Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The problem isn't having comments on your blog, it's having locally scoped identities to comment on your blog. It essentially removes all cost for "destructive" participation, whether it be spam, harassment or other trolling.

This is solved either by moving commenting entirely off-site to a larger network, or by using identities from a larger scope.



Shameless plug: I built Cactus Comments (https://cactus.chat/).

It's an open-source comment system federated on the Matrix (https://matrix.org/) network. This means you can use your Matrix identity to comment on any site that uses Cactus, without the tracking of something like disqus. Works well with static site generators too.


That's not particularly useful without a reputation system.

In particular, any federated identity provider has a problem for this use case in that malicious actors can simply create their own domain - or multiple - and spam/troll from those. Blacklists essentially don't work as long as new domains can be created, so you end up with a whitelist, which kinda counteracts the federation concept.

It needs something where getting blemishes on your ID is actually something you want to avoid. And where fresh IDs is not effective to bypass this.


My blog using Cactus Comments for reference: https://karmanyaah.malhotra.cc/

There aren't too many useful or any toxic comments, but I attribute that more to the lack of readership and interest than anything else.


How about an OAuth system where you can add conditions like, the user has validated an address in a certain town, or worked for a certain company? What part of the identity would you scope by?


OpenID, the original OpenID was built for bloggers: your blog address was your login. It mostly only ever verified that you were also (likely) a blogger and what that address was. It built a unique web of commenters who were also bloggers. It was something of a shining golden age of blog commenting when OpenID was just about everywhere.

OAuth and (shudder) "OpenID Connect" moved on to be nothing like that original OpenID and its vision. I think the death of the original OpenID is tied in part to the death of comment areas on blogs. It wasn't the only reason, but it was a factor in tide of them.


That's really interesting. Finding the details of this was a bit hard, but I found this article (2007): https://blogger.googleblog.com/2007/12/openid-commenting.htm... Thanks for the bit of history




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: