π«
if this isn't an on-protocol mechanism you're just creating a need for more implicit centralized trust which runs counter to the mission
i worry that we're straying away from the vision of atprotocol to sate those who want twt2
if this isn't an on-protocol mechanism you're just creating a need for more implicit centralized trust which runs counter to the mission
i worry that we're straying away from the vision of atprotocol to sate those who want twt2
Comments
but the main point i'm making is that if there is to be another verification mechanism that it *needs* to be on-protocol as creating a separate trust authority would be antithetical
but i am wary if they manifest in ways that are akin to say, twitter bluechecks, because i think they are harmful to discourse
it's one thing to verify identity and another to verify "trustworthiness"
systems like twitter bluechecks carried an implication that a checkmark == trust
OVs are allowed to individuals but most SSL vendors don't offer OV anymore only the DV competing with Let's Encrypt on convenience of annual instead of bi-monthly renewal, or the mega-EV ones.
so additional mechanisms could be good
by buying a domain and verifying it
but i spent way too much time today in this discourse, my head hurts
sorry about your head βΉοΈ
admittedly it's pretty bad atm. it takes some work but i'm generally pretty well insulated unless i invite the controversy (like apparently what i said td was)
β₯οΈ self-inflicted tbh. could just opt-out but ultimately i want the protocol to succeed
but simple tools could work - give us domain + account age + social graph indicators and you're like 90% of the way there
1. It imposes (an indirect) cost for verifying domain ownership and DNS.
2. It only verifies you own the domain, not the end person
3. Complexity for small creators goes up
Domain name verification is far more reliable especially for orgs
the "invalid handle" marker already indicates a verification failure
Impersonation.
Anyone can buy a copycat domain on a different TLD or squat on a domain near their targetβs
it's the same problem that we already have with labelers; requiring trust in fallible institutions
Also, anyone who is ALREADY A TECHIE can set it up quickly. Anybody who is not, ???
Is @benstiller.redhour.com really Ben Stiller? How would I know that? What the heck is βredhour.com?β
In this case it seemingly is Ben, but domain alone doesnβt prove that.
Maybe, adding their bsky handle in their twitter bio.
Or ideally their handle is their official site.
I dont see the point in badges really, it would take minimal research to verify if there was ever really a question of identity theft.
"Is this Ben Stiller?"
"Its me."
"Oh, okay."
π
At the end, it's the whole, if you're famous and have a platform, just use that to verify all your other shenanigans.
Someone talked about a way to connect to imdb for cinema related people and that would be a very cool feature.
That would also help check on impersonation tag (stephen king) - and people should report account that seems off instead of blind follow
They must have had followers on other platforms, and can just be - now find us on bsky.
Mark Hamill case that really ushered this seems like could have been solved with that (I also got confused seeing
good luck
whois privacy lol
I'd like to see meta labelers which can collect verification labels from multiple sources (so you don't have to subscribe to dozens to cover everything)
Would be neat if there was a simple way to prove all labels are correctly imported
But to avoid contradiction, the trust doesnβt need to be centralized. Could have multiple different verifier-orgs that do manual or automatic labeling of accounts.