#zot

@KellamБур This may come as a surprise, but: Nomadic identity is not an abstract concept or a science-fiction idea for the Fediverse.

It is reality. It exists. Right now. In stable, daily-driver software that's federated with Mastodon. And it has been for over a decade.

I'm literally replying to you here from a nomadic channel that simultaneously exists on two servers.

Nomadic identity was invented by @Mike Macgirvin (formerly American software developer of about half a century who has been living in rural Australia for decades now) in 2011 and first implemented in 2012. Almost four years before Mastodon was first launched.

In 2010, he had invented the Facebook alternative Friendica, originally named Mistpark and based on his own DFRN protocol.

Over the months, he witnessed lots of privately operated public Friendica nodes shut down with or without an announcement and the users on these nodes lose everything. He added the possibility to export and import Friendica accounts. But that would only help if a permanent shutdown was announced. It did not protect you against shutdowns out of the blue.

There was only one solution to this problem. And that was for someone's identity to not be bound to one server, but to exist on multiple servers simultaneously. The whole thing with everything that's attached to it. Name, settings, connections, posts, files in the file storage etc. etc., everything.

So in 2011, Mike designed a whole new protocol named Zot around this brand-new idea of what he called "nomadic identity" back then already.

In 2012, Mike forked Friendica into something called Red, later the Red Matrix, and rebuilt the whole thing from the ground up against Zot. Red was the first nomadic social networking software in the world, almost four years before Mastodon.

In 2015, ten months before Mastodon was first released, the Red Matrix became Hubzilla, the Fediverse's ultimate Swiss army knife.

I am on Hubzilla myself. This channel of mine is constantly being mirrored between its main instance on https://hub.netzgemeinde.eu and its clone on https://hub.hubzilla.de. Anything that happens on the main instance is backed up on the clone. I can also log into the clone and use that, and whatever happens there is backed up on the main instance.

https://hub.netzgemeinde.eu could go down, temporarily, permanently, doesn't matter; I still have my channel, namely the clone. And I can declare the clone my new main instance.

Well, Mike didn't stop at Hubzilla and its original version of the Zot protocol. He wanted to refine it and advance it, but in ways that wouldn't be possible on daily-driver software.

Zot went through several upgrades: Zot6 in 2018 (backported to Hubzilla in 2020, along with OpenWebAuth magic single sign-on). Zot8 in 2020. Zot11 in 2021 which had become incompatible with Zot6 and therefore was renamed to Nomad. Today's Nomad would be Zot12.

Also, in order to advance and test Zot, Mike created a whole bunch of forks and forks of forks. Osada and Zap for Zot6 in 2018, followed by another short-lived Osada in 2019. A third Osada, Mistpark 2020 (a.k.a. Misty) and Redmatrix 2020 in 2020 for Zot8. Roadhouse for Zot11 Nomad in 2021. All Osadas, Zap, Misty, Redmatrix 2020 and Roadhouse were discontinued on New Year's Eve of 2022.

The most recent software based on Nomad is from October, 2021. It can be found in the streams repository. It is officially and intentionally nameless and brandless, it has next to nodeinfo code that could submit statistics, and it is intentionally released into the public domain. The community named it (streams) after the code repository.

I also have two (streams) channels, one of which is cloned so far.

The newest thing, and that's what the Friendica and Hubzilla veteran @Tim Schlotfeldt ?️‍? referred to, is nomadic identity using nothing but ActivityPub, no longer relying on a special protocol.

This was not Mike Macgirvin's idea. This came from @silverpill, the creator and developer of the microblogging server application Mitra. He wanted to make Mitra nomadic, make it resilient against server shutdown. But he didn't want to port it to Nomad. He wanted to achieve it with nothing but ActivityPub.

So he hit up Mike. The two came to the conclusion: This is actually possible. And they began to work on it. Amongst the results were several FEPs coined by silverpill.

This time, Mike did not create another fork to develop nomadic identity via ActivityPub. He did it all on the nomadic branch of the streams repository while silverpill did his part on a special development branch of Mitra.

In mid-2024, after enough sparring between (streams) instances, between Mitra instances and between (streams) and Mitra, Mike was confident enough that his implementation of support of nomadic identity via ActivityPub was stable enough. He merged the nomadic branch into the dev branch which ended up being merged into the stable release branch in summer.

Now, at this point, (streams) didn't use ActivityPub for nomadic identity. It still used the Nomad protocol for everything first and foremost, including cloning. But it understood nomadic identity via ActivityPub as implemented on experimental Mitra.

However, while it worked under lab conditions, it blew up under real-life conditions. At this point, (streams) had to handle so many different identities that it confused them, and it couldn't federate with anything yet.

