Allow acct URI - a discussion

[aswathrao]

As you know, Fediverse uses acct URI for identification; furthermore, currently the URI is based on the server's DN. This hinders in potential migration. I fully anticipate that people will prefer to bring their own acct URI when the register with a new instance. Indeed there has been such a suggestion already (https://mastodon.social/@[email protected]/109677646003412963).

Unrelated to this, today Cloudflare announced their hosting service for Mastodon (https://github.com/cloudflare/wildebeest). They use Zero Trust Access (SSO from an id provider). One of the scheme is OpenID Connect. I suspect that as this news spreads, many instance admins will prefer this scheme, since they do not have to worry about managing passwords. This will be especially true of admins of small instances.

Putting these together, I feel that we should allow acct URIs for Indieauth by requiring "rel=me" lines be added to the Webfinger doc associated with this URI.

Looking forward to feedback/suggestions.

Thanks
Aswath

[aswathrao]

This has been addressed in https://aaronparecki.com/2013/07/01/7/indieauth: "The problem is it's too easy to not own your email address (@gmail.com, etc) so it's not really an "indie" identifier. The point of IndieAuth is to encourage people to own their online identity."
So I am closing it.