Open jhaye opened 5 years ago
ryliejamesthomas
commented
5 years ago I think it'd be good if we could point to multiple allow lists!
This would shrink the task of maintaining a list, as say a trusted person who keeps of top of music-related instances could keep a list of those, a trusted person who keeps track of Pixelfed instances could maintain a list of those, etc.
mal0ki
commented
5 years ago @ryliejamesthomas this made me think about creating a real web of trust, but on a server level. I think that can work out really nicely, especially with Florence.
General thought: This may be a separate issue, but I'm thinking about how we could possibly create a combination between allow and disallow list, to create some kind of buffer/grey zone for Moderators. I'm just not sure how it'd work. Is this something that'd be worth taking up for discussion? (in either it's own issue, or the mattermost)
ryliejamesthomas
commented
5 years ago @mal0ki I think it's worth discussion, yep. I think the project could use a space to chat about and brainstorm ideas and just let them run, without worrying about how possible they are in actuality. Like just a room in the chat or something.
mal0ki
commented
5 years ago @ryliejamesthomas Currently we are using the development chat for this type of purpose, but as soon as we revive the Mastodon team, that place already has a brainstroming room too.
jhaye
commented
5 years ago One thing that I can imagine might be useful, is sharing explicitly allowed instances across the WOT, but providing a ban-list to override. That would make it easier to admission new instances to the federation from trusted peers and simultaneously allow for local decisions in that regard.
I'd imagine this would make moderation efforts less straining, as bad actors ideally would never enter the federation, while allowing fine-grained control when necessary.
As Mastodon is getting an allow list based federation mode, communities should be able to curate who they are opening themselves to with as little friction as possible.
Once the feature lands, I would propose that people can point their instance to a hosted allow list which then imports it and regularly checks for updates to the list.
Allowing manual overrides for automatic imports seem like a good idea, so that a list doesn't turn useless just because it contains one entry an admin disagrees with.
Additional security could be facilitated by giving admins the option of requiring the list be cryptographically signed. This might seem like overkill but I feel like guarantees of trust are exactly what a lot of people would want from such a feature.