In mid-August, while trying to fix the problem, Mike eventually forked the streams repository into Forte. It got a name again, it got a brand identity again, it got its nodeinfo back, it was put under the MIT license again.

But most importantly: Any and all support for Nomad was ripped out, also to get rid of a whole number of IDs, namely those for Nomad-actually-Zot12 and for Hubzilla's Nomad-actually-Zot6. Forte only uses ActivityPub for everything. And so, Forte also had to fully rely on ActivityPub for nomadic identity, cloning and syncing.

For almost seven months, Forte was considered experimental and unstable. For most of the time, the only existing servers were Mike's.

But on March 12th, 2025, Mike Macgirvin released Forte 25.3.12, the first official stable release of Forte. This is what Tim wrote about. Because this actually made it into Fediverse-wide news.

Not because it's nomadic. Nomadic identity has been daily-driven for over a decade now.

But because it uses ActivityPub for nomadic identity. Which means that you can theoretically make any kinds of Fediverse software nomadic now, all without porting it to the Nomad protocol first.

For the future, Mike and silverpill envision a Fediverse in which one can clone between different server applications. A Fediverse in which one can have one and the same identity cloned across multiple servers of Mastodon, Pixelfed, PeerTube, Mitra, Forte, Mobilizon, Lemmy, BookWyrm etc., all with the same name, all with the same content and settings (as far as the software allows; you will certainly not be able to clone your PeerTube videos to Mastodon and Lemmy).

Even if you don't intend to clone, it will make moving instances and even moving from one software to another dramatically easier.

If you're concerned about your privacy, let me tell you this:

Hubzilla's privacy, security and permissions system is unparalleled in the Fediverse. Except for that on (streams) and Forte which is another notch better.

I can define who can see my profile (my default, public profile on Hubzilla where each channel can have multiple profiles).
I can define who can see my stream and my posts when looking at my channel.
I can define who can see my connections (Hubzilla, (streams) and Forte don't distinguish between follower and followed; they aren't Twitter clones).
I can define who can look into my file space (individual permission settings per folder and per file notwithstanding).
I can define who can see my webpages on Hubzilla (if I have any).
I can define who can see my wikis on Hubzilla (no shit, I've got wikis on my Hubzilla channel).

On Hubzilla, I can define individually for any of these whether it's

everyone on the Internet
everyone with a recognisable Fediverse account
everyone on Hubzilla (maybe also on (streams); anyone using ActivityPub is definitely excluded here)
everyone on the same server as myself (AFAIK, only main instances of channels count here, clones don't)
unapproved (= followers) as well as approved (= mutual) connections
confirmed connections
those of my confirmed connections whom I explicitly grant that permission by contact role
only myself

There's a whole bunch more permissions than these. And they all have seven or eight permission levels (depending on whether the general non-Fediverse public can be given permission).

On (streams) and Forte, I can define whether things are allowed for

everyone on the Internet (where applicable)
everyone with a recognisable Fediverse account
all my approved connections
only me myself plus those whom I explicitly grant that permission in the connection settings

Yes, connection settings. Hubzilla, (streams) and Forte give you various ways of configuring individual connections, much unlike Mastodon. This includes what any individual connection is allowed to do.

Hubzilla uses so-called "contact roles" for that, presets with a whopping 17 permissions to grant or deny for any one individual connection. That is, what the channel generally allows, a contact role can't forbid.

(streams) and Forte still have 15 permissions per contact, but they lack some features which Hubzilla has permissions for. These permissions can be set individually for each connection, or you can define permission roles that cover all 15 permissions to make things easier.

Okay, how about posting in public vs in private? And when I say "private", I mean "private". It's "private messages" on Hubzilla, (streams) and Forte, not "direct messages".

Hubzilla, (streams) and Forte let you post

in public
only to yourself
only to your connections ((streams) and Forte only; Hubzilla requires a privacy group with all your connections in it for this)
to all members of one specific privacy group (Hubzilla)/access list ((streams), Forte); that's like being able to only post to those on one specific list on Mastodon
to everyone to whom one specific non-default profile is assigned (Hubzilla only)
to a specific group/forum (I'll get back to that later)
to a custom one-by-one selection of connections of yours

Now, let's assume I have a privacy group with Alice, Bob and Carol in it. I send a new post to only this privacy group. This means:

Only Alice, Bob and Carol can see the post and the conversation.
Alice can reply to me, Bob and Carol.
Bob can reply to me, Alice and Carol.
Carol can reply to me, Alice and Bob.
Nobody else can see the post. Not even by searching for it. Not by hashtag either. Not at all.
Nobody else can see any of the comments.
Nobody else can comment.

