See what CIMD solves for. “Innately centralized” was probably a poor choice of words, but OIDC not a good fit for an open social web with decentralized identities and a plethora of small identity providers that cannot be known upfront.
- 2 Posts
- 3 Comments
Joined 3 years ago
Cake day: June 21st, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
What you’re missing is that OIDC is innately centralized and FedCM, in particular thanks to this work, isn’t.
This is all building on or complementing the same underlying OAuth standards, like the CIMD spec that Emelia originally intended for adoption into Mastodon/ActivityPub to set the stage for decentralized OAuth, but it was never brought in. The AT protocol on the other hand adopted it into their decentralized oauth-atproto standard, which is on track to become a protocol-agnostic oauth-dweb standard.
Anyone who cares about decentralized software should be dissatisfied with how OIDC works. If you wanna use your primary fediverse account to log into other fedi apps, this work is for you.
This requires manually enabling every additional provider. This doesn’t work if some individuals or smaller collectives wanna run their own identity providers, numbering in the thousands.