I would like to give an update on "federation" on Bluesky.
-
@msh @ikuturso @mcc @swetland @gbargoud arguably bluesky could address those needs better because they maintain control over the full vertical and can apply advisory policies that don't have any real security backing. you can use a different appview or just browse the data directly and *not* apply blocks, gates, etc... this horrifies most people who learn about it and horrifies them further that there's nothing they can do about it. all the policies only apply if you're using the official apps.
@msh @ikuturso @mcc @swetland @gbargoud however, with that said, the vast majority of people are using the official apps. so the blocks and gates "work" in the sense that the vast majority of people are subject to them. but it remains trivially easy to just *not* respect those blocks and gates, because all the data is forever public
-
@eniko @mcc If I understand correctly (and it is possible and likely that I don't), if you host your own PDS, you can use the rest of the stack from Bluesky, get banned, and migrate to Blacksky without losing your post history. And theoretically your social graph, though in practice Bluesky will be blocking almost everyone in it.
I've no interest in it either way, given that Bluesky is the toxic liberalism site in the same way that X the Everything App is the toxic reactionary site.
-
@esoteric_programmer @alter_kaker @mcc as I understand it the cost of a relay has gone down because you can run it without keeping full account of the message history for all time and instead restrict what you have to a time-window.
Raises the question of whether that's good enough if we want real alternatives to the official company infra though.
@ikuturso @esoteric_programmer @alter_kaker @mcc that $34/month is enough for 2 hours per the article
-
@jrose @mcc Even the portability being better is somewhat theoretical right now because if your identity is using did:plc then you are unable to move away from did:plc and Bluesky PBC has custody of your keys... And also like people have noticed hosting your own data in a PDS does not really make you independent from their actions so the point of doing it is somewhat unclear.
@ikuturso @jrose @mcc yeah, unfortunately bluesky has zero interest in supporting did migrations. they only support changing your dns handle
EDIT: source https://bsky.app/profile/bnewbold.net/post/3lchpwc2hws2r
-
@ikuturso @jrose @mcc yeah, unfortunately bluesky has zero interest in supporting did migrations. they only support changing your dns handle
EDIT: source https://bsky.app/profile/bnewbold.net/post/3lchpwc2hws2r
-
-
@nullpotential @mcc people on Bluesky who have soured on fedi often complain about having been lectured about using alt text and CWs for what it's worth.
@ikuturso @nullpotential @mcc signing up for mastodon.social is not the worst thing you could do. setting up your own server and being subject to harassment by widely blocked servers you didn't know existed? the immediate response was to look for shared blocklists, but that just led to more conflict because again, how are you supposed to be aware of the years-long social dynamics of a space you literally just joined? the common refrain of "just use a different instance" was taken dismissively.
-
@erincandescent @ikuturso @trwnh @jrose I am proposing engineering a situation where did:plc:eepire and did:kad:eepire point to the same resource.
-
@erincandescent @ikuturso @mcc @jrose yep, did:plc is equivalent to did:web:plc.directory (which is equivalent to https://plc.directory)
it's basically dns all over again, but in a different format (did documents instead of resource records). plc.directory is basically the authoritative nameserver.
-
@erincandescent @ikuturso @trwnh @jrose I am proposing engineering a situation where did:plc:eepire and did:kad:eepire point to the same resource.
@mcc @erincandescent @ikuturso @jrose this would depend entirely on how did:plc and did:kad are defined as did methods. the "eepire" part of plc is cryptographically generated from the did creation request: https://web.plc.directory/spec/v0.1/did-plc
you sign the operation then hash it then truncate to first 24 characters
thus any did method that generates the same 24 character id is just an exact clone of plc
-
@mcc @erincandescent @ikuturso @jrose this would depend entirely on how did:plc and did:kad are defined as did methods. the "eepire" part of plc is cryptographically generated from the did creation request: https://web.plc.directory/spec/v0.1/did-plc
you sign the operation then hash it then truncate to first 24 characters
thus any did method that generates the same 24 character id is just an exact clone of plc
@trwnh @erincandescent @ikuturso @jrose I am proposing inventing a did:kad, or a did:kad2 if did:kad is already being used, and giving it whatever properties would be needed to make it work the way I said.
And yes, I'm proposing creating an exact clone of plc that doesn't depend on plc.directory.
-
@mcc @erincandescent @ikuturso @jrose this would depend entirely on how did:plc and did:kad are defined as did methods. the "eepire" part of plc is cryptographically generated from the did creation request: https://web.plc.directory/spec/v0.1/did-plc
you sign the operation then hash it then truncate to first 24 characters
thus any did method that generates the same 24 character id is just an exact clone of plc
@mcc @erincandescent @ikuturso @jrose right now the practical consideration for migration is one of the following:
- you have a did:plc and want to migrate to did:web
- you have a did:web and want to migrate to another did:web
- you have a did:web and want to migrate to did:plcnone of the three are currently possible, you will lose all your follow relations etc even if you replicate the exact same content or serve the exact same data repo
-
@trwnh @erincandescent @ikuturso @jrose I am proposing inventing a did:kad, or a did:kad2 if did:kad is already being used, and giving it whatever properties would be needed to make it work the way I said.
And yes, I'm proposing creating an exact clone of plc that doesn't depend on plc.directory.
@mcc @erincandescent @ikuturso @jrose i think this effectively amounts to "just use a dht that everyone agrees on"
-
@mcc @erincandescent @ikuturso @jrose i think this effectively amounts to "just use a dht that everyone agrees on"
@trwnh yes, that's why in my example I picked the first three letters of "kademlia"
-
@trwnh yes, that's why in my example I picked the first three letters of "kademlia"
@mcc ah, i missed that part ^^;
-
@mcc @erincandescent @ikuturso @jrose i think this effectively amounts to "just use a dht that everyone agrees on"
@trwnh @mcc @ikuturso @jrose In
did:plc:foo, foo is abase32(sha256(creation_request))[0:20]so its a 120-bit hash. I’m not confident of that’s long term securityAlso the
did:plcupdate metadata protocol is fundamentally dependent upon the existence of a central trusted system so you can’t just easily replicate it as a DHT system -
@trwnh @mcc @ikuturso @jrose In
did:plc:foo, foo is abase32(sha256(creation_request))[0:20]so its a 120-bit hash. I’m not confident of that’s long term securityAlso the
did:plcupdate metadata protocol is fundamentally dependent upon the existence of a central trusted system so you can’t just easily replicate it as a DHT system@erincandescent @ikuturso @mcc @jrose i think you could replace it with signed updates but in doing so, you've basically just wrapped around to needing a pki
-
@erincandescent @ikuturso @mcc @jrose i think you could replace it with signed updates but in doing so, you've basically just wrapped around to needing a pki
@trwnh @erincandescent @ikuturso @jrose this raises an important question. Why the fuck are we not just using a pki to start with
-
@trwnh @erincandescent @ikuturso @jrose this raises an important question. Why the fuck are we not just using a pki to start with
-
@trwnh @erincandescent @ikuturso @jrose this raises an important question. Why the fuck are we not just using a pki to start with
@mcc @erincandescent @ikuturso @jrose uhhhh
"key management hard", basically
