Federation doesn't work anymore

Federation doesn't work anymore

Federation is the interchange of data between fixed address servers that authenticate each other by DNS and X.509 and optionally wrap everything into TLS. This describes, non exclusively, SMTP, XMPP and HTTP federation overlays such as OStatus, GNU Social and Diaspora.

Still think Federation is better than staying on Facebook in the first place? Think again. Maybe a beautifully illustrated visual novel will help you reconsider.

The Legend Of Federation

Remember the days when you could have your own e-mail server? Well, you luckily still can, but more and more people are just using the web-based offerings from Facebook, Google or Microsoft (Hotmail).

If you send messages to several people, there will almost always be someone who reads mail at one of those companies. You call that privacy? And don't say you can encrypt your correspondence with PGP as that is not sufficient.

We've been doing federation for twenty years and came to the conclusion that it's not part of the solution. It is part of the problem. Federation is a broken model that you shouldn't strive for but rather get over with.

Everyone needs to be in charge of their own communication node, not depend and not have to trust anyone other's except for just that data that was intentionally shared to them. Sounds simple, but it is actually complicated and cannot be achieved with the federation architecture. Even if anyone was consistently doing end-to-end cryptography over federated social networks, it would leak all the metadata about who is dealing with whom.

Or, as Sarah Jamie Lewis puts it, "Federated systems that rely on server trust anchors act like slime molds."

So what should we do instead? Well, you can read the rest of the website about that, or look at the comparison for today's Best Practice recommendations. See also what else is broken about the Internet.