firefish servers supposed to implement such a feature if nobody maintains Firefish anymore, and even the code repository was deleted?

    CC: @Risotto Bias

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Streams #(streams) #Forte #OpenWebAuth #SingleSignOn #NomadicIdentity #Search #FullTextSearch #Directory #Permissions #Privacy #Conversations #ThreadedConversations #FEP_171b #ConversationContainers
  10. @Ben Pate 🤘🏻 Allow me to take a look at this from a Hubzilla/(streams)/Forte point of view.

    The Sin of Overwhelming Complexity: Instance Selection Paralysis


    The only way to really combat this effectively is by hiding the whole concept of servers/instances at first, railroading everyone to a server and only letting them know about decentralisation and servers/instances after the fact.

    In theory, this could be doable with Hubzilla, (streams) and Forte, and even better than with Mastodon with its themed servers. It wouldn't make sense to offer Hubzilla, (streams) or Forte servers for certain topics or target audiences, seeing as the whole thing would become moot the very moment when you make your first clone on another server. Simply build a kind of "automatic on-boarder" that sends everyone to the geographically closest open-registration server.

    In practice, that'd be a bad idea, but for a different reason than on Mastodon. And that's how these servers tend to be very different. Not in topic. Not in target audiences. Not in rules. But in features. Hubzilla is modular, (streams) is modular, Forte is modular, and each admin decides differently on which "apps" to activate. Then you want to join Hubzilla for one cool feature, but the on-boarder railroads you to a server where that very feature isn't even activated.

    Sure, the on-boarder could include the option to select certain features that you absolutely must have in your new home and then pick a server that has them. But that'd be extra hassle and extra confusing.

    Besides, where'd you put that on-boarder? On the official Hubzilla website? Haha, no can do. The official Hubzilla website is a webpage on a Hubzilla channel itself. It's all just dumb old static HTML with a CSS. If it's even HTML and not Markdown or BBcode, that is. You couldn't add scripts to it if you tried.

    Oh, and (streams) and Forte don't even have official websites. And (streams) will never have one, seeing as it's officially and intentionally nameless, brandless and totally not even a project. Their "websites" are readme files in their code repositories on Codeberg.

    The Sin of Inconsistent Navigation: Timeline Turmoil


    The streams on Hubzilla, (streams) and Forte are quite a bit different from Mastodon timelines.

    First of all, what you usually don't have on public servers is the counterpart to Mastodon's local timeline and Mastodon's federated timeline. On all three, this would be only one stream, the "public stream" or "pubstream". It can be switched by the admin to either what'd be local or what'd be federated. However, public servers usually have it off entirely. Unavailable even to local users. That's because the admins don't want to be held liable for what's happening on the pubstream.

    Technically speaking, you only have one stream on a public server, and that's your channel stream. It's much more efficient than a Mastodon timeline because it always shows entire conversations by default instead of detached single-message piecemeal, and because it has a counter for unread messages which even lists these unread messages for you to directly go to the corresponding conversation. But that's another story.

    However, your channel stream can be viewed on your channel page, conversation by conversation, or it can be viewed on the stream page as an actual stream with all conversations shown in a feed/timeline-like fashion, one upon another, and with its own set of built-in filters such as "only my own messages" or "only conversations started by members of one particular privacy group/access list" or "only conversations from one particular group actor". It's actually much more convenient than any Mastodon timeline, but for those who want a Twitter clone for dumb-dumbs, it can be very overwhelming.

    Yes, Hubzilla, (streams) and Forte are much more complex in handling than, say, snac2. But they're also much more complex in features than snac2. That power is their USP. And that power must be harnessed somehow.

    The Sin of Remote Interaction Purgatory: Federation Gymnastics


    Sure, Hubzilla, (streams) and Forte have some of the best built-in search systems in the whole Fediverse. They can pull almost everything onto your channel stream just by searching for it. And if it has replies, chances are they pull these in as well.

    But still, they're geared towards desktop users. They still require copy-paste. Phone users don't copy paste. Most of them don't even know the very concept of copy-paste. For most of those who do, copy-paste is much too fumbly if the input device available to them is a 6" touch screen.

    You can't blame them, though. This is next to impossible to do any differently. I mean, you won't see a button magically appear with which you can pull in just that one post or comment you want to pull in.

    Rather, the issue is that they can only reel in almost everything. Sometimes the search returns nothing, like a void. Sometimes the search runs indefinitely without any kind of result. This may be because someone has blocked your channel, because someone has blocked your entire server, because the server someone is on has blocked you or your entire server, because Hubzilla/(streams)/Forte doesn't understand the URI pasted into the search field or whatever.

    So this is made worse by Hubzilla, (streams) and Forte not knowing what they can search for, what they can't and why not.

    Connecting with someone whom you encounter on your channel stream is fairly easy. Connections can be initiated with only two clicks. Either you click their long name, and you're taken to a pretty much distraction-less local "intermediate page" with a striking green button that's labelled "+ Connect". Or if you don't want to leave the channel page, you hover your mouse cursor over their profile picture, click on the little white arrow that appears, and you get a small menu that offers you the "Connect" option as well. Granted, even some veterans don't know the latter trick because it isn't immediately advertised on the channel page.

    Also, sure, you don't simply follow them right off the bat with nothing else to do like on Mastodon. You're taken to your Connections page, and you have to configure the connection (you don't have to do that on Mastodon because you can't configure connections on Mastodon).

    Following accounts/channels from the directory is a bit easier. The green "+ Connect" button is there right away (unless you're already connected). However, Hubzilla's directory only lists channels based on the Nomad protocol, i.e. Hubzilla and (streams) channels, because ActivityPub is only implemented in an optional, off-by-default-for-new-channels add-on whereas it's in the core and on by default on (streams) and the only available protocol on Forte.

    Importing contents or following actors when seeing them locally on other servers without copy-pasting and searching can be done. It requires OpenWebAuth magic single sign-on, however, and it requires it to be implemented on all servers of all Fediverse server applications from Mastodon to WordPress to Ghost to Flipboard. Hubzilla, (streams) and Forte are the only Fediverse server applications with full (client-side and server-side) OpenWebAuth implementations. But that's of little use if the rest of the Fediverse doesn't have server-side implementations, and Mastodon has even silently rejected a mere client-side implementation already developed to a pull request two years ago.

    The Sin of DM Disasters Waiting to Happen


    I think this is less of an issue on Hubzilla, (streams) and Forte because they handle DMs differently from Mastodon (which "the Fediverse" actually refers to in the article).

    On all three, DMs are integrated into their extensive, fine-grained permissions system in which everything is only public if it's really public. The difference between a post and a DM is not just a switch.

    If I want to DM you, I can either tag you @!{[email protected]} rather than @[url=https://mastodon.social/@benpate]Ben Pate 🤘🏻[/url]. Then you're a) the only one to whom the message is sent (it literally doesn't even go out to any other server than mastodon.social plus my clone on hub.hubzilla.de as can be seen in the delivery report) and b) the only one who is granted permission to view the message.

    Or I can use the padlock icon and select you from the opening list as the sole recipient. The very moment that I select certain recipients, the post I'm composing quits being public, and the padlock icon switches from open to closed. This isn't a one-click or two-click toggle. You don't do that casually. It's basically configuration. It requires so many mouse clicks that you do it consciously and intentionally. If you want to post in private, you have to really want to post in private.

    Better yet: You can default to posting only to a certain limited target audience. In fact, by default on a brand-new channel, you only post to the members of one privacy group/access list (which is a Mastodon list on coke and 'roids). You have to manually reconfigure your new channel if you want to post to the general public by default.

    If you preview your post, you can see whether it's a direct message to one or multiple single connections (envelope icon next to your long name), a limited-permissions message to one or multiple privacy groups/access lists/group actors (closed padlock icon) or actually public (no icon).

    Even better yet: Posts to group actors generally aren't public. Posts to at least Friendica groups, Hubzilla forums, (streams) groups and Forte groups are never public. They do not go out to your followers as well unless they're connected to the same group. And this is independent from whether a group is public or private. You can't accidentially post to a group actor in public, and if you do, you don't post to that group actor at all, at least not in a way that makes the group actor forward your post to its other connections.

    Granted, what does not happen is your background switching from your background colour or background image (which can be user-configured) to red #800000 or a yellow-and-back chevron pattern when you change visibility and permissions to something that isn't public.

    The Sin of Ghost Conversations and Phantom Follower Counts


    And again, when @Tim Chambers says, "the Fediverse", he almost exclusively means Mastodon. He writes as if the entire Fediverse handled conversations as terribly as Mastodon, as if the entire Fediverse was as blissfully unaware of enclosed conversations as Mastodon. Which is not the case.

    Hubzilla, (streams) and Forte, as well as their ancestor Friendica, handle conversations in ways that exceed Mastodon users' imaginations and wildest dreams by magnitudes. Unlike Mastodon, they know threaded conversations, and they see them as enclosed objects where only the start post counts as a post, and everything else counts as a comment.

    This means that once you've received a post on your stream, you will also receive all comments on that post, regardless of whether or not you follow the commenters, regardless of whether or not they mention you. That's because all four reel in the comments not from the commentors, but from the original poster who is perceived as the owner of the thread. Only blocks or channel-wide filters can prevent comments from coming in.

    Beyond that, (streams) was the first to introduce Conversation Containers. Forte inherited them from (streams), and when they were defined in FEP-171b, Hubzilla implemented them, too.

    Here on Hubzilla, I can see all comments in this thread because my channel has fetched them directly from @Johannes Ernst. And I can actually see them right away because that's the default view here on Hubzilla, rather than Mastodon's piecemeal.

    Even if you import a post manually using the search feature (and you better import the actual start post), AFAIK existing comments will eventually be backfilled. Comments that come in after importing will definitely end up on your stream as part of the thread.

    So this is not a shortcoming of the Fediverse. The Fediverse has been able to do better for 15 years. It's a shortcoming of Mastodon.

