Plan
Email+magic-link.
Solves multi-device.
Unification of identities under the same site with UserID.
Tell self-hosters that users won’t be able to comment from their web until they assign an email provider or passkeys.
Reuse the magic link flow that we have in hosting and make the email service aware of the attestations.
Bring the same workflow to the app.
App key as identity server.
Legacy update
App Node is an identity server, the same way a Server Node acts as an identity server.
Email+Passkeys.
Desktop linked identities.
UserIDs=ContactIDs
Cross-site signing in.
The DREAM. The Endgame but it will take some time to arrive here.
Deal with olds agent keys.
We are ok with having to identify in the future, old comments created from mobile.
Username+Passkeys.
For Sites that won't want to ask for email, specially for self-hosted Sites.
Notes
The profile signed with any session key with the latest timestamp is your profile.