Still a placeholder, because without DIDs, the whole system isn't more decentralized than ActivityPub, which is already a widely used standard now.
Discussion
In fact, if all records are centralized in a single organization, it's much less decentralized than any normal federated protocol, because it creates a single point of attack. How is that a step in the right direction? Genuinely interested in why you think that's good.
I think it's better than centralized and controlled by the company. little steps...
But it's still completely centralized, no? So the right direction (in my book) would be towards decentralization, not towards ossifying even more centralization.
Depends how you look at it. It's a directory, at the end of the day. The ultimate authority is the DID itself not the directory. The DID itself is derived from a hash of the initial operation signed with the private key.
Anyone can mirror that directory. Because each op is cryptographically signed, anyone who mirrors it can validate the entire log independently. Or you can have multiple, independent groiups operating replicas of the directory.
But because of their UX you need some source of truth, hence it's not completely centralised but still not able to be completely decentralised either.