    The only "issue" here may be that it sometimes takes some time for a comment to show up for some reasons. But unless there are blocks or filters in play, it eventually will.

    The Sin of Invisible Discovery: The Content Mirage


    I'm not going to pick on the audacious implication that "Eugen and team" invented the Fediverse.

    But Tim writes like literally everyone wants "the Fediverse" (read, actually Mastodon) to be literally Twitter without Musk.

    Also:
    • Friendica has had full-blown full-text search since its inception as early as 2010. Five and a half years longer than Mastodon has even existed.
    • Hubzilla has had full-blown full-text search since its inception as early as 2011 when it was forked from Free-Friendika. It has inherited full-text search from Friendica.
    • (streams) and Forte have had full-blown full-text search since their respective inception in 2021 and 2024, both having inherited it themselves.

    Oh, and none of them has an explicit opt-in switch to soothe panicking Twitter converts because panicking Twitter converts have never been the primary target audience of either of them.

    Instead, on Hubzilla, whether someone can find your content depends on whether they've got permission to view it in the first place ("Can view my channel stream and posts"). If it's public, they have it. Full stop. Public is public is public. Stop whining. You've made it public, now deal with everything being able to see it.

    (streams) and Forte behave the same. In addition, they have an extra permission: "Grant search access to your channel stream and posts". This controls who may search your channel stream using your own local search feature while visiting your channel locally. Something that isn't even possible on Mastodon.

    As for not having any content on my channel stream before I connect to anyone: I, for one, do not want some algorithm to force content upon me that I'm not interested in. Full. Frigging. Stop. I want to have full and exclusive control over what I see and what I don't.

    The Sin of User Discovery Hell


    Can it really be that Mastodon's directory is so much worse than Friendica's, Hubzilla's, (streams)' and Forte's directories? I guess it is because it really only lists local accounts on that one particular server. A side-effect of Mastodon being a microblogging service and Twitter clone. And not a full-blown, fully-featured social network and Facebook alternative. No, seriously, it isn't that.

    Friendica is. It was designed as such. It was designed to take Facebook's place, and not by aping and cloning Facebook, but by being better than Facebook.

    The directory on each node is decentralised. It lists all actors known to that node. What's outright unimaginable from a Mastodon point of view: It takes the keywords in the profiles into account. Better even: It ranks suggestions by the number of matching keywords.

    Want something centralised instead? Try the Friendica Directory. Looking for people? Looking for news accounts? Looking for groups? There are specialised tabs for that. Friendica can tell them apart, and so can the Friendica Directory.

    Caveat: The Friendica Directory only lists Friendica accounts. Friendica's built-in directory should list everything it knows. I haven't used Friendica in many years, but I guess this even includes diaspora* accounts because why not?

    Hubzilla has indirectly inherited its directory from Friendica. This is the directory on Netzgemeinde, the biggest Hubzilla hub.

    Again, it lists local as well as federated channels. You can choose whether to see only local channels ("This Website Only") or federated channels as well. You can choose whether channels flagged NSFW shall be listed or not ("Safe Mode"). You can choose to only have group actors listed that let themselves be listed ("Public Forums Only"). You have a cloud of keywords from the keyword lists in the profiles that you can filter by (Mastodon doesn't even have keyword lists in profiles). You have full-text search for names and keywords. There's even a Facebook-style suggestion mode that proposes connections to you with a ranking based on your keywords and their keywords as well as the number of common connections, and that still has the same filters.

    Caveat this time: Hubzilla's directory only supports the one sole protocol built into Hubzilla's core. And that's Zot6. This means that Hubzilla's directory only lists Hubzilla and (streams) channels because Hubzilla and (streams) are the only Fediverse server applications that support Zot6.

    (streams) and Forte have inherited their directories again. And they probably have the most powerful decentralised directories in the entire Fediverse. I'd give you a link, but (streams) directories generally aren't public; only local channels can access them.

    These directories are similar to the ones on Hubzilla. You see local and federated actors, and you can choose to only see local actors ("This Website Only"). You can choose to only see group actors ("Groups Only"). You can choose to not see channels flagged NSFW ("Safe Mode"). What's new: Inactive actors can be kept out, too ("Recently Updated").

    Now it comes: (streams) has ActivityPub built into its core, and it's on by default on new channels. Forte is entirely based on ActivityPub.

    This means that their directories can list anything from anywhere that uses ActivityPub. "Groups Only" gives you Guppe groups, Lemmy communities, /kbin and Mbin magazines, PieFed communities, Mobilizon groups, Flipboard magazines, Friendica groups, Hubzilla forums, (streams) groups, Forte groups etc., all on one list.

    (streams) has a slight edge over Forte here because it also lists Hubzilla and (streams) channels that have ActivityPub off such as the Streams Users Tea Garden where ActivityPub was turned off with the very intention to keep Mastodon out.

    If there was a gigantic Forte server, as big as mastodon.social, and its directory was accessible to the public, that directory would be the best directory in the Fediverse for anything really. If it was on (streams), it would list more, but it would confuse some users of e.g. Mastodon who'd try to follow Hubzilla or (streams) channels that have ActivityPub off. Forte simply doesn't list these because it can't find them.

    A global directory of everything sounds like a good idea, but it's next to impossible to implement.

    Either the directory would go look for actors itself. In order to do that, it would have to know within a split-second not only whenever a new actor is created somewhere so it can index that actor right away, but also whenever a new server is spun up so that the admin actor can be indexed, and that server can be watched. How is it supposed to know all that?

    Well, or the directory, a single, monolithic, centralised website, would have to be hard-coded into all Fediverse server software. That way, each server could immediately report newly created actors to the central directory upon their creation.

    For starters, this would make the whole Fediverse depend on one single centralised website under the control of, if bad comes to worse, one person.

    Besides, this would be a privacy nightmare. Let's suppose I create a new (streams) channel that's supposed to be private. Its existence and all its properties would be sent to the central directory before I can set it to private and restrict its permissions. This wouldn't be so bad on Hubzilla because I'd make the channel private before I turn on PubCrawl and make the channel accessible to the directory in the first place because the directory would only understand ActivityPub.

    Of course, the directory would mostly be built against Mastodon. It would not understand the permissions systems implemented on Hubzilla, (streams) and Forte, and it might happily siphon off the profiles of channels where access to the profile is restricted and make them publicly accessible. On the other hand, this is likely to mean that the directory couldn't read most of Hubzilla's, (streams)' and Forte's profile text fields anyway because Mastodon doesn't have them.

    But such a centralised directory wouldn't make connecting to other users that much easier and more convenient. You'd still have to copy and paste URLs or IDs into your local search and search for them (unless you're on Friendica, Hubzilla, (streams) or Forte where you can connect to URLs directly). At the very least, you should be able to go to the centralised directory and follow anyone just by clicking or tapping them. That, however, would require OpenWebAuth support on both your home server and that directory.

    Ideally, that directory would be firmly built into all instances of all Fediverse software from snac2 to Mastodon to Hubzilla, even replacing any existing directory to confuse people less. But that would make the Fediverse even more dependent on one central website and its owner, something which should be avoided at all cost.

    Lastly, nothing can ever be built into all instances of all Fediverse software. Remember that there's software with living instances that's barely being developed such as Plume. There's even software with living instances that's been officially pronounced dead such as Calckey, Firefish or /kbin. How are Firefish servers supposed to implement such a feature if nobody maintains Firefish anymore, and even the code repository was deleted?

    CC: @Risotto Bias

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Streams #(streams) #Forte #OpenWebAuth #SingleSignOn #NomadicIdentity #Search #FullTextSearch #Directory #Permissions #Privacy #Conversations #ThreadedConversations #FEP_171b #ConversationContainers
  11. @Johannes Ernst The first step is already done:

    Forte, @Mike Macgirvin ?️ most recent project from the same family that started with Friendica 15 years ago, is the first and only stable Fediverse server application that uses ActivityPub for nomadic identity. Nomadic identity itself is a concept created by Mike in 2011 and first implemented by himself in 2012 in a very early version of Hubzilla which he called Red back then.

    This means that you can have the exact same channel/identity (think Mastodon account, but without its own login) on multiple server instances with one account each. If one server goes down, you still have at least one clone (depending on how many clones you make).

    @silverpill is working on implementing this on Mitra. It's still only available in development versions, though. The difference is that Mike had already created a whole bunch of Fediverse server applications with nomadic identity since 2012; he "only" had to port nomadic identity from the Zot or Nomad protocol to ActivityPub. Silverpill, on the other hand, has to implement nomadic identity in something that was built upon ActivityPub with no nomadic identity.

    Both recognise each other's nomadic identities. (For comparison: Mastodon doesn't recognise any nomadic identities. It takes the two instances of this Hubzilla channel of mine for two fully separate identities.) But that's all for now.

    The next step, and that's way into the future, would be to be able to clone from Forte to Mitra or from Mitra to Forte. This would give you one identity on at least two server instances of two separate Fediverse server applications.

    The obvious downside is that you won't be able to take everything with you everywhere when you clone to other server types. For example, if you clone a Forte channel to Mitra, you won't be able to take your permissions settings, your permission roles, your friend zoom settings, the contents of your cloud storage, your CalDAV calendars and your CardDAV addressbook with you over to Mitra. That's simply because Mitra doesn't have any of these features.

    What you envision is another step further. And that's the adoption of nomadic identity via ActivityPub and ideally also OpenWebAuth magic single sign-on, another one of Mike's creations, by all Fediverse server applications. And I mean all of them. Including extremely minimalist stuff like snac2 or GoToSocial. Including stuff that isn't actively being worked on like Plume. Including stuff that's dead, but that still has running servers, like Calckey, Firefish or /kbin. And including Mastodon which stubbornly refuses to make itself more compatible with the "competition" in the Fediverse and adopt technologies created by anyone else in the Fediverse, even more so if that someone is Mike Macgirvin.

