Haven't been able to make them consistently work on my moonlander. Too many mistypes when quickly writing code. Ultimately removed everything time-related and stateful and only kept simple layers - worked great for the last ~2 years.
Privacy. If someone owns two servers you're logging into, they can associate your logins if you use the same key.
Another case is associating you with your GitHub account (as your ssh keys there are public)
Reddit does have its own search engine, it's just bad. The premise in the author's post is that as soon as it becomes "good", the SEO optimizators will ruin it in the same way they ruined Google search.
It would be interesting to see this implemented as an experiment.
On the one hand, I'm not expecting high signal from this because it's not standardized - too many external variables you can't control. It would also be pretty hard to evaluate as "just watching the path of struggle" is very subjective.
On the other hand, potential "public good" benefit can't be ignored, plus it can be added to interviewees' public resume/github account to be shown to the future employers.
I'm wondering if we can use Pub/Sub to push revocation data to all servers. Presumably revocations are rare, plus we only need to store them only for the JWT validity period, so additional memory usage should be minimal.
The downside is it looks more brittle than the simpler approaches. Upside is performance plus ability to revoke tokens.