@ikuturso @nullpotential @mcc signing up for mastodon.social is not the worst thing you could do. setting up your own server and being subject to harassment by widely blocked servers you didn't know existed? the immediate response was to look for shared blocklists, but that just led to more conflict because again, how are you supposed to be aware of the years-long social dynamics of a space you literally just joined? the common refrain of "just use a different instance" was taken dismissively.

@erincandescent @ikuturso @trwnh @jrose I am proposing engineering a situation where did:plc:eepire and did:kad:eepire point to the same resource.

@erincandescent @ikuturso @mcc @jrose yep, did:plc is equivalent to did:web:plc.directory (which is equivalent to https://plc.directory)

it's basically dns all over again, but in a different format (did documents instead of resource records). plc.directory is basically the authoritative nameserver.

@mcc @erincandescent @ikuturso @jrose this would depend entirely on how did:plc and did:kad are defined as did methods. the "eepire" part of plc is cryptographically generated from the did creation request: https://web.plc.directory/spec/v0.1/did-plc

you sign the operation then hash it then truncate to first 24 characters

thus any did method that generates the same 24 character id is just an exact clone of plc

@trwnh @erincandescent @ikuturso @jrose I am proposing inventing a did:kad, or a did:kad2 if did:kad is already being used, and giving it whatever properties would be needed to make it work the way I said.

And yes, I'm proposing creating an exact clone of plc that doesn't depend on plc.directory.

@mcc @erincandescent @ikuturso @jrose right now the practical consideration for migration is one of the following:

- you have a did:plc and want to migrate to did:web
- you have a did:web and want to migrate to another did:web
- you have a did:web and want to migrate to did:plc

none of the three are currently possible, you will lose all your follow relations etc even if you replicate the exact same content or serve the exact same data repo

@mcc @erincandescent @ikuturso @jrose i think this effectively amounts to "just use a dht that everyone agrees on"

@trwnh yes, that's why in my example I picked the first three letters of "kademlia"

@mcc ah, i missed that part ^^;

@trwnh @mcc @ikuturso @jrose In did:plc:foo, foo is a base32(sha256(creation_request))[0:20] so its a 120-bit hash. I’m not confident of that’s long term security

Also the did:plc update metadata protocol is fundamentally dependent upon the existence of a central trusted system so you can’t just easily replicate it as a DHT system

@erincandescent @ikuturso @mcc @jrose i think you could replace it with signed updates but in doing so, you've basically just wrapped around to needing a pki

@trwnh @erincandescent @ikuturso @jrose this raises an important question. Why the fuck are we not just using a pki to start with

@mcc @trwnh @ikuturso @jrose did:plc is using a PKI but it also provides ways of doing account recovery that pure-PKI systems fail to acheive

@mcc @erincandescent @ikuturso @jrose uhhhh

"key management hard", basically

@erincandescent @ikuturso @mcc @jrose isn't plc basically custodial keys?