Can users/developers add to or edit their did:plc document? #1892
Replies: 4 comments 7 replies
-
https://github.com/did-method-plc/did-method-plc#readme (and https://atproto.com/specs/did ) probably answer many of your questions. Short answers: |
Beta Was this translation helpful? Give feedback.
-
The short answer today is that philosophically accounts have control over their DID documents, but in practical terms they are controlled directly by the PDS. It is technically possible to create an account on the Bluesky PDS instance with a pre-existing PLC identity (including recovery key), but this is kind of buried away and only a handful of folks (out of millions of accounts) have done this. We do intend to give accounts more control over their PLC identity via atproto API endpoints, including to configure recovery keys which can then be used to talk to the PLC directory directly. Those APIs still need to be designed and implemented, before federation ("identity control" in the roadmap: #1711). Additional non-atproto services and identifiers ("also known as") could be added to DID documents in the future, PLC supports that. There will likely be a set of limits around DID documents: rate of updates (a few a day), overall size in bytes, etc. Inside those limits a lot of service and identity integrations should be possible. |
Beta Was this translation helpful? Give feedback.
-
To come back around to this, there are some new endpoints that were exposed a couple months ago as part of account migration which allow flexible control of PLC identities for existing accounts, including updating rotation keys to fully remove PDS host (eg, Bluesky) control over the identity. This is all fairly low-level and not directly accessible in-app: you need to understand the PLC data structures to work with this. Details in this doc: |
Beta Was this translation helpful? Give feedback.
-
Hi, If there is a better place where to share such ideas then please point me in the right direction. Thank you. |
Beta Was this translation helpful? Give feedback.
-
Hi,
I'm assuming that a Bluesky server initializes a default DID document for the user that complies with basic requirements to be a did:plc, but developers (with user permission) could add custom data to the did:plc to extend its functionality? I'm not familiar with this topic, but I'm guessing that, once you get a default DID from your server that complies with the basic Bluesky requirements, the user has complete control of it, probably because that's required by the standard, and users/developers would be able to add information to the DID to extend its functionality, right? Also, where is the did:plc stored? always on your server, or does some DID service take care of storing it? Or is that up to the individual user?
Beta Was this translation helpful? Give feedback.
All reactions