[vidarh]

The webfinger handle does not need to be on the same domain/hostname as the Mastodon server. E.g. not on completely different domains, but for Mastodon it makes no difference, but my personal Mastodon install is on m.galaxybound.com but my webfinger handle is on galaxybound.com.

And there was no need to make a new protocol for a portable identity - a change to ActivityPub to support did's as actor urns would be sufficient, and would also open the door to unilateral account migration fairly easily.

This is my big problem with Bluesky - all of their gripes about ActivityPub would be easily solved in ways that'd make interop a temporary problem of getting people to buy into protocol tweaks, instead of inventing something from scratch.

Their claim that it's not easily possible to retrofit e.g. did's and signed repositories onto ActivityPub makes me question whether they understand ActivityPub at all, because there's nothing about it that would be problematic. E.g. objects are already signed - their mechanism for migration would require some changes to the signing mechanism to allow users to make a unilateral assertion that the key on their new instance belongs to them, but not much more. DID's is down to how ActivityPub clients and servers resolve URLs, nothing more.

You wouldn't even need everyone to buy into these changes - the worst case would be lack of federation w/instances that fail to support it - in other words no worse than starting your own network.

Even then it'd be possible to maintain fairly broad interop by announcing the did's in ways that'd allow also specifying resolvable urls to a proxy.