    In other words, this won't happen. Mastodon would rather turn itself into its own federated walled garden by becoming incompatible with all other ActivityPub implementations.

    What many Mastodon users who know nothing about decentralisation wish for is another step further. And that's to create one account on one server instance of one Fediverse server software, no matter which, and then to have full-blown user permissions on any instance of any Fediverse server software.

    Like, create one account on mastodon.social, go to a Pixelfed instance, post pictures Instagram-style, go to a PeerTube instance, upload videos, go to a WriteFreely instance, blog away, go to a Hubzilla hub, build a webpage, all with only your mastodon.social login.

    Of course, this is impossible to do. This would mean that if you create an account on one Fediverse server instance, it would have to be cloned to all 30,000+ servers in the whole Fediverse instantaneously. And if you start your own instance, it would have to trigger 30,000+ servers to clone their tens of millions of accounts and channels over to your instance.

    Usually, when I explain this to people who want to use everything with one login, they tell me that they don't want to use every server in the Fediverse. No, but they want to use any server in the Fediverse. Any one of the 30,000+.

    And they want to use it immediately. Like, go there, use it with full-blown local user permissions right away, no delay.

    Now you may argue that their account or channel could be cloned to that server when they visit it for the first time. Drive-by cloning, so-to-speak. Still, won't happen. Cloning takes time. I myself have cloned enough Hubzilla and (streams) channels over the years to be able to estimate just how long it takes. And none of my channels has ever contained tens of thousands of posts and thousands of pictures.

    Besides, drive-by cloning would inflate Fediverse instances senselessly, not to mention bog them down with extra network traffic. Whenever you visit a Fediverse server instance for whichever reason (like, you want to look at a post on Friendica or Hubzilla to see what it looks like without being botched by Mastodon), your account or channel would automagically be cloned to that server instance. Another account (and channel, if necessary) on that server instance, another deluge of posts and files flooding into the database, and that clone would have to be synced with your 600 other previous drive-by clones on the 600 Fediverse server instances you've visited before.

    Extra nefarious: Some "websites" that have to do with Hubzilla or a certain aspect of Hubzilla are parts of Hubzilla channels themselves. This includes the official Hubzilla website. If you visited them, you'd create a drive-by clone on the Hubzilla hub which hosts that website.

    So if someone set up a single-user Hubzilla hub with their personal channel and a website channel on it, and the website is interesting enough, and 10,000 Fediverse users visit it, it'll end up bigger than the biggest current Hubzilla hub within days. It'll have 10,001 accounts, namely the owner's account with two channels and 10,000 accounts with drive-by clones, automatically created by the 10,000 external visitors.

    But this will remain utopic not only because it's technologically pretty much impossible and very much not feasible at all. It also requires a mechanism for one Fediverse server to recognise logins on other Fediverse servers. You know, like OpenWebAuth. You want your Mastodon account to drive-by clone itself, Mastodon will have to implement OpenWebAuth, and I mean fully implement it.

    There actually is a pull request in Mastodon's GitHub code repository that would have implemented client-side OpenWebAuth support (= Hubzilla, (streams) and Forte would recognise Mastodon logins). This isn't even about full-support that'd include login recognition on Mastodon's own side. This pull request has been there for two years. It was never merged. And it probably will never be merged.

    This means that the Mastodon devs have practically rejected OpenWebAuth as a feature to implement. Won't come. Ever. Not even half of it.

    And this should say everything about the chances that Mastodon will ever implement nomadic identity.

    CC: @william.maggos @Richard MacManus @Tim Chambers @Ben Pate 🤘🏻

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Mitra #Hubzilla #Streams #(streams) #Forte #OpenWebAuth #SingleSignOn #NomadicIdentity
  12. @Hrefna (DHC)

    If your server disappeared tomorrow with no ability to export your follower graph, how would you rebuild it?

    If you do a server move, what happens to your post history?


    Widespread adoption of Nomadic Identity, if it ever happens, may help with this.

    I am sure you already know this, but for other readers, these two 2017 articles explain how Nomadic Identity works in Hubzilla, which is based on the Nomad/Zot protocol.

    #^https://medium.com/@tamanning/nomadic-identity-brought-to-you-by-hubzilla-67eadce13c3b
    #^https://medium.com/@tamanning/getting-started-with-nomadic-identity-how-to-create-a-personal-channel-on-hubzilla-7d9666a428b

    Mike Macgirvin recently got Nomadic Identity working on ActivityPub too.

    #^https://fediversity.site/item/b69ce5a0-0c22-4933-8393-dce7100f4584

    Unfortunately, the ActivityPub world keeps pretending that Mike Macgirvin and his work does not exist (Nomadic Identity has been around and working in Hubzilla for roughly a decade).

    There's also OpenWebAuth (Federated Single Sign On). As Sean Tilley explains in this March 2024 article, Nomadic Identity and OpenWebAuth together can enable network resilience, censorship resistance, and ease of migration.

    #^https://wedistribute.org/2024/03/activitypub-nomadic-identity/

    No idea whether Nomadic Identity, OpenWebAuth, conversation containers, etc. will ever get widespread adoption. At present, the user base of software such as Hubzilla, Forte etc. (which have these features) is negligible. And at least in case of Hubzilla (which I am using), the UI and UX needs a lot of work; don't know about Forte (which is based on ActivityPub).

    And yes, all the other problems with the Fediverse that you listed will still remain. At this point, I doubt if the Fedi will ever become socially and politically relevant.

    #ActivityPub #ATProto #Nomad #Zot #NomadicIdentity #OpenWebAuth #Fediverse
  13. @Rob Shearer

    Excellent write-up, agree with most of the points.

    On a related note: it is a pity that the poorly thought-out and designed Mastodon became the overwhelmingly popular Fediverse platform. I wish it were one of the Mike Macgirvin creations such as Hubzilla or (streams) or Forte, with their advanced features such as Nomadic Identity, OpenWebAuth (Federated Single Sign On), conversation containers for threaded conversations, extremely fine-grained privacy controls, etc.

    Nomadic Identity, in particular, is brilliant. This is how it works. You have a channel (that participates in the Fediverse, this is equivalent to an account on Mastodon) on any account on, let us say, Hubzilla instance A. You can open another account on Hubzilla instance B, and create a clone there of your channel on instance A. So this clone becomes a live, real-time backup of your channel; the backup includes your connections as well as your posts. And it is bidirectional. You can log on to your clone channel on B, and use it like your main instance, and now the clone on instance A will mirror your activity. If you wish, you can clone the channel on a third instance C. If one of A or B or C abruptly shuts down, you can continue operating your channel from your clone channel, so you lose nothing.

    This addresses one of your pain points as to how account migration does not work on Mastodon.

    By the way: you can have multiple channels per instance, and you can have clones of each channel on different instances. So if you wish, you can have separate channels for your hobbies and your professional activities and your politics; all contained and operated within a single account on a particular instance.

    You can read more about Nomadic Identity here

    #^https://medium.com/@tamanning/nomadic-identity-brought-to-you-by-hubzilla-67eadce13c3b

    and here.

    #^https://medium.com/@tamanning/getting-started-with-nomadic-identity-how-to-create-a-personal-channel-on-hubzilla-7d9666a428b

    It is said that Bluesky is working on pioneering something like Nomadic Identity. Ironically, Mike Macgirvin had already pioneered it all the way back in 2012. He initially did it with Nomad (which underlies Hubzilla and (streams)), a protocol far richer and better-defined than ActivityPub; and recently, he even got Nomadic Identity working on ActivityPub.

    #^https://fediversity.site/item/b69ce5a0-0c22-4933-8393-dce7100f4584

    Unfortunately, the movers and shakers of the ActivityPub world keep pretending that Mike Macgirvin and his work does not exist.

    Then there’s OpenWebAuth for Federated Single Sign On. This enables seamless granting of permissions for you to operate your social dashboard from different parts of the Fediverse.

    You can read here how Nomadic Identity and OpenWebAuth together enable network resilience, censorship resistance, and ease of migration.

    #^https://wedistribute.org/2024/03/activitypub-nomadic-identity/

    There’s also conversation containers—these ensure that unlike on Mastodon, every single post/comment in a conversation thread is visible to every single person participating in or merely viewing the thread. (Also: you don't need @ tagging, anyone who participated in the conversation by replying at least once or by boosting or liking some post is notified of all new posts/comments.)

    I won’t elaborate on the fine-grained privacy controls, but I think they too address some of your pain points with Mastodon.

    Having said all that, I must mention that your core criticism of Mastodon also applies to Hubzilla, (streams), and Forte: there is asynchronous distribution of “some subset of a global database across some parts of the network”. I personally think there ought to be a truly universal search and community-controlled user-specific custom algorithms to address this problem, but I doubt the vocal part of the userbase here would agree.

    And relative to Mastodon, the Hubzilla+(streams)+Forte community is tiny, so there is hardly any local content.

    #Nomad #Zot #ActivityPub #Mastodon #Hubzilla #Forte #NomadicIdentity #OpenWebAuth #ConversationContainers #PrivacyControls

    @Jeff Atwood
  14. @crabby Zufällig habe ich ein paar selbstgemachte Tabellen zur Hand, die Mastodon mit Friendica, Hubzilla und (streams) vergleichen.

    @AndyGER :verified_coffee: Zumindest die letzteren zwei genannten plus der jüngste Sprößling der Familie, Forte, sind Mastodon technologisch schon längst um Lichtjahre voraus. Hubzilla war schon 2012 fortschrittlicher, als Mastodon es heute ist, und da hieß es noch gar nicht Hubzilla.

    Auf Mastodon sind Login, Konto, Identität und Profil alles eins. Auf Hubzilla, (streams) und Forte kann man auf einem einzigen Konto mehrere völlig unabhängige Identitäten haben, die für Mastodon wie separate Konten aussehen. Friendica und Hubzilla bieten dann auch noch mehrere Profile pro Identität.

