Okay, sure, let's do this. "nomadic identity" 1. No one has ever even come close to explaining how using a did: uri is supposed to work2. Even assuming it works, no one can explain how it's different than oidc3. Even assuming it was different, what hap...
-
Jenniferplusplusreplied to Mike Macgirvin 🖥️ on last edited by
@mikedev A very quick scan of the dashboard says that Fedidb is aware of at least 23,000 fediverse servers. The current location for a DID could be any of those. You're going to poll the entire fediverse to find where to send messages?
-
Jess👾replied to Ariadne Conill 🐰:therian: on last edited by
For a lot of admins/mods, the sense of power and control over others is the currency they require to do the work of maintaining their instances. A whole part of the draw for building and maintaining a community is to have the power over your little fiefdom.
-
@JessTheUnstill
I try to extend a little more grace than that. I'm sure there's a contingent of admins who just wanted to provide a service for people, and they get pushed into this defensive and controlling stance by the lack of tools and support. -
Mike Macgirvin 🖥️replied to Jenniferplusplus on last edited byAll Mastodon is going to see is a resolvable URL that returns an actor record. Just like they see today. The URL is probably going to look a bit strange -- but if you fetch it, it will behave like any fediverse actor id.
It will have some properties which might be of interest to you if you wish to support nomadic identity. If you don't, you may go about your life and have your entire online existence tied to a temporary rental name just like you do now. -
Jenniferplusplusreplied to Mike Macgirvin 🖥️ on last edited by
@mikedev OK? Except I'm asking for someone to show me how to draw the rest of the owl. This kind of hand-wavy don't-worry-about-it response is extremely unhelpful.
-
Vasya Sovarireplied to Jenniferplusplus on last edited by
@jenniferplusplus is it bad that I have exactly zero clue what any of this means? If so, scale 1-10
-
Jenniferplusplusreplied to Vasya Sovari on last edited by
@VasyaSovari No, I think it means you've made better life choices than I did
-
@hrefna @JessTheUnstill @jenniferplusplus @ariadne i'm with hrefna here, the question "are dids dumb and why?" kinda misses the point-- DIDs are an interop layer for key management systems, and DID URLs are an immature extension of that (the WG never really shipped them). if you have good-faith questions about how DIDs work i was in that W3C WG and can explain as much or as little as is helpful, but this thread isn't really meeting my minimum threshold of good-faith as is...
-
@by_caballero
I'm not sure who this is directed at? Assuming it's me: I'm approaching the topic with the same level of bombast as I've seen from others. But sure, I'll pull it back.Cryptographic keys are not an identity. They are a credential. In context of communication systems, identity is mostly the place where messages to you will be delivered. Making credentials portable does not untether you from that delivery address.
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne that's a great argument against coupling AP actors to one permanent identifier (particularly to an identifier that maps 1:1 to a self-managed key), but it's not really a good argument against using DIDs or DID URLs? or even the use-cases that the nomadic identity people are targeting in the first place?
-
@by_caballero
In that case, the nomadic identity fans are not being clear -
Ariadne Conill 🐰:therian:replied to bumblefudge on last edited by
@by_caballero @hrefna @JessTheUnstill @jenniferplusplus cool story, but the people who were pushing for this crap in that WG were largely crypto bros who wanted them for Web3 bullshit, so no, i think the question is quite valid in and of itself
-
bumblefudgereplied to Ariadne Conill 🐰:therian: on last edited by
@ariadne @hrefna @JessTheUnstill @jenniferplusplus https://en.wikipedia.org/wiki/Good_faith
i was in that WG, even flew to the in-person meetings. i work in crypto. i am not a bro. you're failing miserably at engaging in good faith with someone who is engaging you as a peer with relevant expertise. please stop insulting me
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne well, i certainly have my differences of strategy and would not have approached the developer community in the same way, but I think they're coming from a well-intended place and trying to convince the developer community to make a MAJOR change in the identity model of the fediverse stack. i like the general direction, even if i don't like the specific proposal and I encourage people to think through the usecases they're trying to enable...
-
Ariadne Conill 🐰:therian:replied to bumblefudge on last edited by
@by_caballero @hrefna @JessTheUnstill @jenniferplusplus
you work in a planet incinerating industry, which attaches itself to whatever buzzword it can find in order to sell pumped assets to pensioners who don’t know any better.
i design distributed systems for a living.
we are not the same.
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne DIDs weren't actually invented to promote blockchains or impose one ring to rule them all. they were built to federate custodial, user-controlled, and user-managed key systems alike to enable portability and translation between very different identity systems. lots of projects miss the point and invent a DID method to power a closed system, which is just open-platform theatre. if step 1 is "use my did method" they've already missed the point...
-
@jenniferplusplus @hrefna @JessTheUnstill @ariadne (that's not exactly what the zot people are doing, fwiw, nor is it what the bluesky people are doing, nor the "just use keyoxide for everything" people, tbc, but i don't think we're done until we have a solution that works for at least 2 of those 3 and lets very different kinds of software migrate users between them and federate across those differences)
-
Well, you work in crypto, you are what I would consider a crypto bro...
-
@Fripi @ariadne @hrefna @JessTheUnstill @jenniferplusplus ah yes, clearly working in fintech R&D is (checks notes) morally equivalent to conquering europe and exterminating >10% of the population. excellent example of how godwin's law is really a parable about good faith being impossible on the internet.
imagine a conversation where your hatred of blockchains didn't overpower your absolutely bare-minimum capacity to talk to humans as humans.
https://hac.bard.edu/amor-mundi/ideological-blindness-2013-07-11 -
@by_caballero @ariadne @hrefna @JessTheUnstill @jenniferplusplus
I sympathize that sometimes these things can be harsh, but I trust hrefna & ariadne.
I do want DIDs and verifiable credentials to work,
but they don't need blockchain to do that.
one well studied way of doing key management would be the keyoxide & public keyservers way of centralizing.
at this point in time, DIDs have very little of the threat model work done compared to, say, Matrix. so it's hard to compare apples to apples on various loss-of-control events.
most crypto involves either algorithmic theft (DAOs) or wallet theft/loss. hence why the idea of ultimately having to trust an admin to some degree (be they an oauth admin, fediverse admin, or matrix home server) is a better model for right now.
I'd much rather see DIDs/VCs from an angle of torrenting compared to an angle of "let's be the defacto protocol of the internet everyone has to use, break compatibility, and capture all the revenue by licensing it" (web3)