• onlinepersona@programming.dev
    link
    fedilink
    English
    arrow-up
    22
    ·
    1 year ago

    This is one of the core features of Bluesky that makes it “billionaire-proof”

    is it really though? From what I understand even in the federated mode all accounts have to be verified by a central server? I dunno, maybe it’s fake news, but I don’t for second trust a social network created by a billionaire.

    • Arthur Besse@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      11
      ·
      1 year ago

      From what I understand even in the federated mode all accounts have to be verified by a central server?

      Not all, but currently most are. The long-term account identifiers are DIDs, and they currently support two DID methods: the w3c-standardized did:web method (which makes your identity reliant on your DNS name), and bluesky’s centralized did:plc method (which gives you a verifiable cryptographic identity not reliant on you keeping a domain renewed, but which they are responsible for the availability of and could censor).

      The log of all operations on the centralized did:plc server is public and auditable, though, so, if i understand correctly, if/when they do censor it that can be detected and people can/will make the various components of the system use uncensored mirrors of it to continue using censored did:plc identities. And other people will choose to use did:web for their identities and be subject to the DNS rules instead (and this choice will be invisible to other users; all implementations are expected to support both methods).

      In my opinion, the decoupling of long-term identity from everything else (including your display name, which is also DNS-based but can be changed at any time) is a pretty good idea, and I expect they’ll probably support more than these two DID methods in the future.

      • onlinepersona@programming.dev
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        Thank you for the explanation. I’m curious what this will look like in the UI and UX. did:web doesn’t seem like something that the majority can/will use. It makes on easily identifiable by DNS (probably even with whois protection).

        We shall see how it pans out.