related: There's a similar plugin for Mastodon called StreetPass

https://streetpass.social/

I personally like how all this doesn’t seem to require any new protocol or checks. Just plain DNS.

I'm generally interested in Bluesky (and I'm already using it), but I think DNS was probably the wrong choice for them here: it's not authenticated (and can't easily be authenticated in reasonable ways), and has relatively weak guarantees around propagation, invalidation, etc.

The "well-known" URI scheme[1] was intended to overcome many of these deficiencies, and has worked admirably in other contexts (for example, Let's Encrypt's HTTP-01 challenge scheme[2]). I believe Bluesky also supports a "well-known" flow for domain verification, but it seems like it still isn't the default.

[1]: https://en.wikipedia.org/wiki/Well-known_URI

[2]: https://letsencrypt.org/docs/challenge-types/

With competent DNS providers, DNS can be authenticated very easily through DNSSEC. Whether other people bother to validate that authentication is a whole other problem, but enabling it really doesn't have to be all that hard.

How does one get a blue sky account? I requested one. All I see is people offering to sell you one. That seems terrible.

Existing users get an invite every two weeks. Some prominent accounts get a bunch of invites at random. And at times they invite a bunch of people from the waitlist.

I'm not interested in Bluesky atm, but having self-seekers among the first batch of users doesn't constitute a nice PR for the platform.

It worked for Gmail.

Not really. Invitation-only was good marketing, but accounts were absurdly easy to get from the beginning.

Sorry, Jacks launch plan for blue sky is cool kids only for now. (I also do not have an account, but as time goes on my interest wanes).

Actually it needs to use an HTTP API (because Web Extensions can't send actual DNS requests?): https://github.com/jessejanderson/skylink/blob/a698dd56eda26...

and it looks like it's only resolving domains to DIDs, but not that the DID's owner accepted the domain; so you could make any of your domains point to anyone's DID. The extension would need to use ATP's new protocol to check it.

DNS over HTTP is still a DNS request

That seems to be a custom Google API, not DNS over HTTP(S). Request format is very different from what is specified in https://www.rfc-editor.org/rfc/rfc8484 (/dns-query?dns= followed by raw DNS bytes). But sure, the implementation could easily be changed to use DoH

Whether it can technically be called a DNS request or not, this is a privacy leak for anyone who isn't already using Google as a DOH provider. So this should really be written on the extension page...

Bluesky needs to get out of Beta or it will be dead in a month when people move on.

I agree, the people raving about Bluesky and who hate Post-Elon Twitter have never really used Twitter for the community it's always been for the reach being a privileged user on the platform got them.

If it comes down to a community and site they prefer the value of or 40K-100K followers vs 200 or so followers and aligned moderator values, they'll come crawling back to the place with more followers.

Even if they hate Elon Twitter, their reach is still worth more there.

I've got an invite and the content there currently feels very similar to a regular sized Mastodon instance so I think it's existing on borrowed time for the crowd it's genuinely hoping to attract.

It’ll be nice when invites open up or I come across one. APIs/interfaces like this are fantastic to watch grow or contribute to on new platforms.

Twitter started like this as well, let's see their real policy in 10 years when investors, law makers, medias and advertisers pressure them before getting too enthusiastic.