Comment by steveklabnik

> The fact that the PDS in practice owns your identity

This is incorrect.

1. a PDS stores data, it does not own the identity.

2. Your identity is controlled by a DID, of which most users use DID:PLC.

3. This means the PLC directory controls who owns the identity.

4. Users can upload their own keys into the directory to ensure they have control.

5. At this point, the threat vector is "PLC directory lies", which is why there are transparency logs and independent mirrors.