Your comment could have been more constructive if you have included more "common mistakes" than things you just don't like, the only exception being handle squatting. Like, what is a specific benefit of `user@host` as opposed to a single domain---which can be generated on demand---as an identity? (And who is "everything else" here? Almost all non-Mastodon social networks don't use them.) Also a value of the common schema language is not that high, especially when that language is coupled with the serialization format and prevents any improvement.
"value is not that high" is exactly the kind of behavior I'm talking about.
What's the benefit of user@host? Deployment simplicity, you don't need wildcard domains or wildcard certificates, or worse DNS API access, you can just self-host one app at one domain like everything else. As for who uses this format: email, matrix, XMPP, mastodon/ActivityPub, gnusocial/friendica...
If the supposed benefit is only deployment simplicity, the value is indeed not high because the deployment is not expected to occur that many times. Technical problems are among least important problems in the social network.
Your argument is "drawbacks to reinventing are not that high", even though I pointed out both usability and security issues. But what's the advantage? Other that giving the (correct) impression that the supposedly-open-network doesn't want to have anything to do with anybody else?
You're coming up with excuses not justifications. And "it looks like it hasn't hurt us too bad yet" is not a great one at that. Self-hosted deployments have barely started rolling out (well, relay is still centralized).
Do you really want me to use a lengthy bullet list instead of compact prose?
> Deployment simplicity, you don't need wildcard domains or wildcard certificates, or worse DNS API access, you can just self-host one app at one domain like everything else.
At this point, they are not significantly more difficult than single domains or certificates, thanks to Let's Encrypt and ACME. In fact the requirement for domains and certificates has been always the single biggest hinderance, which inherently prevents self-hosted deployments in masses. Self-hosting is definitely a good option to have, but it is unreasonable to assume that most users can have their own deployment even in the near future. Multiple companies seriously tried to tackle them and have failed so far. As such, individual applications are not in the good position to solve these issues.
> I pointed out both usability and security issues.
You only have pointed out security issues, which I acknowledged as a single actual mistake. And that only relates to the domain ownership check, so you can fix them without scrapping the entire scheme.
I can't really see which usability issue can arise from `@example.com` as opposed to `user@example.com`. For laypersons who would use federated instances, `@user.example.com` and `user@example.com` is literally a single character difference and doesn't really matter much except that `user@example.com` is much more prone to be mistaken as an email address (see below). For users with their own domains, any user name is redundant and `@example.com` is definitely superior.
> As for who uses this format: email, matrix, XMPP, mastodon/ActivityPub, gnusocial/friendica...
Among others, email is the only protocol that have achieved common usages, distantly followed by Mastodon. Everything else is a nerdy technology which doesn't count as "everyone else". I should note that I have operated an IRC server for more than a decade and I'm very confident that the number of public Matrix servers is even rarer than the dwindling number of public IRC servers. IRC was once popular only because there were no other alternatives, not because it was open (mIRC was a dominant implementation in its heyday anyway).
And even Mastodon doesn't exactly use `user@example.com`; it uses `@user@example.com` with a prefix `@`, presumably because it allows for shortened handles (`@user`) while avoids a confusion with email addresses, but that can be also done with a domain-only handle if desired. Like, that has been a feature of DNS for the entire time. The fact that both Mastodon and BlueSky doesn't use the exact email address format shows that the exact handle format is not very relevant, as long as it can account for distributed registration and verification and can't be confused with existing usages (i.e. email addresses).
You counter "it makes deployment difficult" by "lay people won't be deploying, it's too difficult". I can't understand what you're trying to say at all.
People are deploying Mastodon, it will keep being an actually-federated network, and Bluesky can be a centralized could-have-been federated network run by a couple of companies. But is that the goal as you see it?
My counter is rather "deployment was already too difficult for laypeople even without that", see the emphasized word:
> In fact the requirement for domains and certificates has been always the single biggest hinderance, which inherently prevents self-hosted deployments in masses.
I'm confident that you never satisfactorily answered to that, and even more confident in my belief that such hinderance is inherent and thus should not be the foremost design factor. Unless you have a clear answer that can be universally applicable (that is, no "works for me and my friends", I too have enough technical friends who don't use Mastodon), please refrain from trying to claim otherwise.
Answered what? I'm sorry that you can't figure out certificates, I don't see how that excuses a system that is made more complicated that it needs to be, and more complicated than anybody else does it, which was my initial claim. Again, you are still giving me more "it's not that bad" or "it's not the main issue", which are not reasons to do the thing wrong in the first place.
This "conversation" has reached my threshold for puzzlement, so I'm dipping out. Let me show you how it feels to me with an analogy:
Some company is making a new revolutionary car. It gets about 10 miles of autonomy, can only turn right, and stalls every 100 feet. I point that out in the comments.
Then lifthrasiir shows up and says that some people have driven it successfully, that you can get anywhere by only turning right with careful planning, that most vehicles don't get a lot of autonomy only cars and trucks, that there are commercial services that will get the car where I need it to (by loading it on a truck), and anyway if I really want to get somewhere why don't I take a bus?
Sure, I never claimed that it couldn't be moved, or that it would prevent its owner from getting places. What I said is that it's a terrible car.
You are claiming that a tram is a bad car. It was designed in that way for a reason and you can't (or don't want to) understand it because you like a car so much. Whenever I say a vehicle, you misinterpret it as a car. Of course it would make a bad car, like your analogy. That's enough puzzlement for me as well.
