I just learned about decentralized identity proofs and @keyoxide. WOW! Just wow! I already modified my PGP key and deleted my keybase account.

Follow

at the moment @keyoxide is using gravatar, but I already sent them a PR to switch to @libravatar instead.

@ilpianista @keyoxide That‘s great! We appreciate it a lot if people find sites that could benefit from using Libravatar, but the greatest part is that you already sent them a PR!! Thanks a lot!

@libravatar well, it's thanks to you since moving to is just a matter of changing the hostname 💪

@ilpianista Yes, if you leave out the possibility to allow federated avatars. ;-)

@libravatar are you aware of WKD? Just in case, it's a standard for putting cryptographic keys on personal servers behind a URL that can be computed based on the identifier. So knowing just the identifier "bob@domain.tld", you can easily download bob's key from his server on domain.tld

No need for a centralized service.

Do you happen to know if there's a similar thing for avatars? If you have a personal server, you can easily store an image there

@ilpianista

@keyoxide @libravatar @ilpianista Well, that's exactly what libravatar is: wiki.libravatar.org/api/ (see federated servers section)

The main problem there is currently that most software, built for gravatar, will just replace it with the backup CDN infrastructure for libravatar and ignore the federated part. And of course in the browser the discovery of SRV records is rather limited, but not impossible.

@sheogorath ohhh that link just made the penny drop, thanks! Yes, that is what we need. Perhaps if Keyoxide has guides that puts federated avatars front and center, we can get a few more people to start adopting it.

@libravatar @ilpianista

@keyoxide
@sheogorath @libravatar indeed! My fault, I took the shorter path. I'll try to implement the federation so that we could discuss the implementation in the PR

@keyoxide @sheogorath @ilpianista Please don‘t forget that the default behavior of Libravatar is to transparently (and anonymously) proxy requests to Gravatar, if no local image is found. So, it‘s really a 1:1 replacement, unless you also want to implement federation (which is of course preferred).

@libravatar
@keyoxide @sheogorath very cool! I updated the PR to use libravatar nodejs library instead.

@libravatar reading the API documentation, I think libravatar's federated approach is not entirely what I was looking for.

It's great considering the alternative!

But every request still needs to be processed by a libravatar server, right? So the end-user must set DNS records and host a server implementation, correct?

@sheogorath @ilpianista

@libravatar WKD on the other hand is just a simple file hosted on a server, accessible by a predictable URL. No need to install a WKD server or set any DNS records.

datatracker.ietf.org/doc/draft

This is an attempt to lower barriers of entry. Do you happen to know if there's any work in this direction?

@sheogorath @ilpianista

@keyoxide @sheogorath @ilpianista There are some ideas into that direction, but I‘m still not sure about the right approach that people will actually adopt. :-(
In other words: No near future feature we‘re planning.

@libravatar alright, thanks for letting me know.

If this idea is ever to come up again, I'd be happy to join the discussion and/or development.

Until then, federated libravatar appears to be the most open and decentralized solution so that is what we must support.

@sheogorath @ilpianista

@keyoxide @libravatar @ilpianista one can drop the dynamic code and drop in static files, but it comes at some storage cost.

I built a pure-nginx based implementation a while ago: git.shivering-isles.com/shiver

It obviously lacks some features but nothing critical. Should be enough for most federated hosters.

@keyoxide @sheogorath @ilpianista Yes and no. You can setup your own server - there are a few alternatives. Or map the URLs (mostly because of the size parameter) to static files. But yes, DNS setup is required.

@libravatar @ilpianista thanks for that PR, great feeling when people feel passionate enough to contribute 🤗

There had been an earlier libravatar issue and at that moment, I had to put it on hold because of (poor) code design choices I had made 😐

With the Keyoxide 3.0.0 rewrite, this is now feasible. We must give key holders the choice of avatar provider. But I wouldn't mind setting defaults that favor decentralized options!

Sign in to participate in the conversation
Functional Café

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!