Should renaming FAS accounts block the Matrix homeserver with SSO login?

Continuing the discussion from So… what domains should we use for our matrix server?:

Hi all, there was discussion in #fedora-diversity about the open request to rename accounts in the new Fedora Accounts system that is not yet addressed. I am forking @mkaysi’s comment in the Matrix thread to a new discussion post here.

I thought it was worth flagging as a Council discussion for wider input and visibility on this issue. Some community members, myself included, will not want to create a permanent Matrix ID if we have the option to rename our accounts in the future.

Is this a feature from Fedora Accounts that would block or prohibit a new Fedora Project homeserver? How hard is it to change a Matrix ID after it is created? (I have found this to be next to impossible using other homeservers.) Maybe @misc has some experience working with Matrix to comment here.

3 Likes

There were actually some comments from the Element folks about this recently. It’s be nice if it could do what Discourse does — you can opt to have whatever the SSO returns override (and replace) the local username.

I don’t want people to set their Matrix names to be different from the Fedora Account one, so if there is no similar feature, maybe it could just create a new account on name change?

Wouldn’t creating a new account mean that people lose 1) their log 2) their access ?

1 Like

Also, checking the schema of Synapse on Postgresql, username/mxid is leaking all over the place. For example, in the table “rooms”, in “events”. I suspect the specification is the same, and so the whole system assume the name is immutable.

That’s interesting, because the rooms do not suffer from this so people avoided the issue there, but I guess that just reflect the experience of people who wrote the software, as usual in our industry. People are more focused on avoiding NSA spying on them than changing name.

In theory, reusing the same system (eg, having a opaque identifier and a alias) would have worked as well so someone could ask for a MSC on that. There is already a few interesting ones around migration between services, and/or using the whole 3PID system:

But some are 2 years old and the bug on changing name have been closed:

Since that’s a distributed system, the longer it take to evolve the spec, the longer it will be a problem since this wasn’t integrated from the start. For now, synapse is the only usable server implementation, so if the MSC is done fast enough, this might not haunt us forever.

In the future, I think it would be really good if future software decision could start to keep account renaming in mind, as it would otherwise strongly undermine Fedora D&I stance.

3 Likes

Yeah; it’s not ideal.