    Auf Mastodon ist es heute noch schwierig, ein Konto umzuziehen. Das komplette Konto mit allem umzuziehen, ist gar unmöglich. Auf Hubzilla, (streams) und Forte kann man dagegen sogar seine Kanäle gleichzeitig und voll synchron zueinander auf mehreren Servern haben. Das nennt sich "nomadische Identität".

    Hubzillas Berechtigungssystem wird eigentlich nur noch knapp von dem von (streams) und Forte übertroffen. Mastodon weiß gar nicht, was Berechtigungen sind.

    Hubzilla hat schon 2020 OpenWebAuth Magic Single Sign-On von seinem eigenen Fork Zap geerbt, und zwar als serverseitige und clientseitige Implementation. (streams) und Forte hatten es von vornherein. Auf Mastodon gab es mal einen Versuch, zumindest clientseitiges OpenWebAuth zu implementieren. Es gibt tatsächlich einen Pull Request. Der ist aber nie gemerget worden und wurde wahrscheinlich sogar abgelehnt.

    Mastodon kennt nur das supervereinfachte Threadmodell von Twitter. Friendica, Hubzilla, (streams) und Forte beherrschen dagegen echte Konversationen wie Facebook, wie jedes Blog usw. mit einem (1) Post und ansonsten Kommentaren. Und die vier zeigen dir auch standardmäßig immer sofort ganze Threads an und nicht irgendwelches Stückwerk. Was auf Mastodon harte Arbeit erfordert oder überhaupt nicht möglich ist, servieren dir die vier auf dem Silbertablett.

    Friendica, Hubzilla, (streams) und Forte haben allesamt schon immer Gruppen/Foren implementiert, inklusive Moderation, inklusive dem Benennen zusätzlicher Admins (auf Friendica nur vom selben Node), inklusive privaten Gruppen/Foren, inklusive der Möglichkeit, Gruppen/Foren in Verzeichnissen nicht anzeigen zu lassen, inklusive der Möglichkeit, neue Mitglieder von den Admins erst bestätigen zu lassen. Noch dazu sind die Gruppen/Foren von allen vieren untereinander kompatibel und mit allen möglichen anderen Gruppenakteuren im Fediverse. Mastodon versucht erst jetzt gerade, irgendwie eine Gruppenfunktion einzubauen, und wie die aussehen wird, wissen anscheinend nicht mal die Entwickler.

    Wenn du auf Mastodon Bilder oder andere Medien postest, gehen nur maximal vier pro Tröt. Und auch nur als Dateianhänge unter dem eigentlichen Tröt. Noch dazu versickern sie irgendwo auf dem Server. Auf Friendica, Hubzilla, (streams) und Forte hast du keine Begrenzung in der Anzahl. Du kannst Bilder und andere Medien im Post einbetten wie auf einem Blog. Und du hast einen eingebauten Cloudspeicher mit Unterordnern und Berechtigungen, in dem du Bilder, Medien usw. hochladen kannst, auch zum Einbetten in Posts. Auf Hubzilla, (streams) und Forte hat der Cloudspeicher sogar WebDAV-Anbindung.

    Von den Features her kann das heutige Mastodon schon mit Friendica auf dem Stand von 2010 nicht mithalten, als es noch Mistpark hieß. Bis hin zu Quote-Posts, die es meines Wissens damals schon hatte. Im Grunde hat nur Mastodon die nicht.

    Wenn Mastodon-Nutzer sich für Mastodon (oder gar fürs "Fediverse") neue Features wünschen, gehören die im allgemeinen in zwei Kategorien: Entweder sind die technisch überhaupt nicht umsetzbar, oder mindestens ein oder zwei von den vieren haben das schon längst implementiert.

    Und ehrlich gesagt sehe ich so ziemlich nichts, wo Mastodon irgendeiner anderen Fediverse-Serveranwendung technologisch voraus sein sollte.

    #Long #LongPost #CWLong #CWLongPost #LangerPost #CWLangerPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Mastodon #Friendica #Hubzilla #Streams #(streams) #Forte #NomadischeIdentität #OpenWebAuth
  15. Genial wäre jetzt noch, wenn Friendica auch serverseitige Unterstützung für OpenWebAuth einbauen würde.

    Und wenn Mastodon endlich den schon seit Ewigkeiten auf GitHub schimmelnden Pull Request für OpenWebAuth-Unterstützung akzeptieren würde (wobei ich glaube, der ist auch nur clientseitig).

    #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #OpenWebAuth #SingleSignOn
  16. @Alison Wilder Because if you want full-blown user rights and all the same features as a local user on all over 30,000 Fediverse instances, you need a local user account on each one of them.

    This means two things:
    • If you come over to the Fediverse for the first time, and you register your first account on Mastodon, you automatically also register an account on 30,000+ more instances.
    • If you decide to host your own instance of whatever, and you spin it up for the first time, your instance immediately creates tens of millions of user accounts. One for everyone who has ever joined the Fediverse. Because anyone may decide to come over to your instance and use it, just like so.

    For one, this is utter overkill.

    Besides, this is technologically impossible. This would require all Fediverse instances to know all other Fediverse instances. With no exceptions. Like, if I start up my own (streams) instance for the first time, and half a second later, someone on the other side of the globe starts up a Gancio instance, they would immediately have to know each other. And all the other instances in the Fediverse.

    And, of course, it would require a newly-launched instance to know all Fediverse users. Again, with no exception.

    How and from which source are they supposed to know?

    That said, there is a single sign-on system for the Fediverse. It's called OpenWebAuth. It was created by @Mike Macgirvin 🖥️ (creator of Friendica and all its descendants) in the late 2010s already for now-defunct Zap, a fork (of a fork?) of Hubzilla which, in turn, is a fork of the currently hyped Facebook alternative Friendica. It was backported to Hubzilla in 2020. Everything that came after Zap, including the still existing streams repository, got it, too.

    However, first of all, OpenWebAuth is only fully implemented on Hubzilla, (streams) and Forte. Plus, it has client-side support on Friendica. This means that Hubzilla, (streams) and Forte recognise logins on all four, but Friendica doesn't recognise logins from anywhere.

    As for Mastodon, OpenWebAuth implementation was actually developed to the point of an official merge request in Mastodon's GitHub repository. As far as I know, it was rejected. Mastodon won't implement OpenWebAuth, full stop.

    Besides, it doesn't give you all the same power as a local user. You can't log into Friendica, go to a Hubzilla hub and create a wiki or a webpage or a CalDAV calendar, just like so.

    OpenWebAuth is only for guest permissions. Because on Hubzilla, (streams) and Forte, permissions are everything.

    For example, let's assume you have an account and a channel on (streams). Let's also assume that your (streams) channel and this Hubzilla channel of mine here are connected. Furthermore, let's assume that I've decided to only allow my own full connections to see my profile.

    If you're logged out, and you go to my profile page, you see nothing.

    But then you log in. And you come back to my profile page (provided your browser is configured so that the Hubzilla hub that I call home is allowed to create cookies). My home hub recognises your login on (streams). It identifies you as you, as one of my contacts. Thus, it identifies you as someone who is permitted to see my profile.

    And all of a sudden, you see my profile.

    That, for example, is what OpenWebAuth is for.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Zap #Streams #(streams) #Forte #SingleSignOn #OpenWebAuth
  17. @Matthias Pfefferle Friendica has only got client-side support, i.e. Hubzilla, (streams) and Forte recognise Friendica logins, but Friendica doesn't recognise any logins.

    Also, the instance that you visit while logged in must accept cookies. And if you're using Firefox and containers, the instance that you're logged in on and the instance that you visit must be in the same container.

    But in general, this is technology from the late 2010s. Zap was declared stable with it in 2019. It was backported to Hubzilla in 2020, and it was immediately made available on everything that came after Zap.

    At least for me, it generally works like a charm. Both Hubzilla and (streams) instances recognise my Hubzilla login if all precautions are met.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Friendica #Hubzilla #Streams #(streams) #Forte #OpenWebAuth
  18. @David Nason Pixelfed is wholly separate software from Mastodon on wholly separate servers with wholly separate owners. So yes, you need a separate Pixelfed account. It's a bit easier on Pixelfed if you're already on Mastodon: Pixelfed lets you automatically create a new user account by "logging in" with your Mastodon login credentials. But only Pixelfed has this as far as I know.

    Loops is wholly separate again, but there's only one instance so far because it's too unfinished to even be open-source. So you'll need a Loops account next to your Mastodon account and your Pixelfed account.

    Also, you'll have different followers on Mastodon, on Pixelfed and on Loops. But what you could do if you want your followers on Mastodon to see your Pixelfed posts is: Follow your own Pixelfed account from Mastodon. And then, whenever you post something interesting on Pixelfed, wait for it to arrive on your Mastodon timeline, and then boost it.

    @Mark Stosberg There's one thing that exists already now: OpenWebAuth magic single sign-on. But it's only available on Hubzilla, (streams) and Forte and partially on Friendica.

    What it does is recognise your login on another instance, even on an instance of another server application. Hubzilla, (streams) and Forte recognise logins from Friendica, Hubzilla, (streams) and Forte, but Friendica can't recognise logins.

    However, this is only used by the permissions system. For example, someone whom I'm connected to could have made their profile only visible to a certain subset of their connections, including myself. If you visit their profile, you won't see anything. If I visit their profile, their home instance recognises my Hubzilla login, and I can see the profile.

    What it does not do is give you the same full-blown rights as a user with a local account. I can't just, like, go to some (streams) instance and post away as, what, [email protected] or go to a Hubzilla hub where I don't have an account and create a webpage or a wiki or a CalDAV calendar right away without logging in. That's not how it works.

    By the way, client-side OpenWebAuth support (= your login is recognised on Hubzilla, (streams) and Forte) was proposed and actually developed to the point of a pull request for Mastodon. As far as I know, it was rejected. OpenWebAuth won't come to Mastodon.

