For the attention of federated systems developers, including Matrix, Fediverse and others.
It may be good to know about an issue going on with FedCM “Federated Credential Management” draft spec. Liquid Surf brings it to the attention of all federated systems fans in their blog post: Can FedCM improve the user experience of decentralized ecosystem ? . In short, the spec aims to make a slicker browser flow for the Sign-In-With-Xxx buttons.
To us who care about federated computer infrastructure, introduction of a new standard to streamline the sign-in flow might seem minor and remote, but there is a catch.
The critical issue is, at present, the draft standard is likely to cement the monopolies of the big providers (like Google and Facebook) and leave out small providers. In short, the problem is the draft spec says the site we're logging into (called the RP) solely dictates what list of identity providers should be offered to the user. What will happen in that case? Most sites will offer only the BigTech identity providers. Read the blog post and the issue Allow IDP registration #240 for details.
What to do about it?
The proposal in Allow IDP registration #240 is, in short, not to have the RP site solely dictate what list of identity providers should be offered, but also to let the browser register the user's chosen identity providers and present those as options when a new login is requested.
Decentralising ID providers is key to the whole decentralised movement, including Fediverse, Matrix, self-hosters as well as the ability for independent businesses to provide comprehensive IT services without one of the tech giants playing gatekeeper.
We, all of us who care about federated/decentralised infrastructure, now need to push the draft Federated Credential Management “FedCM” standard to support “Sign In With” the user's choice of identity provider (which may be small, local, independent, hosted by one's school or enterprise or self, and so on). If this extension to the proposal does not get enough support to be accepted, we might get a standard that perpetuates the status quo of sites only offering Sign In With the giants like Google/Github/Facebook, ugh. That would be another death blow for user agency and privacy and variety.
Fedi devs, let's demo this truly user-centric version of FedCM, show us how awesome it is! Fedi fans, this might seem remote from our viewpoint but it's important for our future. Let's share this issue more widely among Fedi projects!
We will have a Solid Special Topic on FedCM this tuesday at 14h00 UTC, it would be great if people from the fediverse can join too :)
Please let me know if you are interested and I'll PM you the link to the visio
A moderator asks someone to disclose an attribute of their real identity. The recipient provide the requested attribute, using Yivi to attach a cryptographic proof.
In the last update I introduced a demo of attribute disclosure. I have since completed the main TODO there, making the disclosure flow happen on the recipient's account. (In the first demo the moderator's role and the recipient's role both took place in the same login session in the same account.)
This week I have been thinking about how we will need to improve the user experience, or flow, of this disclosure request and response.
Writing the dialogue boxes and associated logic by hand was tedious and buggy. Rapid prototyping would be helpful. I decided it's time for me to learn a better way. Being new to UI design and fervently open-source principled, I searched for a FOSS solution and found Quant-UX.
Quant-UX seems well suited for this task. Unlike the better known PenPot, an open source tool for detailed visual design, Quant-UX focuses on dropping UI components into place and wiring them together for a live testable UI design, with facilities for collecting feedback from user testing. While Quant-UX is a bit rough around the edges compared to a polished commercial product like Figma, having minor bugs, inconsistencies and so on, it is nevertheless powerful and usable enough. And on the positive side, I understand it can do things that Figma can't.
There is even a “low-code” sister project Luisa.cloud which promises to import a Quant-UX (or Figma) design into a real application and run it for real. I am interested to try that too, but that will have to wait.
I set about self-hosting Quant-UX to be sure of owning my own data. Now it is running on my Trax domain, at qx.trax.im. (You can try it, but be aware I'm providing it “as-is”, no guarantees at all, even if you create an account there (which I may or may not allow). Consider using the official site or hosting your own.)
Some initial ideas about improvements to the flow:
The moderator could initiate the process by clicking an action button on a message from the intended recipient user in a hub room, or by clicking on the user's avatar or pseudonym in some list, and the relevant user would be pre-populated in the initial dialogue and not editable there.
The recipient user should receive a more gentle notification than suddenly seeing a pop-up dialogue of any kind. Perhaps a notification consistent with other notifications, though perhaps indicating a greater “urgency”, from which they can then access the full details of the request when they are ready.
I started adding some “comment” annotations on the UI prototype, mentioning some of these thoughts. You (dear reader) can do so too, either anonymously or after creating an account. (I have reported a bug whereby none of the existing comment annotations can be seen until you add a new comment, then they all appear.) If you add any comments there, please also contact me another way to let me know you're doing so, as I might not otherwise notice.
This month I have been building a PubHubs-specific feature, the ability for a moderator to ask a someone to disclose an attribute of their real identity.
When a person signs in to PubHubs hub through the Yivi verified credentials system, initially they are allocated a pseudonymous user identifier, for example @123-321:testhub.matrix.host. From this pseudonym, not even an operator or moderator of the hub can discover the user's real identity.
A moderator may wish to ask a user to confirm their real identity, to some degree. Through Yivi it is possible to ask a user to reveal a cryptographic proof  of one or more of their identity attributes. Some common attributes are one's real name, physical address, or email address. An attribute could also be something like “age is at least 18 years”.
Time I Learned: there are freedom-respecting phones.
I'll tell you which one you need.
What's the problem?
It's not about the hardware. Well, there are certainly important issues about the hardware — and you might want to discover PinePhone and FairPhone. But I'm here to talk about about our freedom in using the product.
What's so bad about choosing either Google or Apple?
It's about who controls our use of the device after we “bought” it. Do “they” remain in control of what we do, or are we in control?
Android or iPhone — either Google or Apple delivers our messages — surely? You don't accept that?
Time I Learned: there are freedom-respecting phones.
People who do not want to depend on Google or have them control our devices are using android-compatible but not google-controlled phones, a.k.a. “degoogled phones”. We have been asking (ourselves) for several years if we can have google-free push notifications. Thanks to the developers of the UnifiedPush standard, the answer is now, “yes!”