I've been intentionally vague about the 2024 roadmap for the streams repository until I had a clearer picture myself of what needs to happen. Here's the high-level summary...
In 2024 you're going to see the conversation take centre stage.
We're moving to a container model. Or more precisely we've always had a container model, we're just re-architecting it to fit better into the ActivityStreams framework.
We're keeping Nomad. For now. Because nomadic identity. We're keeping OpenWebAuth. Because single sign-on. OpendIDConnect? OAuth? Do you really want to click through a bunch of permission dialogues every time you get a protected photo/video in your stream? I certainly don't. Just show me the bloody media.
LD-signatures will be going away. Replaced with signed objects (FEP-8b32). Yay.
"Require Authenticated Fetch" will be turned on by default for all new sites. This is necessary to deal with all the new threat vectors that are emerging in the fediverse with the entrance of Meta and presumably other corporate players. You are free to turn it off.
The next one is a biggy. The default permissions/privacy role new channels for our network will not be "social-anybody-can-comment" OR "social-all-my-posts-are-public". It will be "social-restricted". All of your posts and files and media and events and everything you do are going to be visible to connections only by default and disallow public comments -- and posting publicly will require you to change this setting. Which of course you can easily do.
This is the sane default for our corner of the fediverse because we can offer this setting. Nobody else can. And also because providing a relatively safe and personal and private online space by default is the right thing to do.
