Just another Swedish programming sysadmin person.
Coffee is always the answer.
And beware my spaghet.
The design of IPFS - using content-based addressing with append-only interactions - makes deleting/revoking basically impossible to implement, let alone guarantee.
There’s the dat protocol (now hypercore by holepunch) that handled this better, with content being addressed by key instead, so that the owner of the private part of the key could modify content after “uploading” it.
Unfortunately, hypercore still hasn’t really reached that stable point where you’d like it to be for developing a software like this on top of it.
This looks really odd in relation to other fediverse software; Why
/magic
and required to be on the root of the domain? Why hard-require routing the domain part of the user ID when.well-known/webfinger
exists? Why is there aX-Open-Web-Auth
header which the spec only describes as “its purpose is unclear from the code”?So many questions.
I definitely like the idea of distributed sign-in, Solid did a decent work of that many years ago after all. This particular proposal just looks rather odd.