Nomadic Identity is a concept pioneered by Mike Macgirvin, a longtime builder in the Fediverse. If you’ve ever used Friendica, Hubzilla, or Streams, you’ve used software written by this guy.
Got Zot — Mike Macgirvin on building your own apps and protocols
An interview with the brilliant mind behind the Zot protocol, MagicAuth, and Nomadic Identity.
One of the big problems in federated social systems involves permissions, identity, and data. We can sum this up in three parts:- Permission Management – If I visit a friend’s site to interact with something, there typically isn’t a way for me to do anything while I’m over there. I have to go back to my server.
Identity Management – Okay, I have a way to validate that I’m really me. What do I have as a fallback if that fails?
Data Portability – What happens to my stuff if my server goes down? Can I move to another servers and get my statuses, messages, and interactions back? Could I even just do it temporarily, to keep my followers, while my server gets sorted out?
From the end user’s side of the house, everything boils down to how their identities are coupled to their instances. ActivityPub-based systems like Mastodon do a pretty decent job with letting people migrate from one server to another, letting users pull in remote statuses from a URL, and letting users decide who is allowed to see or reply to their posts. It’s a far better situation than what came before ActivityPub.
At the end of the day, though, what is currently provided in the ActivityPub side of the network is somewhat limited, compared to what the Zot protocol brings to the table with Nomadic Identity. Let’s dive into the three different components: OpenWebAuth, Channel Relays, and Data Migration.
OpenWebAuth
OpenWebAuth used to be called “Magic Auth”, because of how seamless the experience is. Instead of only being able to manage things from your social dashboard, you can jump from one part of the Fediverse to another, and your permissions will be granted automatically. It all happens in the browser.
The way this works is relatively simple: your browser accesses a token inside of a cookie. That token references your Digital Identity in the Fediverse, verifies it, and a handshake is performed. Afterwards, anything you were given permission to access unlocks and becomes visible on the page.
A really old video of Hubzilla doing it. I’m navigating from my site to Andrew’s.
OpenWebAuth solves one of the most frustrating UX problems the Fediverse currently has: dealing with remote content that you discovered somewhere else.
Channel Relays
Channel Relays are the second major piece of the puzzle here. Using a common ID, you can associate separate accounts across the network with one another. Each relay is verified through an Authorization process, and then each relay is tethered to one another like so:
Using your credentials, you can log into any one of these three relays, and post to your followers. If the server my work account is on suddenly goes down, I can still log in to my family account or blog, and keep interacting like nothing happened. I’m still in contact with my followers, and if I want, my relay accounts can replicate statuses posted from elsewhere.
A few clear benefits emerge from this:- Network Resilience
Censorship Resistance
Ease of Migration
In fact, this mechanism is so good, it feeds directly into the next use-case: Data Migration.
Data Migration
So, we already have two pieces: multiple identities can be connected together across a network, logging into one can allow you to post from another, and a person can decide, at any time, which account will serve as their primary.
Because all of these things are set up, the act of moving your stuff becomes relatively trivial. All of your accounts are aware of each other. If you switch to a new primary, you can trigger an update to all of your existing conversation threads and comments to switch the author, and replicate the data on your end. Thanks to the way that Nomadic Identity is set up, those verified parts of your identity can perform those kinds of actions, whereas no other account can.
Why is This Important?
As we continue to think about how to further develop the Fediverse and give people more robust tools capable of doing more things, we have to consider the plumbing that holds it all together. Identity Management is one of those pieces of plumbing that’s surprisingly shaky, and requires serious consideration.
Digital Identities aren’t something unique to the fediverse and it’s not something Mastodon could stop if they wanted to. Nomadic identity is coming to the internet. The only question is who is going to own your identity. VISA/Mastercard, your government, Google, Microsoft, or you.
Mike Macgirvin
As Threads, Tumblr, and other big social networks come into the space, developers need to think about the stakes. The user migration flow is decent for moving from one server to another, but it’s relatively brittle, and currently only updates a reference from one account to another. The network lacks meaningful ways for people to pull their posts, messages, and media from the place they left.
