Follow

Here are the (new) requirements for being linked-to from joinmastodon:

joinmastodon.org/covenant

@Gargron time to bump weekly backups to daily.

@amic I think the three months thing is also problematic. Unless someone has set aside funds for server rental, the server's monthly rental payment is subject to the admin's own budget.

I doubt that most servers are hosted where annual payments are possible (where three month advance notice of closure can be done).

I mean, you can promise advance notice, but when your boss calls you into his/her office to announce that you're being "right-sized", three months could instantly become one week.

@lnxw48a1 @amic All of this feedback would be great two days ago, but alas. I think some things are necessary when providing a public service to strangers.

@Gargron I agree with you, but the truth is, most people can't be sure that they will be able to warn their users three months in advance before a shutdown. If you are not rich, it's complicated to be sure of something so far ahead.
Also, our previous experience with witches.town showed that people can successfully migrate in one month, even from a medium sized instance.

@lnxw48a1 @amic

@Sylvhem @lnxw48a1 @amic I can't really know if people are lying about their backups, emergency access, etc or not, but the covenant gets them to commit to it. It puts in their mind that they should do those things, and that not doing those things would break a promise, which is an incentive to try their best. That's the goal.

@Gargron Daily is too much to ask for for most people, I'd suggest weekly at most.

@Gargron @Sir_Boops I have 2 of those. @mastohost would have to verify backups and emergency accessibility

@Gargron schon beim ersten punkt kommts mir vor wie im amiland "white supremacy" ?! Also darf ich als schwarzer hier alle weißen durchem kako ziehen?

warum nur transphobia? Ist homosexualität egal ?

mit solchen punkten kann man persoenngruppen sehr triggern

@Zoidtes @Gargron Homophobia steht im Titel von Punkt 1.
Ich denke, der Text darunter bezieht sich auf eine bestimmte „other platform“, die so ihren Unwillen zeigt, etwas gegen die genannten Diskriminierungen zu unternehmen.

@Gargron

I think issue 4 is going to need some explanation on how you plan on enforcing 3 months of advanced warning. (banning future instances by that administrator? holding it against service-hosts like mastodon.host?)

I like this overall tho.

@oct2pus It's a committment. It serves a purpose of setting up the expectation that the admin's gotta do it, but it can't really be enforced.

@Gargron I understand its a commitment but imagine a future scenario where a large instance disappears overnight, it can really hurts trust in JoinMastodon and the other 3 commitments as well (the first one I believe is very important and I appreciate you specified transphobia).

I agree this is something people on the fediverse should expect but its not really something you personally can provide outside of mastodon.social. There really isn't going to be a way to make everyone happy here.

Still,

JoinMastodon seems to be hand curated which is why i suggested blacklisting future hosting by the same administrator. I don't think this would be a massive burden for you and/or a volunteer/contractor to administer since this shouldn't be a common scenario and should either be easy to verify or have substantial proof to alongside the claim.

I just think overall it adds some teeth even if its not as much as everyone would like.

@oct2pus I mean sure, if that happens, the admin will not be trusted any longer

@Gargron Who else has access to mastodon.social data?

The bus factor is important yes, but so is knowing who can read your DMs.

@dansup The person who used to host the mastodon.social infrastructure for about a year prior

@Gargron Who is that? I assume it's not just you since mastodon.social is listed on the instance picker.

@Gargron @CobaltVelvet Don't you think that is kind of important to mention somewhere?

How can you impose a bus factor rule for the instance picker when you don't even list who has access to the infra?

@dansup @CobaltVelvet I'm not asking anyone to reveal such information. Who has access is internal business, I just want to know whether anyone does.

@Gargron @CobaltVelvet "I'm not asking, I just want to know" does not make sense.

Listing all people that have access to private data somewhere gives more accountability.

CobaltVelvet is not listed as an admin on mastodon.social/about or mastodon.social/about/more

@dansup @CobaltVelvet It makes sense, Dan. There's actually no way to verify externally whether anyone's claim about backups or access is true. So detailed knowledge is absolutely irrelevant, it could be a lie anyway. What matters is public committment.

@Gargron @CobaltVelvet It does make sense but only if instances clearly state who is the bus factor replacement.

I didn't know that CobaltVelvet also had access to this instance before you mentioned it a few moments ago.

What I am saying is that it's important to know that before someone else who we don't know or trust takes over.

@dansup @Gargron @erroruser@example.com
I don't think you are ever going to get every single admin on board. Who gets to set these rules? I know it's probably not reasonable speed wise, but maybe encrypt all the the data so the admin can't even see it? But then this gets into weeds on how to find/remove illegal crap on ones server? I dunno, just throwing that out there.

@bort @dansup End to end encryption doesn't scale to thousands of followers. Asymmetric encryption in the database could be an option, but truthfully, if someone has root access, they can access the master key as well, it's just smoke and mirrors.

@Gargron @dansup Indeed. Interesting dilemma though. Physical access will always trump any kind of security. And people can just lie about who does and doesn't have access. I personally just run my own server for this very reason. I wish this was an option for more people.

@dansup @gargron ehhhh it's the kind of position where privacy is nice. if :gargamel: disappears i'll come forward, until then no one else needs to know (and it's arguably safer that way)

@Gargron Regarding (2) and (3), would it be acceptable if my instance is hosted with, say, @mastohost?

Regarding (1) and (4), what if my ToS and code of conduct are not written in English? How do you verify that?

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!