I’ve seen nothing in the requirements that say that the designated person has to be reachable. If I had to set a fediverse instance of something, I’d just set the mailer inbox to /dev/null or smth to save storage. Or just subject the corpos to the same treatment they subject normal citizens,

Dear sender. Your request has been added to our queue for review - might not want a malintentioned party get through safety procedures, wouldn’t we? We know you understand us better than anyone. You may get a reply in a period from 48 to 72 days, our staff is very busy but we certainly have you in our hearts. God bless America, Heil Trump, and we’ll make the free software communists build the wall and pay for it! Cheers.

Thats IMO one of the worst engineering decisions in the protocol, besides all the others, but this one (making identity depend on domains, meaning on third parties antithetical to decentralization) is… laughable. Who was responsible for it?

Better to just setup your own ccTLD, for maximum trust.

(honestly only half joking)

Wow, they fixed 1 out of 1234567 possible issues, and is none of the actual web standards!

Little instance-birds dying and exploding in spectacular fashion, all to a comfy jingle and a soothing narration of how the Internet is Doomed Regardless.

Kurzgesagt — in a Nutshell.

Dunno the exacts, but why not the good ol’ GPG? You only need to be able to exchange keys out-of-band once, and it saves you from lots of other issues. Trust between Alice and Brian is a between-them thing, and should not depend on a thrid party like Caroline arbitrarily deciding to change Brian’s legal name to Brandon.

They seem to suggest doing it that way because the URL of a user profile is going to be guaranteed to be unique, and can only be owned by the owner of the domain.

Immediate design issue right there: the URL of a user profile is not guaranteed to be unique, and while it can “”“only”“” be owned by the owner of the domain, 1.- it’s not owned by the user of the profile and 2.- the ownership by the domain owner is revocable by a third party.

Design-wise, it feels to me like they decided that land / house deeds could be certified by municipal traffic signage.

The W3C, also known as the people who develop the web standards

Figures. The same people who added DRM to the web standards.

Now, I don’t know what other alternatives could have been used, but I know that URL was among the obvious ones to not use. Something that uniquely identifies you has to be non-transitive and non-revocable by a third party, of which URLs are neither (domain names are revocable, URLs don’t have addressing persistence let alone when you add query strings into the mix, etc). Among the few things that I can think are non-transitive and non-thirdparty-revocable are the good ol’ ssh-keygen keys, easy to generate and all that but I’ve never found a good mechanism or design to query about them.

Because you need a way to be reachable over HTTPS

Feels like this is the core key to be changed. Something like Debian’s packaging system for example, which doesn’t even need the Debian domain to be HTTPS.

the URL is the id in the database

Who was the idiot that decided to use for a database ID an identifier that almost entirely depends on external (and, for fediverse purposes, usually antagonistic) entities?