Oddbean new post about | logout
237de24a | 1 years ago (raw) | root | parent | reply | flag 
 @59c6c59c Mastodon & fedi software only deals with any of those fpr their webapps and extensibility use cases, not for federation
ca6770df | 1 years ago (raw) | root | parent | reply | flag 
 @f50dbb78 Yup! Exactly and so you have way more ways of making clients. IMO it'd be great if clients used signed requests to their inbox/outbox and if instances provided SPARQL or similar for querying data back out. Or better yet it'd be nice if clients loaded other peers' data directly.
237de24a | 1 years ago (raw) | root | parent | reply | flag 
 @59c6c59c I think you may be searching for solid with solid-tls for auth
ca6770df | 1 years ago (raw) | root | parent | reply | flag 
 @f50dbb78 Mind linking to a TLDR for how that works? Solid is defs something I'm interested in.
Is solid-tls the tls client certificate auth? I was ranting about how it sucks that isn't used more a few months ago :P

Sadly I couldn't get it working on Linux with chromium or firefox so I gave up on pursuing it further.
237de24a | 1 years ago (raw) | root | parent | reply | flag 
 @59c6c59c it's all available via the solid project website, it's one of the official specs but got superseded by solid-oidc, but I know TimBL still believes in it because OIDC annoys him
ca6770df | 1 years ago (raw) | root | parent | reply | flag 
 @f50dbb78 Neat yeah. I like the use of linking to profiles with the SubjectAlternativeName field in the certificate. Still wishing we had the future where we used client certs for auth. 😩

OIDC makes sense given the larger "identity" industry. Agree it can be annoying though. So many little pieces to keep track of.