[pixl97]

You have to look at the incentives versus counter incentives.

Who is going to be in control of this authentication infrastructure? Private companies? Where do they get the information that is trusted? Other private companies? Governments? Why won't these social media companies try to make their own private infrastructure so they can remain in control rather than potentially allow people to leave to other platforms? How will revocation work? Will the browser have to implement support?

Also: How long before authoritarians demand we sign our stuff?

[coldpie]

There's a bunch of different PKI-style schemes, most of which don't require trusting a single central authority. I thought KeyBase's approach struck a good balance between authentication strength & ease of use, maybe something like that could be a good fit.

The incentive would be for online platforms, especially social media, to remain a place people want to be and can have some measure of trust in, rather than be overrun by deepfake-style content.