    CC: @FoolishOwl @Oblomov

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Mastodon #Pixelfed #Loops #Friendica #Hubzilla #Streams #(streams) #Forte #OpenWebAuth #SingleSignOn
  19. @Come On Giant Asteroid! In general, you only have a user account, full user rights and all user features (like posting etc.) on the one instance where you've registered an account. You can follow accounts/channels from just about everywhere else. You can reply to posts from just about everywhere else. But only from where you've manually registered an account.

    The Mastodon-Pixelfed combination is a special case, a misleading one. You can log into any Pixelfed instance with your Mastodon credentials, and if they're valid Mastodon credentials, you automatically get a full-blown Pixelfed account with the same credentials. This leads those who don't understand the Fediverse yet to the assumption that they can log into any instance of anything with their credentials from one Mastodon instance.

    But still, you cannot just visit a Pixelfed instance while logged in on Mastodon and immediately get a full-blown Pixelfed account. The same goes for everything else that isn't Mastodon.

    The powers that ActivityPub grant you are that you can follow both Mastodon accounts and non-Mastodon accounts/channels and interact with them from your Mastodon account. It's like you're on Twitter, you have a friend on Facebook or Instagram or YouTube, and you can follow their Facebook account or Instagram account or YouTube channel directly from Twitter. Also, you can search for accounts/channels and content not only from your local Mastodon instance, but just as well from other Mastodon and non-Mastodon instances as far as it's known to your local Mastodon instance.

    Another very special case is OpenWebAuth magic single sign-on. You may not have knowingly come into contact with anything that has it implemented (that is, now you have, I'm on Hubzilla). OpenWebAuth does make you known on other instances. But for one, it only makes you known and grants you certain extra permissions; it does not give you all the same privileges as with a full-blown local account.

    For example, let's suppose a contact of mine only allows a subset of their contacts to see their profile. Normally, if you visit their profile page, you see nothing. But if I'm one of the permitted contacts, when I go there, their home instance recognises my login and "magically" recognises me as me, and I can see their profile in all its glory. Still, I cannot go and post something to my own contacts from that instance as if I had an account there, like I could from my home instance.

    Besides, the number of server applications with OpenWebAuth is limited. Hubzilla, (streams) and Forte have both server-side and client-side OpenWebAuth support. Friendica only has client-side support. That means that Hubzilla, (streams) and Forte recognise logins on Friendica, Hubzilla, (streams) and Forte, but Friendica doesn't recognise external logins.

    Client-side OpenWebAuth was requested and actually developed for Mastodon, but apparently ultimately rejected. Server-side OpenWebAuth for Mastodon has not even been talked about, so it most likely will never come.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #ActivityPub #Mastodon #Pixelfed #Friendica #Hubzilla #Streams #(streams) #Forte #OpenWebAuth
  20. @Strypey A few more details:

    * FEP-ef61: Portable Objects

    https://codeberg.org/fediverse/fep/src/branch/main/fep/ef61/fep-ef61.md

    Invented in, I think, 2023 by @silverpill for Mitra (based on ActivityPub). Currently implemented there and in @Mike Macgirvin ?️'s streams repository and Forte. Part of the plan to introduce almost Nomad-level, but cross-project nomadic identity to ActivityPub.

    * FEP-61cf: The OpenWebAuth Protocol

    https://codeberg.org/fediverse/fep/src/branch/main/fep/61cf/fep-61cf.md

    Invented in 2018 by Mike Macgirvin for Zap (Zot6 development platform; discontinued 2022). Backported to Hubzilla in 2020. Full server-side and client-side implementation only in Hubzilla (based on Zot6, also supports ActivityPub etc.), (streams) (based on Nomad, also supports Zot6 and ActivityPub) and Forte (based on ActivityPub). Friendica has a client-side implementation. Mastodon has a client-side implementation pull request that has to be merged eventually.

    CC: @Laurens Hof

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Zap #Streams #(streams) #Forte #Zot #Zot6 #Nomad #ActivityPub #FEP #FEP_ef61 #FEP_61cf #DecentralizedIdentity #NomadicIdentity #OpenWebAuth #SingleSignOn
  21. @Strypey A few more details:

    * FEP-ef61: Portable Objects

    https://codeberg.org/fediverse/fep/src/branch/main/fep/ef61/fep-ef61.md

    Invented in, I think, 2023 by @silverpill for Mitra (based on ActivityPub). Currently implemented there and in @Mike Macgirvin ?️'s streams repository and Forte. Part of the plan to introduce almost Nomad-level, but cross-project nomadic identity to ActivityPub.

    * FEP-61cf: The OpenWebAuth Protocol

    https://codeberg.org/fediverse/fep/src/branch/main/fep/61cf/fep-61cf.md

    Invented in 2018 by Mike Macgirvin for Zap (Zot6 development platform; discontinued 2022). Backported to Hubzilla in 2020. Full server-side and client-side implementation only in Hubzilla (based on Zot6, also supports ActivityPub etc.), (streams) (based on Nomad, also supports Zot6 and ActivityPub) and Forte (based on ActivityPub). Friendica has a client-side implementation. Mastodon has a client-side implementation pull request that has to be merged eventually.

    CC: @Laurens Hof

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Zap #Streams #(streams) #Forte #Zot #Zot6 #Nomad #ActivityPub #FEP #FEP_ef61 #FEP_61cf #DecentralizedIdentity #NomadicIdentity #OpenWebAuth #SingleSignOn
  22. @Strypey A few more details:

    * FEP-ef61: Portable Objects

    https://codeberg.org/fediverse/fep/src/branch/main/fep/ef61/fep-ef61.md

    Invented in, I think, 2023 by @silverpill for Mitra (based on ActivityPub). Currently implemented there and in @Mike Macgirvin ?️'s streams repository and Forte. Part of the plan to introduce almost Nomad-level, but cross-project nomadic identity to ActivityPub.

    * FEP-61cf: The OpenWebAuth Protocol

    https://codeberg.org/fediverse/fep/src/branch/main/fep/61cf/fep-61cf.md

    Invented in 2018 by Mike Macgirvin for Zap (Zot6 development platform; discontinued 2022). Backported to Hubzilla in 2020. Full server-side and client-side implementation only in Hubzilla (based on Zot6, also supports ActivityPub etc.), (streams) (based on Nomad, also supports Zot6 and ActivityPub) and Forte (based on ActivityPub). Friendica has a client-side implementation. Mastodon has a client-side implementation pull request that has to be merged eventually.

    CC: @Laurens Hof

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Zap #Streams #(streams) #Forte #Zot #Zot6 #Nomad #ActivityPub #FEP #FEP_ef61 #FEP_61cf #DecentralizedIdentity #NomadicIdentity #OpenWebAuth #SingleSignOn
  23. @Strypey A few more details:

    * FEP-ef61: Portable Objects

    https://codeberg.org/fediverse/fep/src/branch/main/fep/ef61/fep-ef61.md

    Invented in, I think, 2023 by @silverpill for Mitra (based on ActivityPub). Currently implemented there and in @Mike Macgirvin ?️'s streams repository and Forte. Part of the plan to introduce almost Nomad-level, but cross-project nomadic identity to ActivityPub.

    * FEP-61cf: The OpenWebAuth Protocol

    https://codeberg.org/fediverse/fep/src/branch/main/fep/61cf/fep-61cf.md

    Invented in 2018 by Mike Macgirvin for Zap (Zot6 development platform; discontinued 2022). Backported to Hubzilla in 2020. Full server-side and client-side implementation only in Hubzilla (based on Zot6, also supports ActivityPub etc.), (streams) (based on Nomad, also supports Zot6 and ActivityPub) and Forte (based on ActivityPub). Friendica has a client-side implementation. Mastodon has a client-side implementation pull request that has to be merged eventually.

    CC: @Laurens Hof

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Zap #Streams #(streams) #Forte #Zot #Zot6 #Nomad #ActivityPub #FEP #FEP_ef61 #FEP_61cf #DecentralizedIdentity #NomadicIdentity #OpenWebAuth #SingleSignOn
  24. @Strypey A few more details:

    * FEP-ef61: Portable Objects

    https://codeberg.org/fediverse/fep/src/branch/main/fep/ef61/fep-ef61.md

    Invented in, I think, 2023 by @silverpill for Mitra (based on ActivityPub). Currently implemented there and in @Mike Macgirvin ?️'s streams repository and Forte. Part of the plan to introduce almost Nomad-level, but cross-project nomadic identity to ActivityPub.

    * FEP-61cf: The OpenWebAuth Protocol

    https://codeberg.org/fediverse/fep/src/branch/main/fep/61cf/fep-61cf.md

    Invented in 2018 by Mike Macgirvin for Zap (Zot6 development platform; discontinued 2022). Backported to Hubzilla in 2020. Full server-side and client-side implementation only in Hubzilla (based on Zot6, also supports ActivityPub etc.), (streams) (based on Nomad, also supports Zot6 and ActivityPub) and Forte (based on ActivityPub). Friendica has a client-side implementation. Mastodon has a client-side implementation pull request that has to be merged eventually.

    CC: @Laurens Hof

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Friendica #Hubzilla #Zap #Streams #(streams) #Forte #Zot #Zot6 #Nomad #ActivityPub #FEP #FEP_ef61 #FEP_61cf #DecentralizedIdentity #NomadicIdentity #OpenWebAuth #SingleSignOn
  25. @Bryan Redeagle
    I found a really cool one called Zot that had cross site authentication, which made privacy settings really interesting and useful. Unfortunately, the developer took down all of the drive and instead created a reference application called (streams), the parenthesis are correct. (streams) has no good info or documentation. You have to read the code to figure it out.


    A few corrections. Source: I've been using that stuff since before Mastodon was hot. Oh, and this is going to be long.