If one of them was on Mastodon, they'd see my post as a DM, by the way, and they could only reply to me. But that's Mastodon's limitation because it understands neither threaded conversations nor permissions.

Or how about reply control? This is something that many Mastodon users have been craving for quite a while now. Hubzilla, (streams) and Forte have them. Right now. And they work. They have since 2012.

Hubzilla optionally lets me disallow comments on either of my posts. Users on Hubzilla, (streams) and Forte won't even be able to comment; they won't have the UI elements to do so. Everyone else is able to comment locally. But that comment will never end up on my channel. It will never officially be added to the conversation. And at least users on Friendica, Hubzilla, (streams) and Forte will never fetch that comment from my channel as part of the conversation, i.e. never at all.

(streams) and Forte can go even further with all available options. They can disallow comments like Hubzilla. But in addition, they can allow only the members of one particular access list to comment, regardless of who can see the post/the conversation. On top of that, comments can be closed at a pre-defined point in the future. And then you even have a channel-wide setting for how long people can comment on your posts.

Oh, and there's even a setting for who is generally permitted to comment on your posts. And you can additionally allow specific connections of yours to comment on your posts.

Lastly, I've already mentioned groups/forums. Like, you know, Web forums or Facebook groups or subreddits or whatever. Like Guppe Groups on a mountain of coke and with moderation and permission control and optionally private.

Hubzilla has them, and it has inherited them from Friendica. (streams) has them. Forte has them. They're basically channels like social networking channels, but with some extra features. This includes that everything that's send to a group/forum as what amounts to a PM is automatically forwarded to all other members.

On Hubzilla, a forum can be gradually made private by denying permission to see certain elements to everyone but its own members (= connections): the profile, the members, what's going on in it. Depending on what you want or do not want people to see.

On (streams) and Forte, you have four types of forums:

public, and members can upload images and other files to the forum channel
public, but members cannot upload images and other files to the forum channel
like above, but additionally, posts and comments from new members must be manually approved by the admin(s) until their connections are configured to make them full members
private, non-members can't see the profile, non-members can't see the connections, non-members can't see what's going on in it, but members can upload images and other files to the forum channel

In addition, on all three, a group/forum channel can choose to hide itself from directories. This is always an extra option that's independent from public/private.

What we have here is the most secure and most private Fediverse software of all.

And, once again, at its core, this is technology from 2012. It pre-dates Mastodon by almost four years.

Finally, if you want to know how Hubzilla and (streams) compare to Mastodon: I have made a number of tables that compare Mastodon, Friendica, Hubzilla and (streams).

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Mastodon #Mitra #Friendica #Hubzilla #Streams #(streams) #Forte #ActivityPub #Zot #Zot6 #Zot8 #Nomad #NomadicIdentity #Security #FediverseSecurity #Privacy #FediversePrivacy #Permissions

@doctorambient

But do you really think ActivityPub is the ultimate best solution?

Ask Hubzilla or (streams) users, and they're likely to say it isn't.

Even with FEP-ef61 and other unofficial add-ons, ActivityPub will never handle nomadic identity as gracefully as a protocol like Nomad which has been built around nomadic identity and advanced, fine-grained permission control from the get-go.

The main reason why nomadic identity is being introduced to ActivityPub is so that Fediverse server apps that have always only supported ActivityPub can eventually become nomadic without having to be re-written against a wholly different protocol.

#FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #ActivityPub #Zot #Nomad #Hubzilla #Streams #(streams) #NomadicIdentity

@cy

The people who wrote the Fediverse

There were no "people who wrote the Fediverse". These was no committee who laid down the standards.

The Fediverse was invented by @Evan Prodromou. In 2008. By first creating a centralised Twitter alternative silo named Identi.ca.

And then open-sourcing the underlying technology as Laconi.ca, later StatusNet (merged into GNU social in 2013).

And then laying the protocol open as OpenMicroBlogging, later superseded by OStatus.

Then, in 2010, @Mike Macgirvin ?️ decided that the world needs a free, open-source, decentralised, secure alternative to Facebook that's better than Facebook. And so he made Mistpark, today Friendica.

But the features he wanted Friendica to have were impossible to achieve with any existing protocol. OStatus wasn't even that good for microblogging, much less Mike's ambitious plans. Besides, he's an experienced protocol designer. So he created a whole new protocol, DFRN, and built Friendica on top of it. Friendica did adopt OStatus as an extra protocol, though, because Friendica's goal was and still is to federate with everything and then some.

In 2011, Mike had seen many public Friendica nodes shut down with or without warning and people always losing everything and having to start over from scratch. So he decided to do something against it.

