Hi, On Thu, Jan 22, 2026 at 11:00:52AM +0800, Maytham Alsudany wrote: > On Wed, 2026-01-21 at 00:30 +0000, Andy Smith wrote: > > [...] You could choose to expand this notion beyond the individual site, so > > instead of it being forums.debian.net working out its own authentication > > scheme there were some central service managing the identities of the > > users. [...] Decentralized identity providers exist that can be > > self-hosted, like OAuth. > > FYI salsa.debian.org already serves this purpose. It doubles as Debian's > GitLab instance as well as an oAuth2 provider for many Debian sites such > as nm.debian.org.
This is nice but it only really goes to emphasise my point: An organisation (Debian) made an identity provider for its own services, but is it something that's simple enough and pleasant enough to use that a service like forums.debian.net would realistically want to use it for authentication? > > These are highly obscure and probably a dead end: anything that > > can be self-hosted can be abused to create infinite identities. > > Salsa registrations require manual approval from the admins to protect > against spam / bot accounts. …which is great for internal Debian services for a total population of a few thousand experts who know they have to work through some initial inconvenience if they want to participate in Debian. I don't think it would suit something like a forum for novice Debian users that wants to attract new users with lowest friction possible. I can't really imagine that Salsa admins would want to be manually approving new signups for people who want to write posts on forums.debian.net, and that is assuming that only write access needs to be authenticated - this thread did start with a question about even abusive scraping being stopped by authentication. What I was saying here in this thread is that the technology exists, in multiple implementations, it's just that it's too inconvenient and fragmented. Due to that, users often have to be forced to use them and their use remains niche, not a silver bullet that all popular services could use. Thanks, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting
