Josh is a user on mastodon.xyz. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
Josh @joshuap

What if Mastodon were aware of multiple active accounts on different instances? Maybe you could opt to follow someone everywhere (even if they join a new instance) or just locally (like it does now). Might help more folks join topical instances.

@joshuap Wouldn't that tend to encourage people to sign up for lots of instances simultaneously? Shouldn't federation reduce the need for that sort of thing?

@murph yes it would, and not necessary imo. I think there’s a case for topical instances. For example, one might want to have a general account, a Linux account, a fitness account, etc.. People already do this to some extent.

@joshuap That's an interesting angle. I've seen lots of people complain about the complexity of managing accounts across the Fediverse.

Federated identity is supposed to make single sign-on easier. The lack of a personalized experience across instances violates some of the assumptions of single sign-on model.

@joshuap Granted, I'm not well versed in Mastodon's design paradigms, but it seems to me that OAuth-based access between instances would solve a lot of problems.

The obvious security flaw there is that when you allow Federated identities from a service (ie. FB social login), you're implying a trust relationship with the identity provider.

If anyone can create a Mastodon instance, the trust relationship is established by the user, but not necessarily by the other instance owners.

@joshuap Allowing any Instance to be an Identity provider, would be like allowing your browser to accept and TLS certificate, regardless of whether the Root CA that signed the certificate was validated as trustworthy by some other third party.

@joshuap Define “someone”.

I have accounts on two instances. I’m fine with people following both, so the profiles cross-reference each other. Otherwise nobody would know they are both mine. But it’d take some new infrastructure to put them into a single bucket, so to speak.

This of course would have to be voluntary!