Today we're sharing the first in a series of three posts from our leadership team, starting with @mellifluousbox discussing our mission, and priorities for 2026.
-
@iju @ariarhythmic @mellifluousbox
i have a better idea:
do what valve does
you need a credit card
they run a $0 authorization
*no id docs needed*
the server doesn't deal with sensitive data
even better:
now your cc is attached to your mastodon profile
your cc is right there for donating to the server later
as more people should be doing
snag:
germany doesn't consider a cc legally acceptable
but other jurisdictions do
@benroyce @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron i think they are discussing that they may have to perform verification on their own servers: mastodon.social. I don’t think they can enforce verification on other servers.
-
Today we're sharing the first in a series of three posts from our leadership team, starting with @mellifluousbox discussing our mission, and priorities for 2026. Stay tuned this week for more.
https://blog.joinmastodon.org/2026/02/connecting-the-world-through-thriving-online-communities/
@Mastodon @mellifluousbox Mastodon could aspire to replace X in Europe (given the current situation in the U.S. and the state of X). It is urgent that it include translation capabilities for this multilingual region
-
@benroyce @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron i think they are discussing that they may have to perform verification on their own servers: mastodon.social. I don’t think they can enforce verification on other servers.
@meowki @benroyce @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
Just so.
Also worth noting that some countries (at least my own) are enabling age-verification because you can't trust algorithms to show stuff people want/should see. If this is taken into account in the legistlation (which is still being written), then it wouldn't even apply to Mastodon.
Similar use-cases are probably found in other EU-countries, if not in Germany?
-
@benroyce @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron i think they are discussing that they may have to perform verification on their own servers: mastodon.social. I don’t think they can enforce verification on other servers.
@meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
My understanding is that they will be making the software updates available to other servers that are also forced to comply or get shut down. Is my understanding wrong? It could be
-
@meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
My understanding is that they will be making the software updates available to other servers that are also forced to comply or get shut down. Is my understanding wrong? It could be
@benroyce @meowki @iju @ariarhythmic
1. Mastodon's code already includes a setting which server admins can enable to set a minimum age for their server, which will ask for a date of birth to be entered during sign-up. The date of birth is not stored, only checked once. This has been part of Mastodon's code since multiple months now: https://github.com/mastodon/mastodon/pull/34150
2. What they say in the blog is that they will audit the GmbH's own servers, which probably includes an audit of this feature.
3. The interesting stuff is what that "working group" will come up with.
-
@benroyce @meowki @iju @ariarhythmic
1. Mastodon's code already includes a setting which server admins can enable to set a minimum age for their server, which will ask for a date of birth to be entered during sign-up. The date of birth is not stored, only checked once. This has been part of Mastodon's code since multiple months now: https://github.com/mastodon/mastodon/pull/34150
2. What they say in the blog is that they will audit the GmbH's own servers, which probably includes an audit of this feature.
3. The interesting stuff is what that "working group" will come up with.
-
@benroyce @meowki @iju @ariarhythmic
1. Mastodon's code already includes a setting which server admins can enable to set a minimum age for their server, which will ask for a date of birth to be entered during sign-up. The date of birth is not stored, only checked once. This has been part of Mastodon's code since multiple months now: https://github.com/mastodon/mastodon/pull/34150
2. What they say in the blog is that they will audit the GmbH's own servers, which probably includes an audit of this feature.
3. The interesting stuff is what that "working group" will come up with.
@nitrml @benroyce @meowki @iju @ariarhythmic Age verification won't, of course, stop someone from setting up their own server.
... which, at least regarding the federation choices this little node will be making... Is enough of its own age-gating process that we will welcome all nodes regardless of age of their admins.
-
@nitrml @benroyce @meowki @iju @ariarhythmic Age verification won't, of course, stop someone from setting up their own server.
... which, at least regarding the federation choices this little node will be making... Is enough of its own age-gating process that we will welcome all nodes regardless of age of their admins.
@mark @nitrml @meowki @iju @ariarhythmic
which is great of you, thank you
...and your stance is dependent upon the legalities of your jurisdiction
so people who do enable the age verification are not assholes, they just don't want their govt coming after them
and your own govt may change its mind, then you have to think about it
the problem is govt
not mastodon admins
-
@mark @nitrml @meowki @iju @ariarhythmic
which is great of you, thank you
...and your stance is dependent upon the legalities of your jurisdiction
so people who do enable the age verification are not assholes, they just don't want their govt coming after them
and your own govt may change its mind, then you have to think about it
the problem is govt
not mastodon admins
@benroyce @nitrml @meowki @iju @ariarhythmic All of this is very good insight.
-
@meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
My understanding is that they will be making the software updates available to other servers that are also forced to comply or get shut down. Is my understanding wrong? It could be
@benroyce @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
I for one will not remain on any server that asks for ID, treating such a thing as being a shutdown.If I have to move everything to the darknet I can and I will.
Single-user Mastodon servers hosted at home could make age verification useless.Torified federation if supoortes could prevent ISP blocking, as can mesh networking in built-up areas.
Even if this goes all the way to shuting down things like Signal, Matrix and other decentralozed altetnatives will be very hard to shut down.
