Replying to proof of god

hi, I think so, but tbh I'm not enough of a dev to weigh in on that. I just think these UX patterns are really disruptive. I don't know what web browsing on nostr would look like but I think it should strive to solve these.

I don't think any gov should be able to regulate how clients build their sites and require things like cookies banners. Cookies architecture is something that could be replaced - by what, not sure.

Verification codes could be sent to an npub instead of a phone number. Can't wait for this.

It's annoying when bad UX patterns are adopted by businesses because 1) they're mandated, or 2) they choose to adopt them bc "experts" have recommended. 2 factor verif involving a phone is a good example - imo completely reckless due to sim swap attacks. "Best practice" tho!

It all revolves around separating web from identity: Stop trying to figure out who I am, just let me browse and do business on the web.
Avatar
Eric Lindgren 11mo ago

thanks for the thoughtful response brother. i am not a UX expert either but i think a lot of this could be handled with secure local key storage/signing. for example, couldn't a signature from your nsec function as a cookie?

this world does require cryptography to become an integral part of each layer in the stack but nostr may the the path toward an internet where the user is in complete control of their identity

Reply to this note

Please Login to reply.

Discussion

b0
proof of god 11mo ago

I believe cookies are stored on the client. So the reason for the intrusive cookies confirmation banners is that the site is asking permission to store those cookies on your device. I don’t think a signature from your nsec would match this use case. But maybe you could use your nsec to add in your own client’s “policy” so that you don’t need to be asked about it. I guess cookies are dumb and they’ll be done away with. But businesses do like to have some sort of analytics on their site visitors. Fine with that, just looking to automate that policy and place control with the client. And do it in a way that’s not retarded like the current way (cookies prompts).