I'm not sure I totally understand the relationship between the servers. I made an account on both mastodon and octodon. So they're totally separate servers, but stuff shows up cross-server too in the federated timeline?
It seems to me that there's potential for impersonation here--grab someone's username on a different server, and.... yikes.
@Asbruckman Since we are both on octodon.social, it shows just the first part of your username (and mine). Any other server will include the rest of the name, much like an email address - for instance, to someone on Mastodon.Social I am golero@octodon.social. As long as you keep this in mind, you can check which instance each user is from.
@Asbruckman Nothing really, but a similar thing happens on Twitter with people making handles like @realdonaldtrunnp and the same pictures as his real account, just as an example. It's up to the reader to verify they authenticity of the account, or at least hold a little skepticism.
I do wonder if there will be a way to verify accounts on the instances, though, because I can see your point.
@Asbruckman This is also true of email, though. I could setup asbruckman@hotmail.com and pretend to be you.
@celesteh good point... I somehow think this is worse, but maybe I'm imagining it
@Asbruckman I think for emails we rely on either pre-existing relationships, where we actually tell someone our emails address, or the organisational credibility of the server. So, when I got a gmail address, I set up a mail forward and replied to people's messages from my new address, so they knew it was me. And when I got a new job, most people assume businesses only give employee emails to employees. However, here, most Mastodon servers are public....
@Asbruckman Mastodon instances are random collections of people. And there's no forwarding/redirect mechanism as in email, since microblogs are public. therefore our only mechanism to assert our identity is by telling people via other means. So on email, on twitter, ect. But an assertion here, on mastodon, doesn't carry any particular weight.
...Which is a long way of saying that you're right.
Sort of but not really because your actual user name is asbrukman@octodon. social
It's like email
@Asbruckman My thoughts too. I think the server is now part of the identity, and people will have to use something like their own website as the authority for pointing people to the right place.