Then there is Diaspora: I don't know a whole lot about it but it's supposed to work like Facebook UI wise but with distributee hosting on the backend
-
@mark @nitrml @meowki @iju @ariarhythmic
which is great of you, thank you
...and your stance is dependent upon the legalities of your jurisdiction
so people who do enable the age verification are not assholes, they just don't want their govt coming after them
and your own govt may change its mind, then you have to think about it
the problem is govt
not mastodon admins
-
@benroyce @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
I for one will not remain on any server that asks for ID, treating such a thing as being a shutdown.If I have to move everything to the darknet I can and I will.
Single-user Mastodon servers hosted at home could make age verification useless.Torified federation if supoortes could prevent ISP blocking, as can mesh networking in built-up areas.
Even if this goes all the way to shuting down things like Signal, Matrix and other decentralozed altetnatives will be very hard to shut down.
Then there is Diaspora: I don't know a whole lot about it but it's supposed to work like Facebook UI wise but with distributee hosting on the backend
@LukefromDC @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
which is all fine and good, because you're talking tactics not emotional grand standing
what you won't do therefore is attack some admin of a server of thousands or more for doing what they *have* to do so the govt doesn't knock on their door
-
@mark @nitrml @meowki @iju @ariarhythmic
which is great of you, thank you
...and your stance is dependent upon the legalities of your jurisdiction
so people who do enable the age verification are not assholes, they just don't want their govt coming after them
and your own govt may change its mind, then you have to think about it
the problem is govt
not mastodon admins
@benroyce @mark @nitrml @meowki @iju @ariarhythmic The PR only adds an option to ask age, not to use a 3ed party AI verificstion "service" or read an ID. By itsrlf that's a nothingburger but I would still turn it off legal or otherwise on any server I ran.
Note that birthdays are dangerous in the hands of an atacker, so never enter your real one for any account anywhere. Let the account go if challenged
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
what do you think about my post above asking for a credit card?
it achieves the same effect, and no one is getting a credit card without id. no server is getting your id and the security hassle with that, and you're not revealing your id anymore than it already has been
the big benefit: with your cc already attached to your profile, donating to your server becomes a breeze. and more people should be doing that
-
@LukefromDC @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
which is all fine and good, because you're talking tactics not emotional grand standing
what you won't do therefore is attack some admin of a server of thousands or more for doing what they *have* to do so the govt doesn't knock on their door
@benroyce @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
No, I would attack the government and steer people to servers out of their reach. An admin hassled one too many times by cops might even need to move their own account to one if the cops go after their hosting
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
what do you think about my post above asking for a credit card?
it achieves the same effect, and no one is getting a credit card without id. no server is getting your id and the security hassle with that, and you're not revealing your id anymore than it already has been
the big benefit: with your cc already attached to your profile, donating to your server becomes a breeze. and more people should be doing that
@benroyce @mark @nitrml @meowki @iju @ariarhythmic Some do not have or want credit cards and will simply use other servers.
There is no way any regime can shut down access to every non-agr verification compliant server. Limits on federation woulf just split the fediverse into two networks which would inevitanly be bridged back together.
FL cannot even stop Pornhub: they just block conmections from FL IP addresses and gladly take Tor and VPN traffic
-
@benroyce @mark @nitrml @meowki @iju @ariarhythmic The PR only adds an option to ask age, not to use a 3ed party AI verificstion "service" or read an ID. By itsrlf that's a nothingburger but I would still turn it off legal or otherwise on any server I ran.
Note that birthdays are dangerous in the hands of an atacker, so never enter your real one for any account anywhere. Let the account go if challenged
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
i yearly enjoy the services that sometimes say happy birthday to me...
on the fake birthday i've been entering since forever
🤭
-
@benroyce @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
No, I would attack the government and steer people to servers out of their reach. An admin hassled one too many times by cops might even need to move their own account to one if the cops go after their hosting
@LukefromDC @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
again that's all fine and good
but if you're asking a server to shut down with thousands of accounts when people can just enter a fake birthday it's far too dramatic
effective resistance is not about purity
-
@Mastodon @mellifluousbox If Mastodon implements age verification, we leave.
@ariarhythmic @Mastodon @mellifluousbox There will ALWAYS be noncompliant servers run by people who never travel to the US , the EU, the UK, or Austrailai. Also ones run by crews who know how to obfuscate ownerahip and get offshore hosting.
That's where you will also find me-on noncompliant servers
-
@benroyce @mark @nitrml @meowki @iju @ariarhythmic Some do not have or want credit cards and will simply use other servers.
There is no way any regime can shut down access to every non-agr verification compliant server. Limits on federation woulf just split the fediverse into two networks which would inevitanly be bridged back together.
FL cannot even stop Pornhub: they just block conmections from FL IP addresses and gladly take Tor and VPN traffic
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
you mean tor and VPN providers that spy on the people who use it because anyone using that it is flagging their activity as sensitive?
tor was started at the us naval research laboratory for dissidents in countries unfriendly to the usa
you think they don't have enough exit nodes to see what is going on?
and mastodon needs support
i'd almost (i said almost) support the idea of mandatory ccs on sign up with or without id laws
