Domain Names as Handles in Bluesky

I&#x27;ve wanted to have domains as identity for <i>years</i>, so I&#x27;m thrilled to see someone actually doing it. I want to use a domain validated identity for everything; social networks, package repositories, code signing, etc..<p>I hope this idea catches on. I think a more decentralized approach to identity combined with 3rd party attestations or filters could change the way the internet works.<p>Imagine what could be built if everyone used domains as handles &#x2F; identities. Social networks could go hands off for moderation and allow plugable moderation engines that rely on domains for identity, trust, reputation, etc..<p>I&#x27;m convinced that domain validated identities and attestation could usher in a revolution for reputation and trust. Are there any more projects doing similar things?

Domain names as handles are a cool idea, and you can already do a variant of them in the &quot;fediverse&quot; either by hosting your own instance of a service or by configuring a WebFinger alias (which is what I do).<p>I&#x27;m less convinced by DIDs[1], which is what Bluesky seems to run on: I&#x27;ve yet to see an explanation for <i>why</i> the DID standard exists, given that it effectively punts all semantics (including basic things like cryptographic verification) onto unstandardized &quot;methods&quot; in an uncontrolled global namespace.<p>[1]: <a href="https:&#x2F;&#x2F;www.w3.org&#x2F;TR&#x2F;did-core&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.w3.org&#x2F;TR&#x2F;did-core&#x2F;</a>

Why are we watching bluesky build fediverse features slowly in public? Every time they post something it&#x27;s like ok, another feature on some closed private &quot;also ran&quot; network no one will care about with any mass-adoption possibility for years.... It&#x27;s just DOA.<p>Mastodon was around for years with no attn and only got handed this miraculous situation and mass migration opportunity but it just got lucky basically. And it&#x27;s not even <i>it</i>. This isn&#x27;t happening again for Bluesky any time soon.

&quot;@potus.whitehouse.gov”<p>This assumes that<p>- people know that domains are read from right to left, so that they know that president.whitehouse.gov.usofa.com is not a domain in the whitehouse.gov range (this example is bloated, but domain.com vs. $DOMAIN.com.$DOMAIN-social.net is a common pattern for fraud attempts I get)<p>- people outside the US know it&#x27;s .gov, not .com (rarely true?)<p>But, better than nothing I guess.

&gt; The web. Email. RSS feeds. XMPP chats. What all these technologies had in common is they allowed people to freely interact and create content, without a single intermediary.<p>&gt; Sign up for the Bluesky private beta.<p>Welp this just seems counterintuitive.

By the time they release the app to the public, the hype will be dead. Same thing as Clubhouse.<p>Invite-only just backfires ime

<a href="https:&#x2F;&#x2F;indieweb.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;indieweb.org&#x2F;</a>

Why not permit more than one user for a domain? Like user@domain.extension?

Registrars and PKI CAs should be the same orgs (can&#x27;t do only one) and each domain registration should come with a certificate. How is this not a thing? Only a valid CA for a valid TLD registrar should issue certs for a domain name, not arbitrary CAs. So much could have been avoided with this.<p>If you&#x27;re gonna tie your identity to it. PKI is very important. EV pki cert gives me more confidence in the authenticity of your account.<p>How many people do you think I can fool with trump-white-house.trust (or many other cheaper&#x2F;easier TLDs)?

Similar to how the nostr protocol does it: <a href="https:&#x2F;&#x2F;github.com&#x2F;nostr-protocol&#x2F;nips&#x2F;blob&#x2F;master&#x2F;05.md">https:&#x2F;&#x2F;github.com&#x2F;nostr-protocol&#x2F;nips&#x2F;blob&#x2F;master&#x2F;05.md</a>

This totally justifies my decision to purchase a domain that’s “myna.me” so I will be able to authoritatively claim “@myna.me” without worrying about jumping in and grabbing my “handle” early.

Are people here forgetting that the fediverse exists? Im confused

Sounds similar to Keybase. A central platform which allowed the user to &quot;verify&quot; a few different platforms - Reddit, HackerNews, Twitter, etc.<p>It got acquired and promptly nosedived.... with users leaving faster than rats from a sinking ship.

Seems like a direct implementation of how Nostr handles verification. Nip-05 describes how it&#x27;s done and is successfully implemented in most Nostr clients:<p><a href="https:&#x2F;&#x2F;github.com&#x2F;nostr-protocol&#x2F;nips&#x2F;blob&#x2F;master&#x2F;05.md">https:&#x2F;&#x2F;github.com&#x2F;nostr-protocol&#x2F;nips&#x2F;blob&#x2F;master&#x2F;05.md</a>

So is this a cool feature or just gonna prevent your everyday person from signing up, “what? I have to do what to sign up?!”

Curious how it would handle domain ownership changes.<p>Obviously the account would still have standard credentials but once the new domain owner proves ownership does the old handle get reverted to something else so the handle can be used by the new owner or is that account name forever squatted?

This looks very interesting. I just had an idea for something along similar lines today when thinking about how we can be resilient against the coming wave of AI-generated spam.<p>But I definitely think that the protocol itself must be open for it to be viable.

What’s the difference between blue sky’s at protocol and the SOLID POD project? They both seem to do the same thing, but AT protocol is narrower in that its more focused on storing social media related data.

I own my first name .net… this could finally be a good use for it!

Can someone point me to good resources for blockchain DNS?

Is this a copy cat of Mastodon as a commercial service? Did i get this right?

Using domain names as handles seems like a great idea... for those whose names are easily represented by Latin-1.<p>Does this mean that either homograph attacks or punycode are going to make it into Bluesky? Or is this another protocol that&#x27;s built around English and nothing else?

Isn&#x27;t this what Z-lib has just recently implemented, for its users?

So, is this still completely closed source?

That&#x27;s a really good idea. You can&#x27;t cheat it in the same way as you can cheat twitter (get the tick as Mark Cornly and then rename yourself to Elon Musk)

Wakeup call: literally no one cares about the &quot;protocol.&quot; Zoomers will still use TikTok &amp; Instagram, millennials will still use Instagram &amp; Twitter, boomers will still use Facebook.<p>Bluesky is the classic solution looking for a problem.