Finally got around to checking out Revolt Chat. It's basically a Free Code Discord clone. If they were going to federate with other chat servers, matrix is probably the best choice, given it's a room-orientated UX and needs a concept like Spaces. If anyone thinks that Revolt could be federated with XMPP, I'd be interested to hear some details on how that would work.
@Adam@strypey We looked at several models of integration. Letting people send private messages from one ActivityPub account to another made the most sense.
@strypey We're moving forward with end-to-end encrypted messaging over ActivityPub. https://github.com/swicg/activitypub-e2ee/ MLS, the encryption technology, was meant to scale to hundreds of thousands of people, but my guess is that AP E2EE chats will more likely scale to the more personal handful, max a couple of dozen. I don't think it's a Discord replacement, but it's in the mix.
It could be fun to have a friendly competition where one team designed a Discord-a-like UX and interface, maybe using PenPot. Then a team from each protocol camp put together the apps and server using their preferred protocol. Reusing existing components would speed things up, like an AP team building the apps as clients for a fork of the Lemmy server.
There's a massive opportunity here, for someone to build a UX that would be comfortable for someone used to Discord. 100% Free Code, and connected to a federated server that can provide all the necessary functionality. Whether that's using;
* XMPP for interop with the Jabber network,
* Meg/Olm for interop with Matrix rooms
* ActivityPub for interop with the forumverse (Lemmy, PieFed, Discourse, nodeBB, etc).
The claims in this post are from a blog post written by one of the devs of Fermi, a client for Stoat competitor Spacebar. I haven't fact-checked this yet, so take with a grain of salt;
Although it's technically possible to self-host Stoat, the client apps are hardcoded to point to stoat.chat, not your instance. Also a bunch of the code it depends on is under proprietary (Source Available?) licenses, and can be hard to find, as it's not all in one repo.
Stoat is designed as a centralised service. So in theory the operators could sell it to Discord, or Xitter, or anyone, at any time.
To be clear, they show no signs of doing so, and claim they're getting plenty of donations to cover costs. But this was true with Gitea ... until it wasn't. Devs with control over the project accepted VC money, leading to the Forgejo fork.
@worik@strypey@reiver You're right; ActivityPub is encrypted from one end to the other.
The problem is data at rest. AP activities are stored on the sender's server and cached on the receiver's server in the clear. If your server admin, or mine, decides to go spelunking in their database, they can violate our privacy and read our messages.
This is no better or worse than unencrypted email. However, a lot of people on the Fediverse have accounts on servers they don't trust.
@evan > We're moving forward with end-to-end encrypted messaging over ActivityPub
I'm aware and watching with interest.
> I don't think it's a Discord replacement, but it's in the mix
As @reiver pointed out in a post I replied to earlier, E2EE is not needed by the majority of communities leaving Discord, who use it more like a web forum than a chat room system. Even if their Discord "server" is not public, it's not necessarily sensitive enough to need the overhead of E2EE.
@evan@strypey What's missing from the existing standard protocol for "type message press send" that can't be added and justifies a new protocol that does the exact same thing? If you want to make the ActivityPub identity an email address, GREAT, install Dovecot on the server. I would love that actually.
@evan@strypey Every ActivityPub server already uses email to send private messages for notifications, password resets, etc., right? Every AP server already requires an email address for every registered user, right? Why not use the open standard private messaging system that we already are using?
"Will server admins be liable for content privately created by users of their server?"
Probably not. There's not a lot of precedent in the US or Europe, but it seems like if the admin can't see the content, and is not providing the service specifically to enable crime, the liability is low. Other countries may have different rules.
"The whole reason other social networks bundle private messaging with public messaging is to take control of their audience and leverage all of your conversations to profit off of you."
No. People use private messaging for friends, family and colleagues. It's a crucial part of personal intimacy. I did research on this topic here:
@Adam@strypey the reply-to idea seems fine, as long as you let people know that their email account info will be shared. I think there are other platforms that follow this pattern at one point.
@Adam@strypey your idea for sending one-off emails to someone's account seems fine. Lots of blog software has this. I don't think it's a good substitute for an actual conversation platform, but it'd be fine for drive bys.
@evan > The Fediverse was specifically designed to support private distribution; it was one of the main reasons we upgraded from OStatus
At the risk of splitting hair, "fediverse" was coined to describe the OStatus network, so it's more accurate to say *AP* was designed to support private distribution.
But the point stands. The fediverse needs an E2EE messaging standard if we want to have any chance of replacing FB, for example;
Overall I'm leaning towards Evan's position here, but a couple of things;
@Adam > Will server admins be liable for content privately created by users of their server?
@evan > There's not a lot of precedent in the US or Europe
What about the UK Online Safety Act, or the Chat Control rules being drafted in the EU? Ideally this push for increased state control over citizens' communications will be pushed back, but ...