He invented nomadic identity. And built a new protocol around it, Zot, because there was no way DFRN could take care of this, let alone OStatus.

In 2012, he forked Friendica into Red and rewrote the whole backend against Zot, which, however, required the creation of yet another identity scheme.

For one, one login could now have multiple fully separate and independent identities on it. For example, my Hubzilla channel URL is https://hub.netzgemeinde.eu/channel/jupiter_rowland.

Besides, one identity could now reside on multiple server instances which is what nomadic identity means.

Red was later renamed Red Matrix and, in 2015, refactored, redesigned and renamed into Hubzilla.

Mastodon and Pleroma started in 2016 as OStatus-based alternative UIs for GNU social. Mastodon was the first to be turned into a stand-alone project with not much interest in connecting to anything outside, all in spite of already being federated with Pleroma, GNU social, Friendica and Hubzilla via OStatus.

ActivityPub came out in 2017. No, not 2018. It was standardised in 2018. But it came out in 2017.

In July, 2017, Hubzilla was the first Fediverse project to integrate ActivityPub. Next to its own Zot, next to diaspora*, next to OStatus etc. On the one hand, Hubzilla tried to stay as close to the ActivityPub spec as possible and feasible. On the other hand, Hubzilla had to make its ActivityPub integration, which has always been an optional add-on, compatible to its own technology, to its own Zot protocol, to the way it works.

In September, Mastodon was the second Fediverse project to adopt ActivityPub. But Mastodon was more interested in doing its own thing and being as close to Twitter as it could than in sticking to a protocol spec, much less connecting to non-Mastodon stuff such as Hubzilla with which it already shared two protocols now.

Mastodon was the one that added Webfinger. ActivityPub doesn't even require Webfinger. The ActivityPub spec doesn't contain Webfinger. But Mastodon requires Webfinger. It can't live without Webfinger. So everything that wants to properly federate with Mastodon needs to implement Webfinger.

After ActivityPub had become a standard, more projects adopted it. But as lax a specification as ActivityPub is, it allowed for a lot of liberties.

Some devs looked at how Mastodon had integrated ActivityPub, decided it was rubbish and did it their own way.

Some devs looked at how Mastodon had integrated ActivityPub, decided they couldn't do it the same way because what they did was too different from Mastodon and did it their own way.

Some devs didn't look at what anyone else did and did it their own way.

Probably none of them looked at how Hubzilla had integrated ActivityPub because none of them even knew that Hubzilla existed. Except for those who were maintaining Friendica now. And Friendica had to make it compatible with DFRN and with the way it had been working since 2010.

Fast-forward to 2023. Mike's current piece of work was the streams repository which contains an intentionally nameless fork of a fork of three forks of a fork (of a fork) of Hubzilla, slimmed down from Hubzilla, but modernised and technologically even more advanced.

It was then that @silverpill, creator and maintainer of Mitra, got into contact with him because he wanted to add nomadic identity to Mitra. Something that's built on ActivityPub and only supports ActivityPub. A first. No-one had ever done nomadic identity with nothing but ActivityPub before.

So the two started working on how to implement nomadic identity using only ActivityPub. Mike had a vision of a Fediverse with nomadic identity all over and Fediverse identities cloned beyond server application borders. Like, a (streams) channel cloned to Mitra, Mastodon, PeerTube and Mobilizon, all with the same identity.

This, however, required another, brand-new way of identifying Fediverse actors. And so FEP-ef61 "Portable Objects" was created.

We're probably in the middle of xkcd 927 now.

Mike set up an experimental branch of (streams) to develop and test nomadic identity via ActivityPub, also since (streams) already had nomadic identity anyway.

Around summer, the "nomadic" branch (for nomadic identity via ActivityPub) seemed reliable enough to merge it into "dev". And in July, "dev" was merged into "release", complete with nomadic-identity-via-ActivityPub code.

It was shortly after that merge that I created my two (streams) channels. The channel URL of my channel for Fediverse memes is https://streams.elsmussols.net/channel/fedimemes_on_streams. But its DID, which all channels created on accounts registered after that merge got, is https://streams.elsmussols.net/.well-known/apgateway/did:⁠key:z6Mkf2dhUa65zBYCNVqs3AHyt8uPixauZ7bPzEJn15LJANsd/actor. And that's only two IDs of the same channel. There are also others for (streams)' native Nomad protocol, Hubzilla's Zot6 protocol, ActivityPub, OAuth, OAuth2 and probably also OpenWebAuth magic single sign-on, another one of Mike's creations. Not to mention that (streams) channels, like Hubzilla channels and Friendica accounts, can also optionally be group actors.