The biggest takeaway here is that these are mature, time-tested mechanisms that could add extra layers of user agency and control to the Fediverse.
Mike Macgirvin, the long-time developer that brought us #Friendica, #Hubzilla, #Streams, and the #Zot protocol, is bringing his most powerful concept to the rest of the #Fediverse: Nomadic Identity.
"Meta's fediverses", federating with Meta to allow communications, potentially using services from Meta such as automated moderation or ad targeting, and potentially harvesting data on Meta's behalf.
"free fediverses" that reject Meta – and surveillance capitalism more generally
The free fediverses have a lot of advantages over Meta and Meta's fediverses, some of which will be very hard to counter, and clearly have enough critical mass that they'll be just fine.
Here's a set of strategies for the free fediverses to provide a viable alternative to surveillance capitalism. They build on the strengths of today's fediverse at its best – including natural advantages the free fediverses have that Threads and Meta's fediverses will having a very hard time countering – but also are hopefully candid about weaknesses that need to be addressed. It's a long list, so I'll be spreading out over multiple posts; this post currently goes into detail on the first two.
Opposition to Meta and surveillance capitalism is an appealing position. Highlight it!
Focus on consent (including consent-based federation), privacy, and safety
Emphasize "networked communities"
Support concentric federations of instances and communities
Consider "transitively defederating" Meta's fediverses (as well as defederating Threads)
Consider working with people and instances in Meta's fediverses (and Bluesky, Dreamwidth, and other social networks) whose goals and values align with the free fediverses'
Build a sustainable ecosystem
Prepare for Meta's (and their allies') attempts to paint the free fediverses in a bad light
Reduce the dependency on Mastodon
Prioritize accessibility, which is a huge opportunity
Commit to anti-fascist, anti-racist, anti-colonial, and pro-LGBTQIA2S+ principles, policies, practices, and norms for the free fediverses
Thank you for the optimistic PoV on the entrance of others to the #DeSoc of the Fediverse. It is an optimism that I share - especially with Matthias' announcement just an hour ago that his team behind the development of the #WordPress ActivityPub plugin has just released version 2.0.0 - considering the enormous footprint of WordPress installations across the entire Internet belonging to both common, everyday individuals and companies alike, of every shape and size, this is HUGE news.
It instantly, overnight, positions common folks and businesses to leap into the freedoms afforded them by the existing, privacy respecting, #FOSS based Fediverse that hitherto was... well, a bit of a leap for them psychologically. But now they have a familiar platform with which to begin a journey through the minefields of the deprecated, privacy mining, monolithic silos; its proprietors programming their masses of #subjugated_chattel into livestock holding pens, where they are weighed, measured, packaged, placed into inventory, and sold.
That does raise the issue of an error in your assertions however. You mentioned, "instances in Meta's fediverses and on Bluesky".
The truth however, the reality, is that each are merely a single instance - One big monolithic silo, as described above, with the same incentives of monetization through privacy mining techniques that have made them the dreadnoughts that they are; at least in the case of #Meta (Threads).
Bluesky is of that vertically scaling market as well, but much smaller than the #Faceplant and #InstaSPAM engines operated by Meta, and now their new spearhead into the DeSoc space occupied by ActivityPub and other decentralized or federated protocol based, horizontally scaling instances.
#Bluesky hasn't actually shown their hand yet to the general public, but already, they've disenfranchised (fired) much of their talent; some, actually principal architects of their monolith who were frustrated and disillusioned with the direction Jay has been taking the company - moving further and further away from the disowned public community they spawned, organized, and abandoned following the initial trials and tests of the open source preview version of what became #ATP protocol (ATX).
Even Jack has moved on and embraced yet another horizontally scaling protocol in the DeSoc space, #nostr, and it's already bridged and interoperating flawlessly with the ActivityPub powered portion of the Fediverse, which in turn interoperates with instances running other protocols such as #Nomad, #OStatus, #Streams, #Diaspora, and #ZOT... all of them part of the Fediverse.
Many of the extant #ActivityPub powered instances in the Fediverse merely need to install these capabilities with a couple of clicks to enable this interoperability, while others bridge the divide through infrastructure developed and deployed over the past year or so.
