Identity, Onboarding, and Trust on the Fediverse [WIP]

By imklg, 16 August, 2023
night long exposure with streaks and construction materials


Currently, informal direct responses to internal discussion. These are my initial responses. Again WIP.

RE: NYTimes

“Masodon is “essentially a twitter clone sliced into communities”

And whats wrong with this? Does this mean anything at all? Wasn’t much of the appeal of twitter, before recent events, those well developed communities? Wasn’t twitter already sliced up? See below for tl;dr response.


“However, I think that possibly going forward, we might rework the onboarding user experience into **presenting a default option as well as an advanced option, where all that stuff with choosing a server would basically be hidden away from the people who get intimidated by choice**.”

ugh, people aren’t intimidated by choice. they don’t like uncertainty.

“But I'm sceptical about what's planned regarding instance selection. For one, that'd lead to even more people joining Mastodon and taking two, three, four whole months or longer to realise that there is such a thing as instances. And more than one of these. In the meantime, they'd be mollycoddled into the belief that Mastodon is structured just like Twitter, only without Musk.”

not sure what the point is here. is this techbro for ‘understandably ignorant of the underlying infrastructure?’ Mollycoddle? meh.

“Even before that, Mastodon should introduce full account migration. Not only including all toots, all uploaded media, all followers, all followed and all the settings, but ideally even without leaving a dead account behind afterwards. Then we can talk about channeling all newcomers onto one and the same instance.”

<avoids the issue: do you own your identity or not? Account migration is unfinished. All user data should be completely portable. I’ve never understood why opensource developers haven’t made this a number one priority of the foundations of anything, anywhere.

As for authorization, the latest iteration of OpenID is OpenID Connect. It offers an authentication layer on top of the OAuth authorization mechanism. seems to be positioning itself as an independent trust authority in the journalism space. seems to be working so far. What I would like is that they also implement OpenID Connect. :) They seem to have the resources to do so.

Scalability is a real concern when it comes to data portability. Account info and followers are an easy and fairly lightweight operation. Grabbing all posts and media from the datastore is a different matter. Also, not all instances keep a full history. The usual seems to 6 months. This is another feature of the Fediverse that acts like a bug.

Philosophically I feel that this goes against full user ownership of their own data. However, in implementation, I acknowledge that a full record of everything might be more than some instances are willing to offer. I’m fine with both approaches. This is a good argument for many smaller instances rather than larger ones. Scalability and datastore size is a real concern. Overall size isn’t the problem, since storage is quite inexpensive, moving it around is problematic. There are real security concerns with affordable cloud and on premises storage.

As for settings migration, cant’t really be done. for instance, I run both pleroma and mastodon instances. settings are different. Mapping and maintaining account settings across the same software platforms is difficult, across different platforms now becomes unrealistic and silly.

Hopefully this shows how full account migration can be implemented, but without trusted authentication, many problems will arise. My point. is that full migration is an entirely different thing than trusted authorization and confirmation of identity.

RE: Comment controls discussion ( i had seen this a while back, didn’t join in )

Comment control (and RT, QRT to a lesser extent, not to be discussed here) goes back to the basic assumption of ‘Who Owns My Content?’ Anything I post is mine, assuming it is my original work and doesn’t infringe on anyone else’s. On a discussion site establishing originality is a low bar. Opinions and public discussions don’t generally come back to bite in a legal sense unless you are a public figure acting in a public role, oh and criminal behavior. So, for most of us, stating opinions and sharing ideas have no repercussions. Still, does the general public own your statements or do you? I think this is a big question. Individuals own their statements, unless they give up that claim.

If we look at comment control, now we’re using a tech platform to determine how our audience interacts with our content. Once released into the wild, do we give up all control? I would argue, with tech, no. We can shape how we wish to interact with our audience. This is progress and better aligns with discourse in real life.

In the end, we’re making a feature set that respects authorship and provides better control over content after it’s published. Discourse has rules, I believe that we’re slowly mapping and extending real life discourse onto the fediverse.

