FEP-c390 identity proofs are bi-directional. The user attests that he controls the given actor by signing the Identity
object containing actor ID (alsoKnownAs
). The server attests the same by serving the actor object with identity proof attached.
If we require user to include other actor IDs in alsoKnownAs
array, then everyone would need to fetch listed actors to verify that they are actually controlled by the same person. Identity proofs would also need to be re-generated every time a new clone is created.
I don’t think this is necessary. If two actors have identity proofs generated with the same key, FEP-c390-aware servers should treat them as clones/aliases. I have a working implementation of “weak” nomadic identity where you can move followers from one clone to another (but not data), which is based on this idea.