Why does federated software like Lemmy not use SSO from common providers?

It seems like an easy way to share users across multiple instances without having to deal with actual registration / bots.

15 comments

I believe this is against the whole idea of the federation. Users are local to an instance on the federation.
- I don't understand why it's against federation. It's no different than an instance offering sign-ins which are federated across all instances. In fact, it's worse, anyone could create an instance and create malicious users.
It seems like an easy way to share users across multiple instances

... but you don't need to have users in multiple instances. Register once, and use your home instance to interact with any content.
- Except until that instance shuts down, goes down, etc. There goes all your posts, history, etc.
  
  Not really. That content still lives on servers with which that instance was federating with.
  
  As opposed to when a large centralized platform (Reddit, Twitter) shuts down, in which case you do truly lose your history.
SSO is the enemy of privacy.
- Why is that? It's not like there's any privacy when you sign up to any Lemmy instance.
  
  SSO allows you to be tracked across platforms. There is nothing that ties my Lemmy account to any other account I have somewhere else.
- What about posting to publicly accessible federated platforms? Seems inherently not compatible with privacy.
  
  Not at all.
  
  https://lemmy.world/comment/376759

15 comments