>This part is the most egregious, because their "decentralized interoperable identity" is just one server that the Bluesky company hosts. How can that be defended?
Where is that coming from?
Yeah if you sign up on BlueSky's host and never claim your identity then sure, it's on their server. But you can claim it anytime. Their whole philosophy is let the user claim control when they're ready, and in steps. A user can rely on did:web alone for their ATProtocol identity and not use did:plc at all. You end up with a did.json file that conforms to the DID spec w your public keys, your handle (e.g. fiatjaf.com), and service endpoints like your PDS URL, and that did.json file lives NIP-05 style in location on https://yourdomain.com/.well-known/did.json. I get that many people won't claim their identity, but you can claim it anytime. Even if you set up just your web handle (as many users there have done), that's enough to be able to take did:web adversarially later. Once you claim did:web you are fully in control of your identity on the protocol.
If you're talking about did:plc then yes directory operated by BlueSky, though they've announced that's moving out, and my point is that (a) let's wait and see if does move out and where it goes and (b) you don't even need did:plc if you've set up did:web.
JoeRuelle / Joe Ruelle
npub1hy…wtqnx
2025-03-31 13:45:11
in reply to nevent1q…57cf
Author Public Key
npub1hyxredcavc6ruqgsf4wf4hmakpwnvefmzaspl7dja6a2sxlx0q3sxwtqnxPublished at
2025-03-31 13:45:11Event JSON
{
"id": "0d25a4ba0e1a9efdadd423ad58d77b72732a72df990316e1931673a2cdf7d22a",
"pubkey": "b90c3cb71d66343e01104d5c9adf7db05d36653b17601ff9b2eebaa81be67823",
"created_at": 1743428711,
"kind": 1,
"tags": [
[
"e",
"0f22f3073895b798529a0677492b630e9be884ffd99d846149a729bc89f5cfd2",
"wss://relay.primal.net/",
"root",
"d5415a313d38461ff93a8c170f941b2cd4a66a5cfdbb093406960f6cb317849f"
],
[
"e",
"0000be3c1a6c4c351c4d0d6dac8f3c1a36d7f35c79195f7424cf9682d3a5b150",
"wss://nos.lol/",
"reply",
"3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d"
],
[
"p",
"d5415a313d38461ff93a8c170f941b2cd4a66a5cfdbb093406960f6cb317849f"
],
[
"p",
"3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d"
]
],
"content": "\u003eThis part is the most egregious, because their \"decentralized interoperable identity\" is just one server that the Bluesky company hosts. How can that be defended?\n\nWhere is that coming from? \n\nYeah if you sign up on BlueSky's host and never claim your identity then sure, it's on their server. But you can claim it anytime. Their whole philosophy is let the user claim control when they're ready, and in steps. A user can rely on did:web alone for their ATProtocol identity and not use did:plc at all. You end up with a did.json file that conforms to the DID spec w your public keys, your handle (e.g. fiatjaf.com), and service endpoints like your PDS URL, and that did.json file lives NIP-05 style in location on https://yourdomain.com/.well-known/did.json. I get that many people won't claim their identity, but you can claim it anytime. Even if you set up just your web handle (as many users there have done), that's enough to be able to take did:web adversarially later. Once you claim did:web you are fully in control of your identity on the protocol. \n\nIf you're talking about did:plc then yes directory operated by BlueSky, though they've announced that's moving out, and my point is that (a) let's wait and see if does move out and where it goes and (b) you don't even need did:plc if you've set up did:web.\n",
"sig": "ebf7e448abd5dc9e79036eb93f1b0347875e304f714e992abeacaa2510d7dc5deec566d1f5eb682b247e5dc72adcd47484b4b4ec73ed7b342f93cfbbf3050c8b"
}