Oddbean new post about login | logout my only complaint about that essay is it says did:web isn't decentralized because it relies on DNS and TLS cert issuance which is centralied. But later says that the Fediverse IS decentralized, but every single server currently requires DNS and TLS to operate.
Correct to both. did is fundamentally broken, and did:web should never have been. The root problem is the "either/or" fallacy and applying binary thinking to decentralization. When I started the work on DID it was to create content-addressable identifiers using web standards. But it got co-opted by lots of folks that wanted to use the term "decentralized" in their marketing (normally to sell centralized tokens). Fediverse was created as step one of a system that would offer competition to sites like facebook (though it lurched in the direction of open microblogging and then activities). It's better than the status quo and allows open source competition to giants. It was only supposed to be the first layer, and that content addressable PKI would come after. But things have become more political and folks talk about "The Social Web" (caps) as a brand. And that gets in the way. Still innovation continues. I send this message from nostr which is (decentralized) content addressable pubkeys to fediverse, via a bridge. The grass roots finds ways to route round centralized structures, eventually.
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqqh097tfm3kv0nwffd9ggptn255d3fuqdcy3wauw5p4gz5z45s92qysh6f2 Yeah, article does mention it though and it would be interesting to explore ways to get out of that, specially given how bad some registries are. Petnames… maybe but they're just frontend stuff like address books, cryptographic-baked identifiers could work (with migrations still in place for key rotation) except that if you loose the private key, you loose your account, and I don't think people can hold on those securely (like no usage of dropbox) long-term.