Their biggest complaint was something I found odd as a new user to the fediverse too. When I was looking for a home instance, I saw that beehaw required an application, but I could just create an account elsewhere and interact that way, skipping it.
It seems like (at least one of) the tools they want is to allow federation to other instances, but external accounts must still “apply” before being able to comment or post. That’d allow users on both instances to still view each other’s content, but it’s not as cut-and-dry as blocking all posts from external accounts like limiting would (if implemented) or worse, defederating and siloing from all.
Lemmy does not seem to include any kind of authentication on the user level (such as a user keypair and signatures using that on their posts and comments client-side) so allowing one user from a remote instance would at least trust the owner of that instance to not impersonate the user who is allowed to post.
In fact, how does ActivityPub in the threadiverse even ensure that the instance is who they say they are? The W3C document on it seems to indicate that there is no standardized way to authenticate servers to other servers yet.
Their biggest complaint was something I found odd as a new user to the fediverse too. When I was looking for a home instance, I saw that beehaw required an application, but I could just create an account elsewhere and interact that way, skipping it.
It seems like (at least one of) the tools they want is to allow federation to other instances, but external accounts must still “apply” before being able to comment or post. That’d allow users on both instances to still view each other’s content, but it’s not as cut-and-dry as blocking all posts from external accounts like limiting would (if implemented) or worse, defederating and siloing from all.
Lemmy does not seem to include any kind of authentication on the user level (such as a user keypair and signatures using that on their posts and comments client-side) so allowing one user from a remote instance would at least trust the owner of that instance to not impersonate the user who is allowed to post.
In fact, how does ActivityPub in the threadiverse even ensure that the instance is who they say they are? The W3C document on it seems to indicate that there is no standardized way to authenticate servers to other servers yet.