In fact, this blew up into (streams) users' faces because (streams) confused the various IDs to such degrees that it wouldn't federate at all anymore. It took Mike a whole lot of work to iron this out again, so much that he officially retired from Fediverse development on August 31st.

And in the middle of this, he even created yet another fork, Forte, which is (streams) minus Nomad, minus Zot6, based on and supporting only ActivityPub. My guess is still that one of the reasons to create Forte at that point was to get rid of the Nomad and Zot6 IDs to sort the ID mess out.

Even if nomadic identity via ActivityPub should ever become stable and start spreading, I don't expect DIDs to become the one norm in the Fediverse. Not with all those barely or unmaintained projects and those devs who refuse to acknowledge that devs of other projects do great stuff, too.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #OStatus #DFRN #Zot #ActivityPub #Nomad #Laconi.ca #Identi.ca #StatusNet #GNUsocial #Friendica #Hubzilla #Mastodon #Pleroma #Streams #(streams) #Forte #FEP_ef61

@Ben Werdmuller What Bluesky is planning to do with the AT protocol looks like nomadic identity as ordered from Temu.

And nomadic identity is not a vague concept. It isn't futuristic technology either. It has been reality in the Fediverse for longer than Mastodon has been around. It was invented by @Mike Macgirvin ?️ in 2011 and then implemented in his own Zot protocol. Zot, in turn, was first implemented in 2012 in a project named Red, later the Red Matrix, known since 2015 as Hubzilla. And almost everything that Mike has made after Hubzilla had or still has nomadic identity implemented.

I'm writing to you from Hubzilla right now, so yes, it's very much part of the Fediverse. It's a rock-solid daily driver with a stable release (9.4.3).

Nomadic identity does not do away with a domain being part of your ID. What it does away with is the connection between account and identity and the connection between server and identity.

Nomadic identity means that your identity with everything that belongs to it (profile, posts, comments, DMs, connections, files, settings etc. etc. pp.) is no longer bound to any one Fediverse server. It can exist on multiple servers simultaneously. Not as dumb copies, but as clones. Bidirectional, live, hot backups in near-real-time.

Your identity always has one main instance which also lends the domain name. In addition, it can have one or multiple copies on different servers of your choice. Your accounts only serve to grant you access to the instances of your identity on a specific server. The main instance and the clones are constantly sync'd against each other in both directions. For example, after I've sent this comment, it was mirrored over to my clone.

Notice how I've written "bidirectional". For I can also log into my clone and use it just the same as my main instance. This is useful for when the server with my main instance on it is offline. When it comes back online, everything that has happened on my clone in the meantime is being sync'd to the main instance.

Granted, Mastodon and most of the rest of the Fediverse don't understand nomadic identity. When I post from my clone, they take my clone as an independent account with the ID jupiter_rowland@hub.hubzilla.de. But Hubzilla and (streams) do understand nomadic identity. Whatever comes from my clone, they'll correctly identify as being sent by jupter_rowland@hub.netzgemeinde.eu in spite of not coming from hub.netzgemeinde.eu.

Even "moving instances" is greatly facilitated. For example, if the server with the main instance of my channel shuts down permanently, I can make my clone my new main instance. That's easy-peasy: two mouse clicks and some 15 minutes of letting things settle, also because Hubzilla will have to go around and change all my connections from jupiter_rowland@hub.netzgemeinde.eu to jupiter_rowland@hub.hubzilla.de. On the remote side, on people's Hubzilla and (streams) servers.

You've read that right: If you move, nomadic identity makes your nomadic followers automatically follow you at your new home. What's beyond science-fiction on Mastodon has been daily-driven reality on Hubzilla since its inception in 2015.

While nomadic identity currently only has stable support via Mike's Zot and Nomad protocols and on Hubzilla and (streams), its implementation using only ActivityPub has been in the making since last year.

CC: @glyn

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #DecentralizedIdentity #DecentralisedIdentity #NomadicIdentity #ActivityPub #Zot #Nomad #Hubzilla #Streams #(streams)

@glyn Decentralised identity has been available for longer than Mastodon, let alone ActivityPub. Only that it is known as "nomadic identity" here.

It was first implemented by Friendica creator @Mike Macgirvin ?️ in the Zot protocol in 2011 and in a Friendica fork named Red in 2012, later renamed into the Red Matrix, eventually reworked and renamed into Hubzilla in 2015.

Proof: This Hubzilla channel of mine actually simultaneously resides on two servers.

(Almost) everything that Mike has made afterwards, forks and forks of forks of Hubzilla, used to have or still have nomadic identity implemented.