    First of all, the creator, @Mike Macgirvin 🖥️, not only created the Zot protocol, but also a reference implementation at the same time. As in 2012. The reference implementation was named Red and a fork of his very own Friendica from 2010. Since Red turned out to be a not-so-good name, it was renamed Red Matrix. And as it didn't really take off, it was redesigned and renamed into Hubzilla in 2015. Hubzilla still exists today. I'm using it right now.

    Mike kept advancing the Zot protocol further and further with a whole string of forks and forks of forks and so forth. Zot6 matured with Zap around 2019 and brought OpenWebAuth magic single sign-on with itself. Both were backported to Hubzilla, which has been maintained by someone else since 2018, in 2010.

    Zot's killer feature is not OpenWebAuth magic single sign-on, though. It's nomadic identity. The very thing it was designed for.

    In 2021, Zot11 was reached, but it had advanced so far that it was no longer compatible with Zot6, so it was renamed to Nomad. Today's Nomad would be Zot12.

    (streams) is only a semi-official name, given to it by the community, based on the name of the code repository. Officially, the application is not a project, it is intentionally nameless (no, I'm not kidding, this thing has no name), it is intentionally devoid of any traces of a brand identity, it intentionally had almost all nodeinfo code removed, and it was intentionally released into the public domain.

    As (streams) is not a branded product, it does not have a website either.

    The reason why it doesn't have any documentation is another one: The documentation it had was painfully outdated. It was basically handed on from fork to fork to fork and never touched. Parts of it have remained untouched since before Osada and Zap were forked from Hubzilla, and that was in 2018. Other parts still speak of Red, and that name ceased to exist in 2012. I know because Hubzilla's current documentation is every bit as old.

    Hubzilla is right now having its entire documentation re-written from scratch in German and English by a community member.

    For (streams), however, the only solution was to rip the whole documentation out because no documentation was deemed better than one that's so outdated it's useless.

    It was considered not so bad for as long as how few people a) learned about (streams) and b) figured out how to find an open-registration instance of something that has neither third-party instance lists nor a unified instance identifier actually joined (streams). After all, they all came from Hubzilla, so they could figure out most themselves.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Zot #Zot6 #Nomad #Hubzilla #Streams #(streams) #NomadicIdentity #SingleSignOn #OpenWebAuth
  26. @Bryan Redeagle
    I found a really cool one called Zot that had cross site authentication, which made privacy settings really interesting and useful. Unfortunately, the developer took down all of the drive and instead created a reference application called (streams), the parenthesis are correct. (streams) has no good info or documentation. You have to read the code to figure it out.


    A few corrections. Source: I've been using that stuff since before Mastodon was hot. Oh, and this is going to be long.

    First of all, the creator, @Mike Macgirvin 🖥️, not only created the Zot protocol, but also a reference implementation at the same time. As in 2012. The reference implementation was named Red and a fork of his very own Friendica from 2010. Since Red turned out to be a not-so-good name, it was renamed Red Matrix. And as it didn't really take off, it was redesigned and renamed into Hubzilla in 2015. Hubzilla still exists today. I'm using it right now.

    Mike kept advancing the Zot protocol further and further with a whole string of forks and forks of forks and so forth. Zot6 matured with Zap around 2019 and brought OpenWebAuth magic single sign-on with itself. Both were backported to Hubzilla, which has been maintained by someone else since 2018, in 2010.

    Zot's killer feature is not OpenWebAuth magic single sign-on, though. It's nomadic identity. The very thing it was designed for.

    In 2021, Zot11 was reached, but it had advanced so far that it was no longer compatible with Zot6, so it was renamed to Nomad. Today's Nomad would be Zot12.

    (streams) is only a semi-official name, given to it by the community, based on the name of the code repository. Officially, the application is not a project, it is intentionally nameless (no, I'm not kidding, this thing has no name), it is intentionally devoid of any traces of a brand identity, it intentionally had almost all nodeinfo code removed, and it was intentionally released into the public domain.

    As (streams) is not a branded product, it does not have a website either.

    The reason why it doesn't have any documentation is another one: The documentation it had was painfully outdated. It was basically handed on from fork to fork to fork and never touched. Parts of it have remained untouched since before Osada and Zap were forked from Hubzilla, and that was in 2018. Other parts still speak of Red, and that name ceased to exist in 2012. I know because Hubzilla's current documentation is every bit as old.

    Hubzilla is right now having its entire documentation re-written from scratch in German and English by a community member.

    For (streams), however, the only solution was to rip the whole documentation out because no documentation was deemed better than one that's so outdated it's useless.

    It was considered not so bad for as long as how few people a) learned about (streams) and b) figured out how to find an open-registration instance of something that has neither third-party instance lists nor a unified instance identifier actually joined (streams). After all, they all came from Hubzilla, so they could figure out most themselves.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Zot #Zot6 #Nomad #Hubzilla #Streams #(streams) #NomadicIdentity #SingleSignOn #OpenWebAuth
  27. @Bryan Redeagle
    I found a really cool one called Zot that had cross site authentication, which made privacy settings really interesting and useful. Unfortunately, the developer took down all of the drive and instead created a reference application called (streams), the parenthesis are correct. (streams) has no good info or documentation. You have to read the code to figure it out.


    A few corrections. Source: I've been using that stuff since before Mastodon was hot. Oh, and this is going to be long.

    First of all, the creator, @Mike Macgirvin 🖥️, not only created the Zot protocol, but also a reference implementation at the same time. As in 2012. The reference implementation was named Red and a fork of his very own Friendica from 2010. Since Red turned out to be a not-so-good name, it was renamed Red Matrix. And as it didn't really take off, it was redesigned and renamed into Hubzilla in 2015. Hubzilla still exists today. I'm using it right now.

    Mike kept advancing the Zot protocol further and further with a whole string of forks and forks of forks and so forth. Zot6 matured with Zap around 2019 and brought OpenWebAuth magic single sign-on with itself. Both were backported to Hubzilla, which has been maintained by someone else since 2018, in 2010.

    Zot's killer feature is not OpenWebAuth magic single sign-on, though. It's nomadic identity. The very thing it was designed for.

    In 2021, Zot11 was reached, but it had advanced so far that it was no longer compatible with Zot6, so it was renamed to Nomad. Today's Nomad would be Zot12.

    (streams) is only a semi-official name, given to it by the community, based on the name of the code repository. Officially, the application is not a project, it is intentionally nameless (no, I'm not kidding, this thing has no name), it is intentionally devoid of any traces of a brand identity, it intentionally had almost all nodeinfo code removed, and it was intentionally released into the public domain.

    As (streams) is not a branded product, it does not have a website either.

    The reason why it doesn't have any documentation is another one: The documentation it had was painfully outdated. It was basically handed on from fork to fork to fork and never touched. Parts of it have remained untouched since before Osada and Zap were forked from Hubzilla, and that was in 2018. Other parts still speak of Red, and that name ceased to exist in 2012. I know because Hubzilla's current documentation is every bit as old.

    Hubzilla is right now having its entire documentation re-written from scratch in German and English by a community member.

    For (streams), however, the only solution was to rip the whole documentation out because no documentation was deemed better than one that's so outdated it's useless.

    It was considered not so bad for as long as how few people a) learned about (streams) and b) figured out how to find an open-registration instance of something that has neither third-party instance lists nor a unified instance identifier actually joined (streams). After all, they all came from Hubzilla, so they could figure out most themselves.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Zot #Zot6 #Nomad #Hubzilla #Streams #(streams) #NomadicIdentity #SingleSignOn #OpenWebAuth
  28. @Bryan Redeagle
    I found a really cool one called Zot that had cross site authentication, which made privacy settings really interesting and useful. Unfortunately, the developer took down all of the drive and instead created a reference application called (streams), the parenthesis are correct. (streams) has no good info or documentation. You have to read the code to figure it out.


    A few corrections. Source: I've been using that stuff since before Mastodon was hot. Oh, and this is going to be long.

    First of all, the creator, @Mike Macgirvin 🖥️, not only created the Zot protocol, but also a reference implementation at the same time. As in 2012. The reference implementation was named Red and a fork of his very own Friendica from 2010. Since Red turned out to be a not-so-good name, it was renamed Red Matrix. And as it didn't really take off, it was redesigned and renamed into Hubzilla in 2015. Hubzilla still exists today. I'm using it right now.

    Mike kept advancing the Zot protocol further and further with a whole string of forks and forks of forks and so forth. Zot6 matured with Zap around 2019 and brought OpenWebAuth magic single sign-on with itself. Both were backported to Hubzilla, which has been maintained by someone else since 2018, in 2010.

    Zot's killer feature is not OpenWebAuth magic single sign-on, though. It's nomadic identity. The very thing it was designed for.

    In 2021, Zot11 was reached, but it had advanced so far that it was no longer compatible with Zot6, so it was renamed to Nomad. Today's Nomad would be Zot12.

    (streams) is only a semi-official name, given to it by the community, based on the name of the code repository. Officially, the application is not a project, it is intentionally nameless (no, I'm not kidding, this thing has no name), it is intentionally devoid of any traces of a brand identity, it intentionally had almost all nodeinfo code removed, and it was intentionally released into the public domain.

    As (streams) is not a branded product, it does not have a website either.

    The reason why it doesn't have any documentation is another one: The documentation it had was painfully outdated. It was basically handed on from fork to fork to fork and never touched. Parts of it have remained untouched since before Osada and Zap were forked from Hubzilla, and that was in 2018. Other parts still speak of Red, and that name ceased to exist in 2012. I know because Hubzilla's current documentation is every bit as old.

    Hubzilla is right now having its entire documentation re-written from scratch in German and English by a community member.

    For (streams), however, the only solution was to rip the whole documentation out because no documentation was deemed better than one that's so outdated it's useless.