What will be Meta's use case here for their business product?
That's the main question I think folks need to address - not punish the good people on the so-called evil side of the divide, the hitherto subjugated chattel that populate Marks so-called Metaverse or whatever he thinks he can compel people to adopt and endure. The point is, childish, domain level blocking by juvenile minds operating ActivityPub powered #Fediverse server instances only serves to paint themselves (and the users who have to date trusted those admins with being told what they can and cannot see and do) into a corner where they effectively cancel themselves, and find that their users have migrated to other spaces... maybe WordPress, where they truly control their own destiny in the DeSoc space and can now fully participate and engage with others - but on their own terms, not someone else's.
And that, I believe, is what the whole thing has always been about, going back as far as #AngelFire and #GeoCities :)
I do agree with you that we should indeed embrace these common, everyday individuals who, through their programmed ignorance, are mostly clueless as to exactly what the Fediverse is, and more importantly, has always promised for them. This is an opportunity, like Steve Austin, (the Six Million Dollar Man): "We can rebuild them, we have the technology, we can make them better, stronger, faster..."
One more thing I should correct you on, the Fediverse is an internetwork of networks, on the Internet - there are no fediverses, Fediverse is itself a plurality, but your intent wasn't lost on me.
Great article, I enjoyed the read and most of all, your optimistically tempered intent. Thanks for sharing and I hope to see much more from you in the future!
#Streams galaxy
-- note 1: communication with the Fediverse is standard practice in this universe.
#Hubzilla galaxy
-- note 1: developed a way to communicate across the Mycelial Web (a.k.a. the multiverse). Can also communicate with BlueSky and diaspora.
#Friendica galaxy
-- note 1: developed a way to communicate across the Mycelial Web (a.k.a. the multiverse). Can also communicate with BlueSky and diaspora.
#X#Twitter Mycelium (closed borders; isolated; have not discovered there are other mycelium/universes besides their own)
#Tumblr Mycelium (closed borders; isolated; rumours has it their government decided against connecting with the other mycelium/universes, but they are aware)
#Flickr Mycelium (closed borders; isolated; aware of other mycelium/universes)
I've seen this on four social networks in the #Fediverse now in just over a week - #ActivityPub, #ZOT, #nostr, and #Movim/XMPP. These memes are going around, but what about those privacy disrespecting, deprecated legacy silos like #Faceplant, #Twitter, and #InstaSPAM or #Reddit - Why is it that we're preaching to the choir instead of to the sinners of the #SunnyVale_Syndrome?
Go forth, save those poor souls over on the silos, Tell them that they're pork bellies. Muahahaha!
I have re-read the magnificent article by @kissane, titled "Mastodon is easy and fun except when it isn’t". On Bluesky, she asked those people who had tried/used Mastodon and bounced off, what had led them to slow down or leave.
Couldn’t find people or interests, people didn’t stay
Too confusing, too much work, too intimidating
Too serious, too boring, anti-fun
Complicated high-stakes decisions
"I don’t know if Mastodon can grapple with the complexities of mass scale. Lots of people would prefer it didn’t—staying smaller and lower-profile makes it friendly to amateur experimentation and also a lot safer for people who need to evade various kinds of persecution. But if Mastodon and other fedi projects do take on the mass scale, their developers must consider the needs of people who aren’t already converts. That starts by asking a lot of questions and then listening closely and receptively to the answers you receive."
For many parts I agree. But despite everything, Mastodon/Fediverse is still the best place to be on social media. Let's make this even better. We have the power. #Mastodon#OpenSource#Fediverse#Bluesky#BlueskySocial
@PavelVoronezh
> the ability to back up data on one of the friendly servers
Have you looked into the Zot protocol and its Nomadic Identity? It does exactly that. Of all the fediverse software I'm aware of, only Hubzilla and Streams implement Zot. I'm pretty sure Zot apps could already do this when ActivityPub was being drafted. Not sure why this capability wasn't included in AP
Random #fediverse thought - so many new services (mastodon, lemmy, pixelfed, bookwyrm), where most will probably create a new account, and join the main instance.
