Okay, sure, let's do this. "nomadic identity" 1. No one has ever even come close to explaining how using a did: uri is supposed to work2. Even assuming it works, no one can explain how it's different than oidc3. Even assuming it was different, what hap...
-
Mike Macgirvin π₯οΈreplied to Jenniferplusplus on last edited byAll Mastodon is going to see is a resolvable URL that returns an actor record. Just like they see today. The URL is probably going to look a bit strange -- but if you fetch it, it will behave like any fediverse actor id.
It will have some properties which might be of interest to you if you wish to support nomadic identity. If you don't, you may go about your life and have your entire online existence tied to a temporary rental name just like you do now. -
Jenniferplusplusreplied to Mike Macgirvin π₯οΈ on last edited by
@mikedev OK? Except I'm asking for someone to show me how to draw the rest of the owl. This kind of hand-wavy don't-worry-about-it response is extremely unhelpful.
-
Vasya Sovarireplied to Jenniferplusplus on last edited by
@jenniferplusplus is it bad that I have exactly zero clue what any of this means? If so, scale 1-10
-
Jenniferplusplusreplied to Vasya Sovari on last edited by
@VasyaSovari No, I think it means you've made better life choices than I did
-
@hrefna @JessTheUnstill @jenniferplusplus @ariadne i'm with hrefna here, the question "are dids dumb and why?" kinda misses the point-- DIDs are an interop layer for key management systems, and DID URLs are an immature extension of that (the WG never really shipped them). if you have good-faith questions about how DIDs work i was in that W3C WG and can explain as much or as little as is helpful, but this thread isn't really meeting my minimum threshold of good-faith as is...
-
@by_caballero
I'm not sure who this is directed at? Assuming it's me: I'm approaching the topic with the same level of bombast as I've seen from others. But sure, I'll pull it back.Cryptographic keys are not an identity. They are a credential. In context of communication systems, identity is mostly the place where messages to you will be delivered. Making credentials portable does not untether you from that delivery address.
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne that's a great argument against coupling AP actors to one permanent identifier (particularly to an identifier that maps 1:1 to a self-managed key), but it's not really a good argument against using DIDs or DID URLs? or even the use-cases that the nomadic identity people are targeting in the first place?
-
@by_caballero
In that case, the nomadic identity fans are not being clear -
Ariadne Conill π°:therian:replied to bumblefudge on last edited by
@by_caballero @hrefna @JessTheUnstill @jenniferplusplus cool story, but the people who were pushing for this crap in that WG were largely crypto bros who wanted them for Web3 bullshit, so no, i think the question is quite valid in and of itself
-
bumblefudgereplied to Ariadne Conill π°:therian: on last edited by
@ariadne @hrefna @JessTheUnstill @jenniferplusplus https://en.wikipedia.org/wiki/Good_faith
i was in that WG, even flew to the in-person meetings. i work in crypto. i am not a bro. you're failing miserably at engaging in good faith with someone who is engaging you as a peer with relevant expertise. please stop insulting me
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne well, i certainly have my differences of strategy and would not have approached the developer community in the same way, but I think they're coming from a well-intended place and trying to convince the developer community to make a MAJOR change in the identity model of the fediverse stack. i like the general direction, even if i don't like the specific proposal and I encourage people to think through the usecases they're trying to enable...
-
Ariadne Conill π°:therian:replied to bumblefudge on last edited by
@by_caballero @hrefna @JessTheUnstill @jenniferplusplus
you work in a planet incinerating industry, which attaches itself to whatever buzzword it can find in order to sell pumped assets to pensioners who donβt know any better.
i design distributed systems for a living.
we are not the same.
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne DIDs weren't actually invented to promote blockchains or impose one ring to rule them all. they were built to federate custodial, user-controlled, and user-managed key systems alike to enable portability and translation between very different identity systems. lots of projects miss the point and invent a DID method to power a closed system, which is just open-platform theatre. if step 1 is "use my did method" they've already missed the point...
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne (that's not exactly what the zot people are doing, fwiw, nor is it what the bluesky people are doing, nor the "just use keyoxide for everything" people, tbc, but i don't think we're done until we have a solution that works for at least 2 of those 3 and lets very different kinds of software migrate users between them and federate across those differences)
-
Well, you work in crypto, you are what I would consider a crypto bro...
@ariadne @hrefna @JessTheUnstill @jenniferplusplus
-
@Fripi @ariadne @hrefna @JessTheUnstill @jenniferplusplus ah yes, clearly working in fintech R&D is (checks notes) morally equivalent to conquering europe and exterminating >10% of the population. excellent example of how godwin's law is really a parable about good faith being impossible on the internet.
imagine a conversation where your hatred of blockchains didn't overpower your absolutely bare-minimum capacity to talk to humans as humans.
https://hac.bard.edu/amor-mundi/ideological-blindness-2013-07-11 -
@by_caballero @ariadne @hrefna @JessTheUnstill @jenniferplusplus
I sympathize that sometimes these things can be harsh, but I trust hrefna & ariadne.
I do want DIDs and verifiable credentials to work,
but they don't need blockchain to do that.
one well studied way of doing key management would be the keyoxide & public keyservers way of centralizing.
at this point in time, DIDs have very little of the threat model work done compared to, say, Matrix. so it's hard to compare apples to apples on various loss-of-control events.
most crypto involves either algorithmic theft (DAOs) or wallet theft/loss. hence why the idea of ultimately having to trust an admin to some degree (be they an oauth admin, fediverse admin, or matrix home server) is a better model for right now.
I'd much rather see DIDs/VCs from an angle of torrenting compared to an angle of "let's be the defacto protocol of the internet everyone has to use, break compatibility, and capture all the revenue by licensing it" (web3)
-
bumblefudgereplied to pasta la vida on last edited by [email protected]
@risottobias @ariadne @hrefna @JessTheUnstill @jenniferplusplus that's a whole lot of straw men if you're trying to find common ground. you're also assuming i think (or anyone thinks) that DIDs and VCs need blockchain for anything, when about half the serious work on DIDs and VCs has been blockchain free since inception. but you're off to the right start by saying your preferred mental model for DIDs/VCs is "torrentlike", that's worth unpacking.
why's it harsh, exactly? i'm not being harsh? -
bumblefudgereplied to Ariadne Conill π°:therian: on last edited by
@ariadne @hrefna @JessTheUnstill @jenniferplusplus serious question, do you habitually talk to strangers this way? do you block strangers who talk to you this way? you're making a lot of very insulting assumptions about my personal ethics or my relationship to various economic actors that you present as cohering into an "industry". if i'm being totally honest i think it's wishful thinking that all the evils of VC-backed software can be quarantined in "crypto" and "AI".
-
bumblefudgereplied to bumblefudge on last edited by [email protected]
@ariadne @hrefna @JessTheUnstill @jenniferplusplus if "designing distributed systems" isn't what i'm doing right now, and being paid for it, then why do you think i haven't blocked you yet? i don't let people talk to me like this unless i'm on the clock, generally speaking.