Eugen
Follow

So an idea that has been floating around for some time is that you can verify that a link a person puts in their profile belongs to them, by checking if the linked site links back to the profile (with a special attribute that signifies intention), and that it can be used to, indirectly, verify that a profile is "real"

@Gargron Please don't do any special parsing; use .well-known, that's what it's there for.

Special parsing and edgecase hell is what killed LibreJS

I wonder what the UX for that would look like. I doubt this can or even should be something displayed in-stream like the Twitter verified badge, because with custom emojis, the display name area is absolutely untrustworthy. More than that, the presence of a verified link is meaningless unless you trust the linked site (such as someone's official personal homepage)

So it would probably be something only displayed next to those links.

@Gargron Perhaps a title attribute or some other hovery thing? That should be distinguishable from emoji stuff.

@skrrt_vonnegut trying to figure this all out, im new to social media

Okay I didn't mention what the "special attribute" was because I didn't want to alienate the non-dev audience, but I'm getting a lot of suggestions for complicated things, so yeah, I meant microformats rel="me", it's the simplest thing, why would you even bother with TXT records or public keys

@Gargron What google did was just ask for a meta html tag on the site with some "random" hash :P

@dotUser @Gargron login/account/identity schemes frequently conflate identity, security, privacy and authority. they are very much not the same concerns and persisting in 2018 to use rocks to try and drive in screws looks ridiculous. a random number (which is all a pubkey is when you’re not using it to do work) doesn’t prove anything that a rel=“me” link doesn’t.

@zensaiyuki @dotUser While I am for rel=me based verification, public key based verification is not just putting your public key somewhere. You generate a signature of the link with your private key you never upload anywhere, and put that on that link, and clients confirm this signature matches up with your public key. No one else can replicate that.

@Gargron @dotUser that actually proves less than the rel=“me” scheme- it proves you have a particular private key, which is useful given a number of complicated prerequisites most people won’t bother with. rel=“me” proves you have access to modify that website.

of course, your private key can be stolen and your website can be hacked, or modified by someone who works in your website for you.

@Gargron @dotUser so is the actual goal to prevent someone from impersonating a celebrity, journalist or politician? or just any joe shmo. the real question is how much proof of identity is sufficient for the actual goal at hand. in the case of the twitter verified mark- the point of contention is that public remarks by public figures, if taken as genuine, have potentially serious consequences.

@Gargron @dotUser which i am sure is mansplaining to you - my only point is technology solutions can very frequently lose sight of what they were initially trying to solve.

@Gargron
Garg, is this capitalism? because you've just alienated me

@Gargron If you're talking about domain 'txt' records, I don't know that that would be realistic enough, it's very easy to fake those. I suggest a third party service which can verify a user's identity and confirm it for you. I'm looking now to see if I can find something like that.

@shawneric @Gargron I use rel=me to log into my website, a bunch of different apps, and the wiki, pretty light weight and reliable way to prove I am who I says I am youtube.com/watch?v=LzHmunZxJe

@gargron I think highlighting links on the profile page that link back with rel=me would definitely be valuable. Note sure it translates in to something you can decorate their username with elsewhere in the UI though.

@Gargron hey, I actually understand what you're talking about here!

@jamie The bio supports displaying custom emojis, and you could make that into a custom emoji and put it next to links to fake it. So the looks must be succinctly impossible to recreate with text or emojis.

@Gargron @jamie text is justify left, ticks are justify right. it’s surely not unachievale to prevent text from flowing into an adjacent column?

@zensaiyuki @jamie You have to understand people have been fooled by ✔️ in people's display names. That's not even a custom emoji, it's a standard unicode one. Don't underestimate how imperceptive people are to minor differences.

@Gargron @jamie that’s in twitter usernames, the example is a list of links in a profile. i thought we had already abandoned the idea of the tick in the username as bad.

@zensaiyuki @Gargron I was thinking more like the existing profile metadata but a way to verify what is put there. Even if it is only website urls using rel=me to check it is valid. A separate output field could show the result.

@Gargron @zensaiyuki @jamie how about a coloured backdrop to the link - something like what Gmail/apple mail do turning an address into a pill-shaped thing?

@Gargron Birdsite has started to put one line of context below the display name for politicians, could do a "owner of stevestreza.com" down there

@stevestreza I have never seen it, got a screenshot of what that looks like?

@Gargron It sounds like you could build support for a dedicated "also me" field, where users can paste links to any web page that contains a parseable `rel="me"` microformatted link... or perhaps otherwise links to your mastodon profile in plaintext? i don't think you can e.g. insert rel-me links into Twitter or Facebook; at the same time, this could still easily be emulated by custom profile fields already right now if you expect users to manually check the "proof" linked.

@Gargron Tweetbot puts the verified badge over the user’s icon in a way that can’t be spoofed, rather than relying on the display name area. It would probably require framing icons with an outline so it’d be more obvious if someone were trying to get cute. Combine with making the badge link to the authenticating page, and making it a separate field in the profile with its own format (maybe a plain link that spans both columns of the custom labels area)?

@gargron On the profile page you could split the list in to 2 lists of links—first a list of rel=me reciprocating links (so "also me") the second other profile links (so "related to me"). No special icons or emoji to spoof and possibly easier to understand?

@Gargron this sounds a lot like keybase's proof system. It might be worth looking into seeing if there's a way to do generate and log arbitrary proofs through it. It has the advantage of the robustness of public key/private key signing but abstracts the creation and management of keys away so the average user would be able to use.

@Gargron Google used to verify websites with something like that. Don't know if they still do.

@matilde It sounds like keybase that we wouldn't need to outsource to an actual third party, centralized service

@Gargron You could just check out App.net’s code to see how they did it. Theirs was DNS based.

@JonathanGerlach DNS doesn't work as well because not everyone knows how to edit DNS records. It's easy to put a rel="me" link in your tumblr bio, or drop in on your sharing hosting site, but it might not even be possible for you to edit your DNS records.

@gargron I like the idea! rel=me/xfn 4eva.

But, should a reader trust iconography on the profile page? If a user runs their own single-user instance, they could turn on the verified-link icon anyway; that is, in general you're trusting the instance admin. Ideally, you want your own *client* to follow and verify back-links. (I believe that's what the Keybase client does, for example.)

@npd The user's own server could check the links of users from other servers.

@gargron yeah! (Because typically your instance server is also your client.)

But the UI would need to reflect that this was checked by *your* server, and maybe it shouldn't be visible on the original, Web-visitable profile page. That's going to be a challenging distinction to make to end users.

@Gargron That's pretty neat actually. Have you thought of using something like keybase.io for this as well?

@Gargron Or, instead of bothering with that, we tell people to host an instance on their own domain, where they already have established their brand.
I mean, the rel=me has still a weakness in that anyone can set up a rel=me chain, which would hold to automatic checks, but not to human scrutiny: when the rel=me circle goes over totally unrelated fake sites. So, I'd say that even with rel=me, you'd still need a human eye verifying the chain. Which forbids automatic checkmarks or alike, I think.

@Gargron Don't get me wrong, I'm in favor of rel=me. But I'd say that the only UI implemented here may be a checkmark on the link to the other profile/website. The user's identity isn't what is verified here — the only verification that an automatic check offers here is that the link chain actually loops back to the current page. So it must be clear in the UI that the visitor needs to follow the link to verify the user in question himself.

@Gargron Yes, I corrected myself on that second toot a bit ^^

@Gargron And now I saw that you already mentioned that point later... sorry for bothering you m)

Sign in to participate in the conversation
Mastodon

Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!