I would like to give an update on "federation" on Bluesky.
-
@esoteric_programmer @alter_kaker @mcc as I understand it the cost of a relay has gone down because you can run it without keeping full account of the message history for all time and instead restrict what you have to a time-window.
Raises the question of whether that's good enough if we want real alternatives to the official company infra though.
@ikuturso @esoteric_programmer @alter_kaker @mcc that $34/month is enough for 2 hours per the article
-
@mcc what exactly is the benefit of migrating to a non bluesky PDS? I understand being on an entirely different vertical stack like Blacksky or Northsky but what does being on a PDS give you? Aren't you still (almost) entirely at bluesky's mercy?
@eniko the advantage is the data is yours and you can recover it later if Bluesky goes berserk. This is a mild advantage but in keeping with the mild advantages operating a PDS is also a mild imposition. It's practically a git repo with a weird frontend. I'm not saying self host but if people are starting to host alternate bluesky bits, this is the most likely thing for someone to alternate host (because it is the least demanding thing) so it's the most likely option to appear.
-
@lrhodes @mcc @alter_kaker @esoteric_programmer This moves into a lot of stuff about distributed identity that I don't get. But certainly the Fediverse has the same problem. Ultimately the credible exit is waving goodbye to your history, somehow letting your followers know you've got a new handle, and hoping they update their contacts. That sounds hard, but it's still a fairly credible exit, since your followers don't have to move too.
@mat @lrhodes @mcc @alter_kaker @esoteric_programmer the pds/storage can change because the identity is a separate layer. the authority is a DID (most likely did:plc but did:web is also supported). the DID document points to your current PDS. this allows the pds to change as long as the did stays the same.
example: you are did:plc:whatever, and your pds is shiitake.example, but you migrate your data from shiitake to puffball. the did document updates the service pointer: https://web.plc.directory/did/did:plc:ewvi7nxzyoun6zhxrhs64oiz
-
I (me, mcc) never trusted Bluesky, so I've been self-hosting my own PDS from the start. I've been happily using blacksky.community for the last month (since Bluesky started gating access to their appview/web frontend on clicking to agree to a new TOS that seemed to me sketchy). Hypothetically, "Gertrude" could do the same. She can join Northsky PDS, make posts through Zeppelin, and Bluesky blocks her but Blacksky just fetches the posts from her PDS for me, and I get to read them.
Right? (2/3)
@mcc how hard is it to set up your own PDS?
-
@eniko the advantage is the data is yours and you can recover it later if Bluesky goes berserk. This is a mild advantage but in keeping with the mild advantages operating a PDS is also a mild imposition. It's practically a git repo with a weird frontend. I'm not saying self host but if people are starting to host alternate bluesky bits, this is the most likely thing for someone to alternate host (because it is the least demanding thing) so it's the most likely option to appear.
@eniko In a world where Mastodon/ActivityPub doesn't exist, having the PDS would be a cool opportunity because if you ever do bug out from bluesky, instead of having to find someone replicating that giant teetering ATProto stack you could bridge to, or create, some kind of alternative system. But in this actual world this feels pointless since the alternative systems (like ActivityPub) that exist already are more capable to begin with, so why not just make the posts there to begin with.
-
@mcc how hard is it to set up your own PDS?
@tylercook like, absurdly easy. Do you know Docker or any Docker-like system?
-
@jrose @mcc Even the portability being better is somewhat theoretical right now because if your identity is using did:plc then you are unable to move away from did:plc and Bluesky PBC has custody of your keys... And also like people have noticed hosting your own data in a PDS does not really make you independent from their actions so the point of doing it is somewhat unclear.
@ikuturso @jrose @mcc yeah, unfortunately bluesky has zero interest in supporting did migrations. they only support changing your dns handle
EDIT: source https://bsky.app/profile/bnewbold.net/post/3lchpwc2hws2r
-
@eniko In a world where Mastodon/ActivityPub doesn't exist, having the PDS would be a cool opportunity because if you ever do bug out from bluesky, instead of having to find someone replicating that giant teetering ATProto stack you could bridge to, or create, some kind of alternative system. But in this actual world this feels pointless since the alternative systems (like ActivityPub) that exist already are more capable to begin with, so why not just make the posts there to begin with.
@eniko I think M Kasprzak actually has a fork of the official Bluesky PDS, right now, that also publishes to ActivityPub. I think Wafrn can do that too. So that would be an example of "bridging" like I mean— you could start syndicating your bluesky posts to Fediverse, and if you ever bug out from Bluesky just disconnect those endpoints and now you've just got a fediverse server. But this scenario assumes you weren't already more established and comfortable on Fediverse than Bluesky to start with
-
@mat @lrhodes @mcc @alter_kaker @esoteric_programmer the pds/storage can change because the identity is a separate layer. the authority is a DID (most likely did:plc but did:web is also supported). the DID document points to your current PDS. this allows the pds to change as long as the did stays the same.
example: you are did:plc:whatever, and your pds is shiitake.example, but you migrate your data from shiitake to puffball. the did document updates the service pointer: https://web.plc.directory/did/did:plc:ewvi7nxzyoun6zhxrhs64oiz
@trwnh @mat @mcc @alter_kaker @esoteric_programmer Yeah, my understanding a while back was that the canonical location is defined by reference to the DID address. The way, you can still have a canonical address even if the originating account shifts to a new address. That prevents the old PDS from retaining authority. But so much has changed since I firmed that understanding that I wasn't sure whether or not it had changed. (One would hope the procedures for determining canonicity wouldn't change.)