His streams repository contains a fork of a fork... of Hubzilla that intentionally has no name, and that offers nomadic identity via the Nomad protocol with better compatibility with non-nomadic ActivityPub. In July, it had decentralised IDs as per FEP-ef61 (see also here) implemented, a first step by Mike to fully implement nomadic identity in ActivityPub.

Forte, Mike's most recent fork from August, had all support for Nomad and Zot6 removed and only uses ActivityPub anymore while still offering nomadic identity. To my best knowledge, however, it has yet to be declared stable enough to be daily-driven, and it has no public instances.

Other than all this, a non-public development version of @silverpill's Mitra has nomadic identity via ActivityPub in development. I'm not sure whether FEP-ef61 is implemented in the release version yet. It's the only Fediverse project aiming to implement nomadic identity which Mike Macgirvin has nothing directly to do with.

The ultimate goal is to be able to clone a Fediverse identity across project borders. Only considering stable releases, it's currently only possible to clone Hubzilla channels within Hubzilla, using Zot6, or (streams) channels within (streams), using Nomad.

Unfortunately, Mike has officially retired from Fediverse development and only occasionally submits code to the streams repository and Forte anymore.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #DecentralizedIdentity #NomadicIdentity #ActivityPub #FEP_ef61 #Zot #Zot6 #Nomad #Hubzilla #Streams #(streams) #Mitra

@Matthias ⚝ @Evan Prodromou

Another alternative would be to deactivate activity pub (optional) (because it is toxic) and rely on the Diaspora / DFRN.

This would basically create three parallel "Fediverses".

One, the ActivityPub-based one which could be considered "bugged" and illegal as per GDPR because data sniffers would be everywhere.

This part of the Fediverse would quickly wither away and die for one sole reason: Mastodon, which makes up over 70% of today's Fediverse, is developed in Germany, and mastodon.social, which makes up over 20% of today's Fediverse, is hosted in Germany. Germany is a member of the EU and thus GDPR area. In fact, Germany was a driving force behind GDPR. Mastodon, in its entirety, would basically become illegal in its own country. Unless, of course, Gargron took the step to move Mastodon over to the USA entirely and shutter Mastodon gGmbH.

Two, the "safe" Social Web based on the diaspora* protocol and consisting of diaspora* itself, Friendica, Hubzilla and Socialhome. Many users of the latter three (if Friendica still offers this option, and if Socialhome introduces it) will turn ActivityPub off and cut off all ties to the ActivityPub-based Fediverse.

Three, the "even safer" nomadic grid of Hubzilla and (streams), based on the Zot6 protocol. Both definitely do allow ActivityPub being off, and on Hubzilla, it is off on new channels by default.

I guess both would feel quite some relief when they are no longer bound to a "Fediquette" defined entirely by Mastodon users who barely or not at all know that the Fediverse is not only Mastodon. Especially the several public Hubzilla hubs in Germany, including the two biggest ones, would be quick to turn ActivityPub off on a hub level because leaving it on would be illegal suddenly.

I'm not sure what'd happen to @Mike Macgirvin 's latest fork, Forte, which is (streams) with Nomad and Zot6 removed and nothing but ActivityPub. On the one hand, like (streams), it has an unparalleled permissions system. On the other hand, ActivityPub itself would become inherently unsafe. Besides, even something as basic as direct messages aren't necessarily that private if Pleroma admins can choose to circumvent direct message privacy on a per-instance level. And yes, Pleroma has that option.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #ActivityPub #Mastodon #Pleroma #diaspora* #Friendica #Hubzilla #Streams #(streams) #Forte #Zot #Zot6 #GDPR

@Bryan Redeagle I'm not even sure how much sense it would make to build something else on top of Zot.

Zot was tailor-made for what would become Hubzilla. Hubzilla is a Swiss army knife, a jack-of-all-trades, and Hubzilla is modular and expandable. The idea was not so much to make Zot a standardised protocol for others to build on, but to make Hubzilla something to build on in the shape of add-ons, so-called "apps" that could be attached to it.

With (streams), it's a bit different. Again, the idea here was not to take the Nomad protocol, which is firmly tied to (streams), and build something entirely new from scratch, but rather to fork (streams), turn it into something and give that something a name. That's the very reason why (streams) was put into the public domain.

Nomadic identity and especially the extensive permission controls that both have aren't exactly that easy to handle. Anything that uses Zot or Nomad would inevitably have to do a lot of things that Hubzilla or (streams) does and exactly the way Hubzilla or (streams) does it. It'd be much easier to add to Hubzilla or build on top of (streams) than to re-invent everything from scratch and hope it's compatible enough.