Could we turn this around? Everyone starts their own one-person server somewhere (make it one-click), then connects to all services from there, sees and posts to all feeds in one interface, owning their data so it will never get lost.
Anyone working on that?
A while back, I brought up the #Zot protocol as an alternative to #ActivityPub. It's interesting how I received quite an angry DM from someone who strongly opposed the idea of encouraging ActivityPub users to try out Zot. According to him, he didn't want anyone "basic" disrupting his community. He believed that Zot's relative obscurity was part of its charm and didn't want it tainted by regular Mastodon users.
However, it's amusing because I can actually see Zot gaining popularity. You see, Threads won’t function using Zot. So, if you're looking for a simple way to avoid Meta content in your feed, just switch to another protocol that's similar to ActivityPub. And that protocol happens to be Zot.
I apologize if this sounds surprising, but I have a feeling that even "basic" folks will start using Zot before long.
da das #Fediverse immer noch am wachsen ist und es jetzt wohl gerade größere Wanderungsbewegungen weg von #Reddit zu #Lemmy und dem Fork #kbin gibt, hier mal ein aktualisiertes Übersichtsdiagramm um zu zeigen, dass das Fediverse nicht nur aus #Mastodon besteht.
Erst mal vielen Dank an @kuketzblog und @imke für das erstellen des Diagramms.
Dann gibt es natürlich auch noch ein paar Links zu Seiten auf denen man sich einen Überblick über das Fediverse verschaffen kann:
The real sticking point in implementing portable accounts/ nomadic identity in the ActivityPub branch of the #fediverse - like what Zot and AT Protocol offer - is its implications for how moderation works.
"The hard part however, is the social one: we collectively need to agree that the identity resolution layer is infrastructure and not somewhere moderation actions should take place."
#ActivityPub#spam seems to be spreading nowadays. It isn't new, I moved away from my previous instance because it didn't have active mod volunteers.
#Snikket's idea of invites (#XMPP, not AP) seems like a good way to both control spam and onboard users. Mods can rate-limit account creation by judiciously creating invites. Users can generate 1 invite each, but can expect to also get banned if their invitee is a spammer. User-invited users would have a real account to bootstrap their connections.
@olives I have not seen too many approaches being available. There is open-house #ActivityPub, clique-y #Zot / #Nomad or this invite system which seems to be in between.
Scale isn't something a federated system should care about. That and vulnerable groups are a non-tech problem, they are not nails for the tech hammer.
It is fine for somebody giving out an invite to be liable in that sense, it will make sure invites are used judiciously.
@volkris interesting view. Web of trust-ness seems to be there in #SecureScuttlebutt (it "gossips" content from friends and friend-of-friend, friends are cryptographically verified by design).
Per your view, #Zot / #Nomad would work well on the user-in-control front (although whether their #Hubzilla / #Streams UX implementations work for users is questionable).
The one thing I do think the AT Protocol is better at than #ActivityPub is data portability. Being built-in at the protocol layer so that you don’t have to do the migration shit (which doesn’t bring your posts) is better. It just is. I think ActivityPub has more potential overall for the social web beyond just Twitter clones, but that part of #ARProtocol is better.
There seems to be a growing amount of uninformed, negative posts on #Mastodon about #Bluesky.
It’s unfortunate that a platform which believes is populated by open minded people do not gather information themselves to form a balanced opinion, but rather jump on the “echo chamber” bandwagon instead.
Kind of reminds me of behavioral patterns on #Twitter. Remember it’s not the platform, but what you bring with you that matters.
@alastor8472 Reasonable account portability is #1 on my wish list of next steps that I feel should have been implemented long ago. It also seems like something that the Mastodon devs in particular are not interested in implementing any time soon.
@evan “Obligation to try to be compatible with systems that are intentionally trying to be incompatible” = no, there is no obligation. They're practically sending a message, “get out, you're tresspassing”.
However, I think there is an obligation if the other system/network/dev/protocol is doing their best to be compatible and improve existing protocols. ;)
Other use cases for the fediverse
I never got into mastodon because I couldn't connect multiple instances. I like this a lot about Lemmy so far (just here for a few minutes though)....
deleted_by_author