like if I left PV to go to like cybre.space, you could issue a "Follow" action to everyone who used to follow you to have them follow the new account (maybe? or a specialized kind of follow action - like "RedirectedFollow"?). But all of the old activities would still point to the archived account
@jalcine I used to think that since this all works like email, maybe a simple forwarder, and a proxyAddress on the new server would do the trick nicely, but over time it would get out of hand.
@thegibson right like it'd be too much to handle.
however, we can set an expiration I think; there's no reason to expect people to completely have moved over.
like it could last until all following accounts have reported that they've migrated. it might also require the following accounts to rewrite references in their objects to the new `acct:` in question
sure... something like that is required on top of forwarding to a proxy... but you'll almost never get 100% transferral due to the ephemeraL NATURE OF SOME INSTANCES.
@thegibson which might be an acceptable loss if we add ephemeral natures into the mix. I'm wondering if that Action (like "MigratedFollowBackRequest" as an extension on "AcceptFollow") could just be a UDP-esque request.
Hey, I moved. Come find me here if you can handle it.
right... just need to consider that the 100% migration rate is not the number you want to use to deactivate the forwarding.
@thegibson tbh this feels fine! If I had time, I'd hack together a PoC for tootsuite/masto
@jalcine yeah, it's just the nature of the beast... sysadmin hat tells me a 30-60-90 day expiration would fit better
@jalcine Problem is that then you can have people maliciously hijack your account be pretending to be your new account.
I think this problem was discussed before by Gargron & co and they settled on the `movedTo` semantics.
@cj how is the account hijacked? I see spoofing here since they're faking one's identity. This does bring up a point of probably making "tombstone" accounts that admins can choose to free up to prevent spoofing
@jalcine Sorry maybe I misunderstood: if the new destination account is the one sending these "MigratedFollowBackRequest", then there is the question of how to have the original (possibly no longer existent) account bless it as being authentic.
@cj ahh right. Maybe having sent it a signed message using the old account's key? this is all meant to be temporary - like sent over a period of a time then stopped
@jalcine Ah yeah, but only if the previous crypto war was actually won and PGP/GPG, key signing parties, etc were more of a thing. In practice, key management to this day is a big PITA, especially between different machines serving different domains.
@TheGibson @jalcine this is why 301 redirection is good - it means 'go here instead, and remember it for next time' Underneath all the webfinger flummery, mastodon does use urls for posts and users, so supporting this is the way to migrate as it updates. https://github.com/tootsuite/mastodon/issues/8465
@jalcine @TheGibson both Salmon and ActivityPub have signature mechanisms to give confidence in passing around posts without fetching them from origin URLs - I don't know how instances cache and update the keys for verifying these. Old Salmon explanation here: https://www.w3.org/community/ostatus/wiki/Workflow
@jalcine @TheGibson looks like the ActivityPub spec punts this to https://www.w3.org/wiki/SocialCG/ActivityPub/Authentication_Authorization so you'd need to see what is going on in practice.
Social is the primary social media platform for the forth coming fourth version of Play Vicious, a new initiative built to bring attention to the plethora of creative acts that don't get the shine they deserve.
For more details about the project and how to support, go here.