[captainmuon]

As a user, I'm mostly fine with making an account with Google or Meta and using that as my identity root. I know there are a lot of problems with that, for example you can lose your account, but you have all the same problems with a different party that registers domains. Besides, the domain model is more complicated and I've had domains lapse, had problems with transferring, and so on.

What I'd want is:

1. register with some trustworthy third party (be it Google, Bluesky, or whoever), get an identity (can be a domain, but an entry in a database is fine)

2. have the option to craft an identity from thin air (by generating a key pair on my laptop)

3. have the option to move between 1. and 2. or between multiple instances of 1. (identity takeout)

4. (bonus) have the option to create sub-identities: I can register a completely new pseudonymous account, but have some (cryptographic) proof that this identity has certain properties: it is tied to a Google employee, to a woman, to someone with > 10.000 Stackexchange score ... without anybody being able to link that account to the person.

I think 1 and 2 are solved, 3 is quite tricky from a UX perspective, and 4 is going to be really hard (but would enable a lot of cool scenarios).