-
@ikuturso @jrose @mcc yeah, unfortunately bluesky has zero interest in supporting did migrations. they only support changing your dns handle
EDIT: source https://bsky.app/profile/bnewbold.net/post/3lchpwc2hws2r
-
@eniko I think M Kasprzak actually has a fork of the official Bluesky PDS, right now, that also publishes to ActivityPub. I think Wafrn can do that too. So that would be an example of "bridging" like I mean— you could start syndicating your bluesky posts to Fediverse, and if you ever bug out from Bluesky just disconnect those endpoints and now you've just got a fediverse server. But this scenario assumes you weren't already more established and comfortable on Fediverse than Bluesky to start with
@mcc yeah I've been asked repeatedly to join wafrn but I've never wanted to because I don't want to post the exact same things on bluesky that I do here. They're two different cultures that react very differently to posts. And also, now, it's been made clear to me it's not necessarily safe to post as freely on bluesky
-
@mcc yeah I've been asked repeatedly to join wafrn but I've never wanted to because I don't want to post the exact same things on bluesky that I do here. They're two different cultures that react very differently to posts. And also, now, it's been made clear to me it's not necessarily safe to post as freely on bluesky
@eniko Yes, I think these are great points.
-
-
@nullpotential @mcc people on Bluesky who have soured on fedi often complain about having been lectured about using alt text and CWs for what it's worth.
@ikuturso @nullpotential @mcc signing up for mastodon.social is not the worst thing you could do. setting up your own server and being subject to harassment by widely blocked servers you didn't know existed? the immediate response was to look for shared blocklists, but that just led to more conflict because again, how are you supposed to be aware of the years-long social dynamics of a space you literally just joined? the common refrain of "just use a different instance" was taken dismissively.
-
@trwnh @mat @mcc @alter_kaker @esoteric_programmer Yeah, my understanding a while back was that the canonical location is defined by reference to the DID address. The way, you can still have a canonical address even if the originating account shifts to a new address. That prevents the old PDS from retaining authority. But so much has changed since I firmed that understanding that I wasn't sure whether or not it had changed. (One would hope the procedures for determining canonicity wouldn't change.)
@lrhodes @mat @mcc @alter_kaker @esoteric_programmer """fun""" fact btw: canonicity of at:// uri is different depending on whether you use the did or dns as the authority. so at://atproto.com has different properties than at://did:plc:ewvi7nxzyoun6zhxrhs64oiz -- the former will break if the dns handle ever changes, and the latter is supposed to be used whenever canonical references are needed. but guess which one gets exposed to user-facing stuff? that's right, did is backend, dns is frontend.
-
@erincandescent @ikuturso @mcc @jrose yep, did:plc is equivalent to did:web:plc.directory (which is equivalent to https://plc.directory)
it's basically dns all over again, but in a different format (did documents instead of resource records). plc.directory is basically the authoritative nameserver.
-
If you sign up with https://blacksky.community you get:
- Blacksky's "appview"/web frontend
- Optionally, Blacksky's PDS
- Blacksky's moderation layer (and you can optionally enable Bluesky's too)Almost-complete independence! What I'm not clear on is to whether, or to what degree Blacksky relies on Bluesky's "relay":
@mcc nothing is stopping blue sky from blocking the h other two instances right ? Also is it not the case that black sky has an incomplete view of the entire atmosphere like only a few days so it's still dependent on blue sky due to the high cost of infra for being able to contain that entire view ?
-
@mcc nothing is stopping blue sky from blocking the h other two instances right ? Also is it not the case that black sky has an incomplete view of the entire atmosphere like only a few days so it's still dependent on blue sky due to the high cost of infra for being able to contain that entire view ?
@fleeky 1. Correct
2. I don't know -
@lrhodes @mat @mcc @alter_kaker @esoteric_programmer """fun""" fact btw: canonicity of at:// uri is different depending on whether you use the did or dns as the authority. so at://atproto.com has different properties than at://did:plc:ewvi7nxzyoun6zhxrhs64oiz -- the former will break if the dns handle ever changes, and the latter is supposed to be used whenever canonical references are needed. but guess which one gets exposed to user-facing stuff? that's right, did is backend, dns is frontend.
@trwnh @lrhodes @mat @mcc @alter_kaker I thought
@user.domain.tldis just a way to point to@did:plc:blahblahblah, the same way we do with webfinger over here. Wouldn't this difference in the protocol make an impersonation attack more possible? -
@trwnh @lrhodes @mat @mcc @alter_kaker I thought
@user.domain.tldis just a way to point to@did:plc:blahblahblah, the same way we do with webfinger over here. Wouldn't this difference in the protocol make an impersonation attack more possible?@esoteric_programmer @lrhodes @mat @mcc @alter_kaker you are *supposed* to "convert" the user.domain.tld to did:plc:blah, but you can still construct references against user.domain.tld. but you're not supposed to. but every user-facing component only shows you the user.domain.tld instead of the did:plc:blah, so if you're just copying from your address bar, you are going to get the "wrong" identifier most likely.
it has the exact same properties as letting a dns name lapse and get reassigned.