    It was considered not so bad for as long as how few people a) learned about (streams) and b) figured out how to find an open-registration instance of something that has neither third-party instance lists nor a unified instance identifier actually joined (streams). After all, they all came from Hubzilla, so they could figure out most themselves.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Zot #Zot6 #Nomad #Hubzilla #Streams #(streams) #NomadicIdentity #SingleSignOn #OpenWebAuth
  29. Anyone interested in single sign-on / #SSO? Want a new toy to play with? I've been experimenting with it recently, and now I've got something to share: an experimental demo of how a "Sign in with the Fediverse" mechanism might work.

    If you have a Mastodon or Hubzilla account, or an IndieAuth-style self-hosted identity, I'd like to invite you to try and sign in to my test site at login.mythik.co.uk.

    Headline features:
    • User authentication/authorization based on the Ory tools.
    • Supports signing in using an existing Fediverse (or other) account - or one you host yourself
    • Open source - well, not yet, but it could be, if people are interested in it
    • Written by a non-expert! Woefully insecure! All manner of attacks, just waiting to be found! Invite your security expert friends to the party, and laugh together at the n00b! Fun for all the family!

    Supported identity providers include:

    (There's a chance Streams might work, too.)

    Protocols supported:

    If you can get it to work - share a screenshot and let me know what you think!

    (I'll try to keep this running for a while, but I can't guarantee it - partly because I haven't finished trying to attack it yet. If I have to take it down for some reason, I'll edit this post to say so.)
  30. Anyone interested in single sign-on / #SSO? Want a new toy to play with? I've been experimenting with it recently, and now I've got something to share: an experimental demo of how a "Sign in with the Fediverse" mechanism might work.

    If you have a Mastodon or Hubzilla account, or an IndieAuth-style self-hosted identity, I'd like to invite you to try and sign in to my test site at login.mythik.co.uk.

    Headline features:
    • User authentication/authorization based on the Ory tools.
    • Supports signing in using an existing Fediverse (or other) account - or one you host yourself
    • Open source - well, not yet, but it could be, if people are interested in it
    • Written by a non-expert! Woefully insecure! All manner of attacks, just waiting to be found! Invite your security expert friends to the party, and laugh together at the n00b! Fun for all the family!

    Supported identity providers include:

    (There's a chance Streams might work, too.)

    Protocols supported:

    If you can get it to work - share a screenshot and let me know what you think!

    (I'll try to keep this running for a while, but I can't guarantee it - partly because I haven't finished trying to attack it yet. If I have to take it down for some reason, I'll edit this post to say so.)
  31. Anyone interested in single sign-on / #SSO? Want a new toy to play with? I've been experimenting with it recently, and now I've got something to share: an experimental demo of how a "Sign in with the Fediverse" mechanism might work.

    If you have a Mastodon or Hubzilla account, or an IndieAuth-style self-hosted identity, I'd like to invite you to try and sign in to my test site at login.mythik.co.uk.

    Headline features:
    • User authentication/authorization based on the Ory tools.
    • Supports signing in using an existing Fediverse (or other) account - or one you host yourself
    • Open source - well, not yet, but it could be, if people are interested in it
    • Written by a non-expert! Woefully insecure! All manner of attacks, just waiting to be found! Invite your security expert friends to the party, and laugh together at the n00b! Fun for all the family!

    Supported identity providers include:

    (There's a chance Streams might work, too.)

    Protocols supported:

    If you can get it to work - share a screenshot and let me know what you think!

    (I'll try to keep this running for a while, but I can't guarantee it - partly because I haven't finished trying to attack it yet. If I have to take it down for some reason, I'll edit this post to say so.)
  32. @Johannes Ernst
    same account for multiple instances

    This in its pure, nomadic form and with proven stability is only available on Hubzilla and (streams) anyway.

    They're also the only ones whose instances can detect off-site users' logins and grant them rights that other visitors don't have, provided said off-site users are on either of the two or Friendica. All thanks to OpenWebAuth.

    @Mike Macgirvin 🖥️, creator of all three and maintainer of the streams repository, is currently working on implementing nomadic identity and (streams)' set of permissions using nothing but ActivityPub so it can become available to everything else in the Fediverse as well.

    share to fediverse

    I'm not quite sure, but I think @Stefan Bohacek or someone who commented on one of his posts has figured out how to share at least to Hubzilla.

    However, actual share buttons are all geared only towards Mastodon and hit-and-miss at best when it comes to anything else. The less something is like Mastodon, the less they work with it.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #NomadicIdentity #OpenWebAuth #Friendica #Hubzilla #Streams #(streams) #ShareButton #ShareButtons
  33. @Johannes Ernst
    same account for multiple instances

    This in its pure, nomadic form and with proven stability is only available on Hubzilla and (streams) anyway.

    They're also the only ones whose instances can detect off-site users' logins and grant them rights that other visitors don't have, provided said off-site users are on either of the two or Friendica. All thanks to OpenWebAuth.

    @Mike Macgirvin 🖥️, creator of all three and maintainer of the streams repository, is currently working on implementing nomadic identity and (streams)' set of permissions using nothing but ActivityPub so it can become available to everything else in the Fediverse as well.

    share to fediverse

    I'm not quite sure, but I think @Stefan Bohacek or someone who commented on one of his posts has figured out how to share at least to Hubzilla.

    However, actual share buttons are all geared only towards Mastodon and hit-and-miss at best when it comes to anything else. The less something is like Mastodon, the less they work with it.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #NomadicIdentity #OpenWebAuth #Friendica #Hubzilla #Streams #(streams) #ShareButton #ShareButtons
  34. @Johannes Ernst
    same account for multiple instances

    This in its pure, nomadic form and with proven stability is only available on Hubzilla and (streams) anyway.

    They're also the only ones whose instances can detect off-site users' logins and grant them rights that other visitors don't have, provided said off-site users are on either of the two or Friendica. All thanks to OpenWebAuth.

    @Mike Macgirvin 🖥️, creator of all three and maintainer of the streams repository, is currently working on implementing nomadic identity and (streams)' set of permissions using nothing but ActivityPub so it can become available to everything else in the Fediverse as well.

    share to fediverse

    I'm not quite sure, but I think @Stefan Bohacek or someone who commented on one of his posts has figured out how to share at least to Hubzilla.

    However, actual share buttons are all geared only towards Mastodon and hit-and-miss at best when it comes to anything else. The less something is like Mastodon, the less they work with it.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #NomadicIdentity #OpenWebAuth #Friendica #Hubzilla #Streams #(streams) #ShareButton #ShareButtons
  35. @Johannes Ernst
    same account for multiple instances

    This in its pure, nomadic form and with proven stability is only available on Hubzilla and (streams) anyway.

    They're also the only ones whose instances can detect off-site users' logins and grant them rights that other visitors don't have, provided said off-site users are on either of the two or Friendica. All thanks to OpenWebAuth.

    @Mike Macgirvin 🖥️, creator of all three and maintainer of the streams repository, is currently working on implementing nomadic identity and (streams)' set of permissions using nothing but ActivityPub so it can become available to everything else in the Fediverse as well.

    share to fediverse

    I'm not quite sure, but I think @Stefan Bohacek or someone who commented on one of his posts has figured out how to share at least to Hubzilla.

    However, actual share buttons are all geared only towards Mastodon and hit-and-miss at best when it comes to anything else. The less something is like Mastodon, the less they work with it.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #NomadicIdentity #OpenWebAuth #Friendica #Hubzilla #Streams #(streams) #ShareButton #ShareButtons
  36. @Johannes Ernst
    same account for multiple instances

    This in its pure, nomadic form and with proven stability is only available on Hubzilla and (streams) anyway.

    They're also the only ones whose instances can detect off-site users' logins and grant them rights that other visitors don't have, provided said off-site users are on either of the two or Friendica. All thanks to OpenWebAuth.

    @Mike Macgirvin 🖥️, creator of all three and maintainer of the streams repository, is currently working on implementing nomadic identity and (streams)' set of permissions using nothing but ActivityPub so it can become available to everything else in the Fediverse as well.

    share to fediverse

    I'm not quite sure, but I think @Stefan Bohacek or someone who commented on one of his posts has figured out how to share at least to Hubzilla.

    However, actual share buttons are all geared only towards Mastodon and hit-and-miss at best when it comes to anything else. The less something is like Mastodon, the less they work with it.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #NomadicIdentity #OpenWebAuth #Friendica #Hubzilla #Streams #(streams) #ShareButton #ShareButtons
  37. @jalcine Hi. Cold-calling to say your blog about domain name dependence [1] in #Indieweb sounded like it was solved by #Hubzilla / #Streams, and I was pleased to see it was already considered! [2]

    FWIW, they addresses the concerns about #OpenWebAuth in the Streams forum
    fediversity.site/channel/strea

    [1] jacky.wtf/essays/2024/question
    [2] indieweb.org/OpenWebAuth

  38. I just learned about #nomadicIdentities and how #openwebauth can solve the biggest gripe I have with the #fediverse: remote content I want to interact with. wedistribute.org/2024/03/activ

  39. I just learned about #nomadicIdentities and how #openwebauth can solve the biggest gripe I have with the #fediverse: remote content I want to interact with. wedistribute.org/2024/03/activ

  40. I just learned about #nomadicIdentities and how #openwebauth can solve the biggest gripe I have with the #fediverse: remote content I want to interact with. wedistribute.org/2024/03/activ

  41. I just learned about #nomadicIdentities and how #openwebauth can solve the biggest gripe I have with the #fediverse: remote content I want to interact with. wedistribute.org/2024/03/activ

  42. I just learned about #nomadicIdentities and how #openwebauth can solve the biggest gripe I have with the #fediverse: remote content I want to interact with. wedistribute.org/2024/03/activ

  43. #NomadicIdentity: "#OpenWebAuth used to be called #MagicAuth, because of how seamless the experience is...you can jump from one part of the #Fediverse to another, & your permissions will be granted automatically: your browser accesses a token inside of a cookie. That token references your #DigitalIdentity in the Fediverse, verifies it, and a handshake is performed. Afterwards, anything you were given permission to access unlocks & becomes visible on the page."
    wedistribute.org/2024/03/activ

  44. A good post from @We Distribute on both Open Web Auth and Nomadic Identities, why they are important to the fediverse, and work that's being done to implement it on top of ActivityPub:

    #^Oh, Zot! Nomadic Identity is Coming to ActivityPub



    One of the Zot's most powerful concepts for identity management and remote access is being ported to work on ActivityPub. It could change the Fediverse.


