The private recovery key is also held by the server - not by the user.
Describe the solution you'd like
Would be very useful to add an API or preference for the user to register their own recovery keys - maybe similar to github authorized keys, with normal (p256) ssh keys which a large set of (technical) users know.
The recovery key should be usable for updating the did:plc in the 'notary' service.
This (or a similar solution) should allow migration, using a backup of the data, even if the original PDS host is gone,
and allow the user to control of their (did:plc) identity.
Describe alternatives you've considered
The alternative is to just create a private PDS and follow the long process detailed in ACCOUNT_MIGRATION.md,
or some automation script doing most of the steps.
Additional context
Allowing a user to link their Github account - and pulling the public keys from the github account, verify its identity using github auth, etc - would be even better and help in trust establishment, in particular for feeds operating for various github projects.
There are likely other ways to integrate and link the github identity - like a bridge..
Is your feature request related to a problem? Please describe.
https://github.com/bluesky-social/pds/blob/main/ACCOUNT_MIGRATION.md document a process for migrating an account, but it does require quite a lot of cooperation from the old server.
The private recovery key is also held by the server - not by the user.
Describe the solution you'd like
Would be very useful to add an API or preference for the user to register their own recovery keys - maybe similar to github authorized keys, with normal (p256) ssh keys which a large set of (technical) users know.
The recovery key should be usable for updating the did:plc in the 'notary' service.
This (or a similar solution) should allow migration, using a backup of the data, even if the original PDS host is gone, and allow the user to control of their (did:plc) identity.
Describe alternatives you've considered
The alternative is to just create a private PDS and follow the long process detailed in ACCOUNT_MIGRATION.md, or some automation script doing most of the steps.
Additional context
Allowing a user to link their Github account - and pulling the public keys from the github account, verify its identity using github auth, etc - would be even better and help in trust establishment, in particular for feeds operating for various github projects.
There are likely other ways to integrate and link the github identity - like a bridge..