That said, the days of Nomad and Zot are counted. Mike himself is putting all his bets on ActivityPub. He is probably still be working on making ActivityPub nomadic and adding permissions on (streams)' level to ActivityPub. He doesn't do that because he wants to quit maintaining his own protocol, but because he wants the entire Fediverse to become nomadic and as secure as (streams).

If people obviously don't want to go where nomadic identity and permissions are, nomadic identity and permissions have to come to the people.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Zot #Nomad #Hubzilla #Streams #(streams) #NomadicIdentity

@Bryan Redeagle

I found a really cool one called Zot that had cross site authentication, which made privacy settings really interesting and useful. Unfortunately, the developer took down all of the drive and instead created a reference application called (streams), the parenthesis are correct. (streams) has no good info or documentation. You have to read the code to figure it out.

A few corrections. Source: I've been using that stuff since before Mastodon was hot. Oh, and this is going to be long.

First of all, the creator, @Mike Macgirvin , not only created the Zot protocol, but also a reference implementation at the same time. As in 2012. The reference implementation was named Red and a fork of his very own Friendica from 2010. Since Red turned out to be a not-so-good name, it was renamed Red Matrix. And as it didn't really take off, it was redesigned and renamed into Hubzilla in 2015. Hubzilla still exists today. I'm using it right now.

Mike kept advancing the Zot protocol further and further with a whole string of forks and forks of forks and so forth. Zot6 matured with Zap around 2019 and brought OpenWebAuth magic single sign-on with itself. Both were backported to Hubzilla, which has been maintained by someone else since 2018, in 2010.

Zot's killer feature is not OpenWebAuth magic single sign-on, though. It's nomadic identity. The very thing it was designed for.

In 2021, Zot11 was reached, but it had advanced so far that it was no longer compatible with Zot6, so it was renamed to Nomad. Today's Nomad would be Zot12.

(streams) is only a semi-official name, given to it by the community, based on the name of the code repository. Officially, the application is not a project, it is intentionally nameless (no, I'm not kidding, this thing has no name), it is intentionally devoid of any traces of a brand identity, it intentionally had almost all nodeinfo code removed, and it was intentionally released into the public domain.

As (streams) is not a branded product, it does not have a website either.

The reason why it doesn't have any documentation is another one: The documentation it had was painfully outdated. It was basically handed on from fork to fork to fork and never touched. Parts of it have remained untouched since before Osada and Zap were forked from Hubzilla, and that was in 2018. Other parts still speak of Red, and that name ceased to exist in 2012. I know because Hubzilla's current documentation is every bit as old.

Hubzilla is right now having its entire documentation re-written from scratch in German and English by a community member.

For (streams), however, the only solution was to rip the whole documentation out because no documentation was deemed better than one that's so outdated it's useless.

It was considered not so bad for as long as how few people a) learned about (streams) and b) figured out how to find an open-registration instance of something that has neither third-party instance lists nor a unified instance identifier actually joined (streams). After all, they all came from Hubzilla, so they could figure out most themselves.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Zot #Zot6 #Nomad #Hubzilla #Streams #(streams) #NomadicIdentity #SingleSignOn #OpenWebAuth

@ShadSterling There is no more and no less impersonation protection than within Mastodon and pre-nomadic ActivityPub. At least not from Mastodon's perspective.

After all, neither Zot nor Nomad nor the current development to introduce nomadic identity to ActivityPub is built against Mastodon in any way.

Mastodon was launched in 2016, ActivityPub was first used in 2017 and standardised in 2018. Zot was designed in 2011 and first implemented in 2012.

FEP-ef61 and Mike Macgirvin's project to add nomadic identity to ActivityPub are much more recent. But unlike many other things in the Fediverse, they were not designed with Mastodon in mind, especially not with Mastodon staying as it was at that time. Mike does not want Mastodon's proprietary, non-standard elements influence his development, and he does not want Mastodon's unwillingness to implement anything they haven't invented themselves weigh him down.

The goal of nomadic activity was simply to protect your online ID and your data from vanishing when your home server shuts down.

That said, if the whole Fediverse went fully nomadic one day, it would be senseless to claim that you're a clone of someone else's account or channel or whatever. That would obviously be fake. Clones can't act autonomously from their main instances and their other clones.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #ActivityPub #Zot #Nomad #Mastodon #Hubzilla #Streams #(streams) #NomadicIdentity

@Strypey @Laurens Hof I think I have to jump into this conversation here.

> Fediverse platform Streams has added nomadic identity to their platform, based on ActivityPub

To be clear, Streams has always had Nomadic Identity, using their own protocol (Zot/ Zap/ Nomad, whatever it's currently called).

