this post was submitted on 18 Apr 2025
51 points (100.0% liked)
Technology
38579 readers
304 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Isn't owning the domain proof enough already?
Nobody else could possibly use max-p.me as their handle, and proving control of the domain is plenty for security sensitive things like LetsEncrypt.
Anyone you'd care to mark verified already brought their own domain.
It's open to abuse and exploitation the same way domains are in general. An enterprising faker could register a domain that looks legit, but isn't.
And centralization solves this how? The other social networks are giving more checkmarks to grifters and scammers than they are giving them to honest people because, spoiler alert, con artists are very good at both building a following and paying bribes.
I think their plan is for it to be like how website cert verification works. You have a set of trusted authorities that issue certs (or in this case verifications) and that can revoke them if needed.
Sounds like centralization to me. Who decides whether to vest authority in this group? Who selects the members of this group?
Unless there is some method for each host/ user to nominate members and it changes dynamically based on total votes at any given time, you've just permanently entrenched centralized authority in your (supposedly moving to) 'decentralized' app.
I expect the trusted authorities would be selected by the server where the user account resides. I.e. if a server's admin does not recognize a certain authority, it would not show their verifications to users logged in to their server.
It's possible that it could extend to user selections of trusted verifiers as well, but I think implementing that level of granularity would be more of pain than it's worth to Bluesky. Still, I could be surprised.
That's not what the current PR lays out, and I'm not going to give them preemptive credit for future maybes. Right now they're just X v2.
Once they actually release the server software for self-hosting, i.e. once the app is actually at all even a little decentralized, and not just selling themselves on a feature that doesn't exist, we can see how much decentralization the trusted reviewers have.