Follow

so handles on mastodon are like emails basically in their format

Keybase: *suddenly wakes up from dozing off* oh what? yeah

Keybase: *just throws in a scroll list of a bunch of mastodon instances*

the reason they don't look good in the UI is because you're doing it wrong, keybase.

even if this is "just temporary" this initial implementation is just like, wrong

there's a whole oauth flow and everything, put a button that says "prove your mastodon identity" and then ask for the full handle. The URL for you to ping is right there in the handle. jeez

this is from the same people who threw in a cryptocurrency into their app for some reason too, so I'm not surprised

I think this just irks me because they're doing it wrong from the start.

@abby i mean, they're trying to add a generic proof system that allows every website to add support

which is kinda cool

but, if they set it up to use activitypub and associated protocols to handle proofs, it would just work for the entire fediverse without any keybase-specific integration work on each instance,

and the ui wouldn't suck because it wouldn't be logically possible to list all the supported instances up front,

@abby i'm wondering if they just totally forgot how they implemented the proof process for the previous sites???

y'know, for birdsite and such, they give you a snippet of crypto nonsense, which you go and post on birdsite yourself directly

therefore not giving them even the possibility of having write access to your profile, since you do the writing step yourself, making it zero-trust, which is super important,,,,

@abby honestly you should just be able to say something like "hey i own vulpine.club/@00dani, please look at the proof i posted to vulpine.club/@00dani/101929610"

since that post clearly specifies it was written by vulpine.club/@00dani in its h-entry markup??

and then it'd be trivial to post proofs pretty much anywhere, since microformats2 is incredibly simple and easy

but nah

@abby i mean, you'd need some reliable way to discover the post from the profile page rather than just trusting the link from the post is accurate, since naturally anyone could make a post somewhere online that has me marked up as its p-author

but like. atom feeds. activitypub. rel="next". etc etc etc. there's lots of rly simple standard ways to do this stuff.

Sign in to participate in the conversation
LGBTQ.cool

A general purpose instance for all kinds of cool LGBTQ people and allies.