The only stable life-long identity system I know of are state-assigned identities (with the court system as a last line for complex cases).

Apart from that, I think per-service identities are the best that can be hoped for. If I choose to engage with Facebook, I have to trust them to some extent anyway, so trusting them with my identity on Facebook is probably good enough. If I want to establish that some Twitter identity is the same as some Instagram identity, I can do so by directly referencing them from one another. I don't think we can do much better than that without involving the state.

PKI can authenticate a message to a key, but can't resolve human name to a key unless it'll be highly centralized, well moderated and not cancellable. Maybe if a user just couldn't choose the ID at all, that could destroy the motive to spoof an ID, and solve the problem?

Blockchain does not by itself solve identity. You can build identity solutions atop a blockchain, sure. But “built as a blockchain” does not at all hint towards your blueprint to solving this problem.

That's the same for other alternative distributed name systems like DHT based naming. For example, how should the DHT be bootstrapped, should there be any universal root zones, etc etc. GNS and IPNS are both DHT based naming systems which make different choices, much like there are various blockchain based naming systems out there.

Anyway my understanding is that Bluesky uses DIDs for exactly that reason, to punt the actual naming implementation and avoid silly internet fights like this.

You can’t ignore the cryptocurrency layer, it’s required to fund the miners/validators who secure and run the chain. Blockchains don’t work without the cryptocurrency.

And there’s already at least one blockchain purpose-built for naming - https://handshake.org/. Worth reading their design notes on how and why it works as it does.