> The fact that the PDS in practice owns your identity
This is incorrect.
1. a PDS stores data, it does not own the identity.
2. Your identity is controlled by a DID, of which most users use DID:PLC.
3. This means the PLC directory controls who owns the identity.
4. Users can upload their own keys into the directory to ensure they have control.
5. At this point, the threat vector is "PLC directory lies", which is why there are transparency logs and independent mirrors.
Nope. When I’m talking about identity I’m speaking strictly of the keys that sign your messages and the pub key derived from it. In every other cryptographic system that is your identity. It is absolutely correct that the PDS has complete control over your keys when it comes to 99.99% of users. I challenge you to prove the opposite.