First of all, a little nitpicking: It is not "officially named 'Streams'" like other projects are officially named "Mastodon" or "Friendica" or "Hubzilla".

It's officially and intentionally unnamed. It's intentionally nameless and brandless. Not even its instances have a unified identifier like "mastodon" or "friendica" or "hubzilla". "Streams" is the name of the code repository which was absolutely required to have a name, so Mike only speaks of the repository, and the community speaks of "(streams)" in parentheses.

And yes, it has always had nomadic identity. And it's at the end of a long string of forks, all by Mike himself, that have been supporting nomadic identity since 2012 when Mike forked Friendica into something named Red and ported it from Friendica's DFRN to his new nomadic Zot protocol.

In other words, nomadic identity has been in use for almost four years longer than Mastodon has been around. And the idea itself is from 2011 when Mike discovered one critical shortcoming of decentralised networks, and that's people losing their online identities when the instances they're on shut down.

Red still exists, only that it has been Hubzilla since 2015.

(streams) is based on a protocol named Nomad. Technically speaking, Nomad would be Zot12, but when Zot11 was reached during the development of Roadhouse which (streams) is a fork of, it had become incompatible with Hubzilla's Zot6. So in order not to confuse people, this version was renamed Nomad.

What's changed is ...

> Streams is using FEP-ef61

Mike is actually a big contributor to FEP-ef61 because what FEP-ef61 tries to do, he has done before way back in 2011 when he conceived the Zot protocol and in 2012 when he implemented it for the first time.

So thanks to Mike, the wheel doesn't have to be re-invented from scratch by someone who has never heard of the existence of wheels before, much less seen or even used them.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Hubzilla #Streams #(streams) #Zot #Zot6 #Nomad #ActivityPub #FEP_fe61 #NomadicIdentity

@Plastic Paragraph @Sal Rahman Nomadic identity, as invented by @Mike Macgirvin in 2011 and first implemented in the Zot protocol from 2011 and the Friendica fork Red in 2012 and used by Hubzilla and the streams repository today, goes even further.

Its basic functionality is to keep at least one clone of your identity on another server.

On most Fediverse projects, e.g. Mastodon, your identity is in your account and thus bound to one specific server.

Hubzilla and (streams) put "identity containers" into your account, so-called channels. Your identity is not directly put into your account, but into one of these channels. The channel separates your identity, your connections, your posts, your settings, your files etc. etc. from your login credentials.

This makes two things possible. One, you can have multiple, completely separate identities (channels) on one and the same account, accessible through one and the same login.

Two, and here does nomadic identity come into play: A channel can be cloned to another server.

Such a clone is not a dumb copy like when you move from one Mastodon server to another Mastodon server. It's a real-time, bidirectional, live, hot backup. And it's fully identical to the main instance of your channel, down to the identity, at least as perceived by server applications that know nomadic identity. Anything that happens on the main instance is mirrored to all clones, and anything that happens on a clone is mirrored to the main instance and the other clones.

For example: The main instance of my channel is on hub.netzgemeinde.eu. Thus, my identity is jupiter_rowland@hub.netzgemeinde.eu.

I've got one clone on hub.hubzilla.de. Hubzilla and (streams) understand nomadic identity. They know that this clone is the same jupiter_rowland@hub.netzgemeinde.eu. Even if I should send something from my clone which I've actually done once when Netzgemeinde was acting up, Hubzilla and (streams) connections still perceive it as coming from jupiter_rowland@hub.netzgemeinde.eu.

The big advantage of this is resilience against server shutdowns. This is actually the very reason why Mike invented nomadic identity in the first place: He saw Mistpark/Friendica nodes disappearing into thin air upon short notice or spontaneously. He saw users lose everything from one day or hour or minute to the next and always have to start over from zero. And he knew that the only solution for this problem would be if a user's identity resided on multiple servers simultaneously.

Nomadic identity makes channels even resilient against the shutdown of the server that contains the main instance. You can always declare any clone the main instance. If you still have a main instance, it's demoted to clone. All of your connections on Hubzilla and (streams) are automatically changed accordingly. The only difference in practice between the main instance and a clone is that the main instance is the one that defines the identity.

A byproduct of nomadic identity is that it provides the best way to move an identity from one server to another. It first creates a clone. Then it declares the clone the new main instance, turning the old instance into a clone. Then it deletes the old instance. If the account on the old server doesn't hold any more channels, the whole account is deleted.

So not only can you move with actually absolutely everything, a Mastodon user's wet dream that will probably never come true, but you can do so with relative ease and quite safely, and most of all, you don't leave a dead identity/account behind.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Zot #RedMatrix #Hubzilla #Nomad #Streams #(streams) #NomadicIdentity