At the moment the server owner effectively ‘owns’ magazines & communities. Is that the right balance of power? What happens when servers go offline, or server admins go rogue?

In a world where both users and magazines had public and private keys and magazine moderators had the tools to do off-site backups.

Could the magazine moderator then do an unassisted migration to a new place?

They revoke the key that gives the original server the right to host the magazine. They use the key to re-create it on a new server.

Somehow notify all the members the magazine of the new location. The users use their public keys to reclaim their identities and content.

Would that give mods too much power?

It all gets complicated fairly quickly! I think the Bluesky AT protocol is somewhat close to this model for user content, but doesn’t really extend to ‘community’ scale content.

It falls short of a full confederal protocol

  • Sam_uk@kbin.socialOP
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    @JonEFive Multi-magazines are certainly desirable and would to some extent mitigate the data loss caused by an individual server going dark.

    I guess the larger issue is if your ‘home’ instance is the one that goes dark, taking your personal account with it. Maybe it’s in fact user account portability that’s most important to work on. Assuming that multi-magazines happen fairly soon.

    • JonEFive@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      While it isn’t practical for most users, if you’re really that concerned about maintaining control of your user account, you could create your own Kbin instance that’s basically just for you. There are hosting services available where you could probably do it for a few bucks a month plus the cost of the domain name. I’ve considered setting something like this up myself.

      Obviously this isn’t a viable solution for most people, but it is an option.

        • JonEFive@kbin.social
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          True. It makes me at least think about what other options there are in terms of resiliency for user accounts. Right now we’re back to the wild west days of the internet where you might not be 100% sure that your provider is in it for the long haul. There were so many random email hosts in the 90s and early 2000s with vanity domains. Now, it’s rare to see anything other than Gmail, outlook, iCloud, or hotmail for personal emails. People congregated around the big companies. That’s what worries me about companies like Meta and Twitter getting into the fediverse

          • Sam_uk@kbin.socialOP
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            @JonEFive I’ve been wondering about separating the ID/auth from the app. Someone recently got Keycloak working and that has some possibilities for federation. Not sure if that really helps though. You still have to trust the keycloak admins

              • JonEFive@kbin.social
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                This got me thinking a bit, and I had this whole long post written out. Turns out someone else had a very similar idea to what I was about to discuss regarding public/private keys:

                https://aumetra.xyz/posts/fediverse-nomadic-identities#introduction

                This approach is interesting because I was thinking that you would need a trusted server to host the public certificate. But maybe that isn’t the case so long as you keep a copy of your public key. As long as you have your private key, you would always have proof that a post made using your public key was from you. Even if someone tried to impersonate you, they wouldn’t be able to sign a post with your private key, which means they wouldn’t be able to link their profile to your account. Your public key certificate effectively becomes your identity and your private key signature is your “password” proof that you are the person associated with that public key.

                If your main instance goes down, you could use your keys to create an account on another instance (assuming that’s permitted). Or you can create other accounts like the article describes.

                On its own, this keeps your identity intact, but not your post history. It could be designed that your account on one instance references your account on all the other instances it knows about where you have an account. Then a post history could display data from multiple servers, or at least link back to your profile on your other servers.

                But if a server goes offline, your posts do too. I just don’t think there’s a great way to manage that.