    #OpenWebAuth #NomadicIdentities #fediverse #identity #OwnYourData
  45. A good post from @We Distribute on both Open Web Auth and Nomadic Identities, why they are important to the fediverse, and work that's being done to implement it on top of ActivityPub:

    #^Oh, Zot! Nomadic Identity is Coming to ActivityPub



    One of the Zot's most powerful concepts for identity management and remote access is being ported to work on ActivityPub. It could change the Fediverse.


    #OpenWebAuth #NomadicIdentities #fediverse #identity #OwnYourData
  46. A good post from @We Distribute on both Open Web Auth and Nomadic Identities, why they are important to the fediverse, and work that's being done to implement it on top of ActivityPub:

    #^Oh, Zot! Nomadic Identity is Coming to ActivityPub



    One of the Zot's most powerful concepts for identity management and remote access is being ported to work on ActivityPub. It could change the Fediverse.


    #OpenWebAuth #NomadicIdentities #fediverse #identity #OwnYourData
  47. A good post from @We Distribute on both Open Web Auth and Nomadic Identities, why they are important to the fediverse, and work that's being done to implement it on top of ActivityPub:

    #^Oh, Zot! Nomadic Identity is Coming to ActivityPub



    One of the Zot's most powerful concepts for identity management and remote access is being ported to work on ActivityPub. It could change the Fediverse.


    #OpenWebAuth #NomadicIdentities #fediverse #identity #OwnYourData
  48. tl;dr: Hubzilla has had at least some of this for over a decade now. And it won't replace any of it with a new standard tailor-made for Mastodon.

    @silverpill If you look past projects based on ActivityPub and at projects that have ActivityPub as an additional protocol, some of this already exists.

    - Data portability. In my opinion, this is the most important problem. I'm in favor of FEP-ef61, which also solves identity portability and unlocks many new features.

    Exists in the shape of nomadic identity. Invented by @Mike Macgirvin 🖥️ in 2011 with his Zot protocol and first deplayed in 2012 with the Red Matrix, nowadays known as Hubzilla. Also available on (streams), Mike's current project at the end of a string of forks from Hubzilla, now based on the Nomad protocol.

    Mike would like to see nomadic identity and other special features of the Zot and Nomad protocols included in the ActivityPub protocol. He has actually submitted a number of proposals for this. They were all rejected. Even though he is a protocol developer first and foremost, and he has both created and worked on more Fediverse protocols than anyone else, so he should be considered competent.

    Nomadic identity with ActivityPub won't come unless either Evan Prodromou and the W3C commission cave in and allow Mike's suggestions, or someone re-invents the wheel from scratch in a way that's utterly incompatible to Hubzilla and (streams). And it won't come to Mastodon unless Eugen Rochko can imply that Mastodon has had it first.

    And there will never be a nomadic identity standard that meets Mike's requirements as well as Eugen's wishes.

    - End-to-end encryption. MLS has become a standard, and it would be wise to adopt it. Issue 3 at fediverse-ideas provides a good overview of what we have at the moment (not much). Some variation of FEP-ae97 is likely needed to make end-to-end encryption work.

    AFAIK, all three of Mike's still existing projects, Friendica from 2010, Hubzilla from 2012/2015 and (streams) from 2021, have it. Optionally, but still. I think Friendica actually advertises military-grade encryption.

    - Plugins. Something like Pleroma MRF, but cross-platform (e.g. Wasm-based). Also, pluggable timeline algorithms.

    Friendica, Hubzilla and (streams) have had support for add-ons, including third-party add-ons, plus a number of official add-ons since their respective inceptions. If you want a cross-platform add-on standard, I hope you don't expect these three to throw their own standards over board in favour of the new standard. Otherwise, good luck developing a replacement for Pubcrawl that makes Zot-based Hubzilla compatible with ActivityPub while working on ActivityPub-based Mastodon just the same. Friendica, Hubzilla and (streams) rely on add-ons for all federation beyond their respective base protocols (DFRN, Zot, Nomad).

    - Groups. We have several competing standards for groups: FEP-1b12, FEP-400e, Mastodon developers are working on their own standard. It would be nice to converge on a single standard, that also supports private groups.

    Friendica, Hubzilla and (streams) have had support for discussion groups/forums since their respective inception. On Friendica, a group is a user account with special settings; on Hubzilla and (streams), it's a channel with special settings. In addition, especially Hubzilla and (streams) have access permission control on a level that most people for whom the Fediverse is only ActivityPub couldn't imagine in their wildest dreams. All three can be used by users from all over the Fediverse already now.

    Good luck forcing Friendica to give up its 13-year-old standard that's used by Fediverse News, just to name one, and Hubzilla to give up its 11-year-old standard that blows everything else but what (streams) does out of the water. Good luck forcing them to adopt something inferior.

    On the other hand, good luck forcing Lemmy and /kbin to switch to a wholly different standard. Don't forget that these two exist as well. And good luck having the Fediverse outside of Hubzilla and (streams) adopt both server-side and client-side OpenWebAuth.

    And I'm not even talking about how different Fediverse projects handle threads differently. Mastodon has a Twitter-like thread structure: many posts, tied together with mentiones. Just about everything that's built on ActivityPub has taken this over. Friendica, Hubzilla and (streams) have a Facebook/blog/Tumblr-like thread structure: one post, the start post, and many comments which aren't posts. It's similar on Lemmy and /kbin which are Reddit clones, only that they don't allow thread starters to moderate their own threads.

    - Quoting. FEP-e232 is a proposed standard, but most fediverse applications still use non-standard properties. Mastodon developers are trying to invent something completely different.

    This is something that almost the whole Fediverse has implemented, save for Mastodon.

    And again, Friendica has had quotes since its inception in 2010, almost six years before Mastodon was launched (which, by the way, federated with Friendica and Hubzilla on the spot). Hubzilla has had quotes since 2012, inherited from Friendica. Their way of quoting is dead-simple: BBcode. [quote][/quote] (streams) supports Markdown and HTML in addition to BBcode, but otherwise it's the same.

    Oh, and by the way: Friendica, Hubzilla and (streams) have also supported quote-posts a.k.a. quote-tweets a.k.a. quote-toots a.k.a. quote-boosts from their very beginnings.

    - Markets. So far there's only one server implementation capable of processing payments.

    At least two. Hubzilla has a payment add-on, too. It isn't installed on all hubs, but it's there.

    #Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #CWFedisplaining #Fediverse #Mastodon #MastodonIsNotTheFediverse #NotOnlyMastodon #ActivityPub #Friendica #DFRN #Hubzilla #Zot #Streams #(streams) #Nomad #Lemmy #kbin #/kbin #NomadicIdentity #OpenWebAuth #Group #Groups #Forum #Forums #Quote #Quotes #Encryption #E2EE #E2EEncryption
  49. @maegul @Johannes Ernst To be fair, something like "mobile identity" already exists. In the Fediverse. Not as an experimental proof-of-concept, but in stable daily use for longer than Mastodon has even been around.

    It's called "nomadic identity". It was created by @Mike Macgirvin 🖥️ in 2011 with his Zot protocol and first implemented by himself in 2012 in the Red Matrix which became Hubzilla in 2015. It's also part of the Nomad protocol, a successor of Zot, upon which Mike's latest creations commonly referred to as (streams) is based.

    Nomadic identity allows you to have your channel (similar to what an account is just about everywhere else) on multiple server instances at the same time. Not backup-like static copies, but identical clones which are being kept in sync in near-real-time.

    In case any of you don't know yet: Both can use ActivityPub as well, and they're federated with Mastodon. I'm actually writing this from a Hubzilla channel that has one spare clone.

    Also, both Hubzilla and (streams) have bidirectional support for another creation of Mike's, a single-sign-on system named OpenWebAuth which automatically recognises your login on compatible instances.

    The obvious catch is that neither of these features are available anywhere else, at least not to this extent. Hubzilla and (streams) are the only nomadic federated server applications, and they're also the only ones that with server-side OpenWebAuth support which means that they can recognise OpenWebAuth logins from elsewhere.

    And it's safe to say that what doesn't exist on Mastodon may be seen as non-existent in the Fediverse altogether.

    CC: @Ben Pate 🤘 @Laurens Hof @Vicki Boykis

    #Long #LongPost #CWLong #CWLongPost #Fediverse #NomadicIdentity #OpenWebAuth #Hubzilla #Streams
  50. CW: Optimised i18n in my Hubzilla channel profile; CW: long (over 1,100 characters)
    Until today, I used [observer.language=] tags in my profile to make it bilingual. German-speaking visitors would see it in German, everyone else would see it in English. Obviously, this would only work for visitors authenticated by OpenWebAuth at most.

    But then I saw the side-effects. Mastodon showed my German self-description, and Fediverse.info still does. That was because I put German first and non-German last. So I switched them around. Earlier today, it turned out that Mastodon didn't show any self-description anymore.

    So what I did instead was create a second profile in German, make the main profile English only and assign the German profile to all my German connections. Including those on Friendica, just to see if OpenWebAuth has the desired effect on them. And including everyone else, also to see what OpenWebAuth will do once Mastodon adopts it.

    It actually makes sense for me to only put my English profile up front since I mostly write in English.

    Now I'm waiting for Fediverse.info to re-scan my channel and upgrade their info about me.

    #Hubzilla #Fediverse #Mastodon #Friendica #OpenWebAuth #FediverseInfo