Roaming identity

<alias>@<currentHomeServer>#<publicKey>

• only public key is mandatory, and is the only thing that is guaranteed to remain stable
• alias and current main home server can be changed
• key is to keep everyone up to date about current user host locations -> federate info about server changes around
  • old links with old author info should thus have limited effect
• from Libre Lounge episode 32: keep a global(ish) "address book" of people, and federate that
  • because hashes aren't exactly user friendly, aliases are free to choose (and thus collide between servers) and server names don't necessarily have to be meaningful
  • one can choose to be discoverable via name, email address, ...
  • this should all be hashed, no storage of actual plain data
  • ... but how to avoid rainbow table lookups for the hashes?
• another alternative could be a DHT of some kind for the discovery of identities
  • the servers themselves should be rather stable and constantly online, which makes them good candidates for DHT nodes
• multi-device support brings another problem: should the private key for the identity be stored on every device? That increases the risk of leakage (although see multi-device notes for ways to reduce the risk by not storing the full key).
  • on the other hand, if the public key gets used directly for creating capabilities, then each device that should be able to use that capability needs to have access to the private key
  • an alternative would be to treat the main key pair like a CA root: sign other keys with that and use and possibly revoke the others. This way you could keep your identity in case a key shared by multiple devices gets leaked, but revoking such sub-keys would also be very difficult (all existing shared shards would still have capabilities with this key, all available for whoever got access to the leaked key)
  • --> thus this is probably not worth the hassle. Might be easier to start a new identity if the old one got compromised.