-
blog!
blog!
-
blog! βA few thoughts on domain verification for social mediaβ
Both Mastodon and BlueSky have the concept of "self-verification". Rather than trust a central authority to assess your notability and then bless your account (as Twitter used to do), they let anyone self-attest using Domain Verification0. What does that mean? You tell the seβ¦
Read more: https://shkspr.mobi/blog/2024/12/a-few-thoughts-on-domain-verification-for-social-media/
βΈ»
#BlueSky #domains #mastodon #SocialMedia -
-
@knowprose you have fundamentally misunderstood the post, sorry.
-
@Edent No, I haven't.
You're making the case as to why it should be fixed, which I agree with.
But the problem really resides with the companies and their brands being mistrusted because of the gap.
So in my mind, it's up to them to fix it. It's not my brand.
That's not fundamentally misundertanding.
-
@knowprose verification isn't just about brands and companies though. It is for all of us.
-
@Edent But if it's my own websites, which I have verified, it's not a problem for me.
It's a problem in the case where an employee leaves a company that they had set it up for, which means that it's also a company problem in controlling their presence. That's also a human problem that already exists with passwords, etc.
-
@Edent your Fediverse post/preview here says
> [..] self-attest using Domain Verification0.Curious if that was something specific like ACME's DNS-01 challenge I've clicked and read your blog, but the "0" is just a numbered footnote
Another non-technical issue with domain validation is that it's easy to get wrong as a human, as you've said, and that e.g. Google is trying to remove URLs from their browser UI, so it is even less accessible to laymen for manual inspection. Search engine as DNS.
-
@robo9k thanks. I'll see of I can fix the excerpt stuff.
-
@knowprose that's a fascinating perspective. Can you tell me more?
-
@Edent People leaving companies with passwords to all sorts of things is one of the biggest secrets in the tech industry.
If they're malicious, they even plan it. I've seen it happen. It's a nightmare.
That's why things should be in place such that it cannot happen. How many companies have lost control of their websites or worse that way? Countless.
We do not speak of such things.
