Tim Bray on his proposal for decentralised identity management for @bluesky.

While I can't disagree with the reasons he outlines for why this is even a problem, I have a slight feeling that this is sort of dubious. For many intents, an identity can be either vouched to be unique by the Provider, or every instance could just as well consider every URL unique. I suppose this might not work on Twitter scale though.

But if we assume this is a thing that needs solving, even given that I'm not a fan of blockchain and shoehorning it as a magic cure for all problems, the solution proposed is pretty elegant, I'll admit.

And yet it's been almost exactly a year since this effort began and, if not for this popping up on my RSS reader, I don't think I would've remembered this. Progress seems to be slow and quiet, but perhaps that's for the best.

* * *

I still intend to dip my toes more into both Gemini and twtxt, both of which just tie identity to URLs and are done with it.

The way ActivityPub (or Mastodon in particular as the de facto standard implementation) deals with the "moving between providers" problem is, ahem, less than ideal. Just posting an "my account's moved" message or setting a profile flag, without forcing an automatic re-follow on everyone, seems more sane, even if it is less neat.

Perhaps an HTTP 301 redirect should suffice for pull streams, and a lightweight redirect message for push ones (though push ones shouldn't really even have a problem in general, as long as the webhook itself is moved over.)