Loomio

Allow the servers communicating with each other

DU nio Public Seen by 62

This was discused in thread before: https://www.loomio.org/d/i75meX0Z/diaspora-authenticate
But i think this is for new thread.

The idea:
Allow users login in any diaspora server.
Users will login in any diaspora server with [email protected]
Username is his/her username.
Registredserver.tld is his/her server where is user registred.

This solution can access user to registredserver and show data on new server.
I think this would be great step for diaspora.

Technically this can be done. But the developers can say what are they thinking about technicalls problems.

Any questions about this place there, thank you.

EG

Erwan Guyader Mon 17 Feb 2014 8:51PM

Such feature would be a major privacy/security issue as nothing is preventing a rogue pod to log your credentials as you login and get your data then store it.

DU

nio Mon 17 Feb 2014 8:59PM

@erwanguyader Maybe me explain is not clear.
What do you mean exactly?
Say me difference between security risk in current pod and new pod which can do secure authentification on other server with SSL and good designed API?
I do APIs many years and there can be this feature done preatty secure and maybe better security as current connection on pod.

ST

Sean Tilley Mon 17 Feb 2014 9:00PM

Actually, Friendica Red provides something similar to this, with one major difference: you can log into any Red server using remote authentication, but your posts and personal information are stored on the site that you created your account on. I think Pump.io might provide something similar as well.

Provided a robust security mechanism is provided for authentication, this could be set up to be neither a privacy issue nor a security one. The question boils down to whether we want this in Diaspora or not.

DU

nio Mon 17 Feb 2014 9:07PM

I vote for yes :)
Anyway I hate creating new and new accounts on new and new diaspora servers.
For me is enough one account on all diaspora servers.
There is other advantages also, becouse some data can be accessed from registred pod. In me eyes really big step for diaspora project.
BTW: the login with diaspora button can be easy implemented in this solution

G

goob Mon 17 Feb 2014 9:11PM

What would be the point of it? If you're going to enter your full Diaspora ID, you know which pod you're registered with (it's the second part of the ID), so you might as well sign in to that pod, mightn't you? What would be the benefit in signing in to another pod?

If it's to deal with cases in which someone sends you a link to a profile or post which has another pod's domain name in the URL, I think better forwarding back to the user's home pod is the way forward.

JH

Jonne Haß Mon 17 Feb 2014 9:15PM

I don't think we should encourage ignorance over where you enter your credentials. You should only enter your credentials to the service you registered to and you should pay attention to do so. I also see no benefit, if all data is pulled from your home pod anyway, you still entirely depend on the availability and speed of it.

Login with Diaspora is a totally different game, it's authentication delegation, that is as a service I rely on a third party to authenticate a user for me. That does not imply access to the data on the third party for my service (beyond some basic profile data in most cases).

G

goob Mon 17 Feb 2014 9:24PM

I guess we could put something in the code so that if someone enters a Diaspora ID, and the domain is not that of the pod on which they're trying to sign in, a message pops up saying 'You need to sign in to [domain name]'.

DU

Rich Mon 17 Feb 2014 9:24PM

I have the same question as @goob - What would be the benefit in signing in to another pod?

SVB

Steffen van Bergerem Tue 18 Feb 2014 12:03AM

@maxsamael

Anyway I hate creating new and new accounts on new and new diaspora servers.

Why would someone want to do that? Diaspora is a decentralized social network so the basic idea behind diaspora* is to use only one server to talk to all other servers in the diaspora* network.

MB

Manuel Bichler Tue 18 Feb 2014 12:10AM

I am with @goob that the only thing we could provide in this direction is to show a notification when someone tries to log in with a diaspora ID of another pod. But this should be a general warning notification saying something like "never enter your password on a foreign server".

Load More