As for moderation, the big question for me is ‘Will these new tools allow authors to moderate their own discussions?’ and ‘How much moderation is the result of a lack of such ‘authorship tools’? After all who better to moderate a discussion than the author of the originating content?


Said it before, but the one thing I absolutely thing the fediverse needs is the separation of identity and app. That is imho the issue.

Yes. Identity is the problem that needs to be solved. more specifically trust and authenticity. This needs to be something more than reputation. Online identity authentication is at the heart of our current social dilemma. Since 1988, when i first broke out of the ‘local library box’ with gopher, and shortly thereafter with usenet, I struggled with ‘to what am i connecting’ and then ‘with whom do i speak? Ownership of the web and all its strands comes down to identity ownership.

Centralized platforms work because there is a perceived difficulty that complexity is the problem. I assert that this is false. Negotiating a subway or doing taxes is orders of magnitude more complex cognitively than understanding ‘instances and the fediverse’. Why is there this narrative that it’s difficult? Because it’s new and uncertain.

Somehow, we have accepted that ‘New things are hard and should be avoided’, instead of ‘New things are challenging and should be embraced’. In tech, it has become a shrill, ‘Make it familiar or we can’t monetize.’ That’s not the case here. We aren’t competing for venture capital or advertising eyeballs to survive. Scale is not necessary on any one instance. This is merely different, not necessarily complex. In fact, it is so different that it appears to be overwhelming unfamiliar. This great difference is a sign of an as-yet-to-be-named paradigm shift.

Our narrative here might be ‘It’s different here, really different, yes, it’s microblogging, but it’s part of a much bigger idea.’ Yes, let’s leave out the ‘world domination’ part. In my mind all we’ve accomplished collectively with the tech is that we have solved the moderation and scalability issues that drive centralized business models. We have not addressed identity and trust, nor have we acknowledged how different is the distributed system with regards to expectations.


“that'd lead to even more people joining Mastodon and taking two, three, four whole months or longer to realize that there is such a thing as instances. “ the #Fediverse?

Here’s another important aspect of our nameless paradigm shift: ‘Where is the threshold for participatory literacy?’ It is up to us, the members of this emerging distributed discourse community, to define and relentlessly repeat that this #fediverse is different. We must maintain simple messages about the philosophical underpinnings of this place. No technical manual can provide this literacy and context. FLOSS and open source, free software foundation etc. should be references.

All complex systems that scale are most resilient when distributed, our electrical grid, transportation system, or email messaging all share this characteristic. ActivityPub was immediately interesting to me as it is intentionally distributed. With instances, the protocol models, in tech, how we interact in person and gather naturally into discourse communities.

Hashtags and hashtag search is the way we cross these instance boundaries. Groups are coming to establish a more concrete, less abstract, method to cross instance boundaries. To me it is critical to present that the instance model is needed, the same way we gather into geographical regions and, equally important, that we also group based on interests that are not based on place and proximity. Both ways of grouping model our natural social patterns.

Currently, hashtags are leading to groups, which might lead to something else in the future. This open and extensible systems approach is another aspect unique to to non-commercial opensource platform development. This fluidity is also the source of the most uncertainty. A challenge will be to present this as a feature not a bug.

This intentionality of place and interest, instance and group as a direct mapping supports the open flexibility and rich complexity of ‘place’. This open and complex layering is core to the feeling of ‘home’. Note that ‘home’ is not addictive, not a product, nor a commodity. When we say ‘social’ we act from a place that references ‘home’. The fediverse is built around safe places.

Mastodon is not a microblogging network. Microblogging is an activity that may or may not be social, socializing relies on a sense of home. Let’s agree to leave this model behind along with the idea that centralized commercial networks can meaningfully support ‘social connections’.

In my mind, when someone wants to join the fediverse, our language should highlight this fundamental difference. Commercial platforms want to get you addicted and monetize your behaviors, the fediverse wants you to feel at home.

Follow Me

Fediverse (Mastodon, Pixelfed, Peertube) 

Private Messaging

Old Business (mostly inactive)