After reviewing FEP-5624: Per-object reply control policies and GoToSocial's interaction policy spec, I find myself leaning toward the latter for long-term considerations, though both have merit.

FEP-5624 is admirably focused and simpler to implement, which I appreciate. However, 's approach seems to offer some architectural advantages:

  1. The three-tier permission model (allow/require approval/deny) feels more flexible than binary allow/deny
  2. Separating approval objects from interactions appears more secure against forgery
  3. The explicit handling of edge cases (mentioned users, post authors) provides clearer semantics
  4. The extensible framework allows for handling diverse interaction types, not just replies

I wonder if creating an that extracts GoToSocial's interaction policy design into a standalone standard might be worthwhile. It could potentially serve as a more comprehensive foundation for access control in .

This is merely my initial impression though. I'd be curious to hear other developers' perspectives on these approaches.

4

If you have a fediverse account, you can reply to this note from your own instance. Search https://hackers.pub/ap/notes/0196a01a-39bc-7666-aafb-a2567319d500 on your instance and reply to it.

There would be some potential downsides to consider though:

  • Performance overhead: Each interaction requires policy verification, and approval object dereferencing adds network latency.
  • UX complexity: The three-tier permission model (allow/approve/deny) might confuse users compared to simpler binary choices.
  • State management burden: Servers need to persistently store approval objects and handle revocation edge cases gracefully.
0
0