I am working on approval-mode registrations system for Mastodon

Honestly I don't know if "approval-mode registrations" makes sense grammatically

Follow

@Gargron on a random note this reminded me of an idea I had.

I was thinking of how you could create a portable federated profile, and it could work similarly to SSH keys.

You could generate a key pair on the home server, and use the private key to encrypt your profile info.

Then when you create an account on another server, paste your public key, and it will try to pull profile info from your home server and try to decrypt it using the key your provided.

@Gargron if the info can be decrypted, that confirms your identity, and you can post as the user from your home server on the new server.

If the info is pulled on each log in, then it makes it easy to revoke keys as well. If you think your info was compromised, just regenerate the key pair.

And public key is not really public in this scenario in a sense that you'd share it publicly. It's just used for remote auth by your new account.

@yogthos @Gargron sounds like something leveraging the new #WebAuthN standard is what you are thinking of?

webauthn.guide

@msh @Gargron same idea, but different context. WebAuthN deals with authenticating using a public key. The idea I'm proposing is for tracking user identity between different servers in the federation.

@yogthos @Gargron i'm pretty sure that's what hubzilla/zot nomadic identity does, but with ssl priv/pub certs not ssh
Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!