Replying to Avatar jb55

The idea behind keyoxide, keybase, etc is that you post signed proofs that you are in control of various accounts online (twitter, Reddit, web, etc). Normally you would use pgp but you could use nostr signatures instead.

If these proofs were stored in notes on nostr, nostr clients could verify these proofs and say for certain that said nostr pubkey controls said accounts on the internet. This would be much more powerful and reliable than nip05. This would be true verification. And it would be the most decentralized version of keybase/keyoxide since it would be stored in nostr notes replicated across multiple relays. nostr:note1275rd6v83g8877y0ftxh79jqpnp3ptpcz8f24gav3njlu8n2jjtqecfvs3
Avatar
Pablo Xannybar 2y ago

100% in favour of using Nostr keys for signing proofs like PGP, it's an obvious use case, but if we're going down the road of using Nostr keys for cryptography my only issue is the NSA designed NIST curve secp256. Nostr should use Ed25519 instead.

Reply to this note

Please Login to reply.

Discussion

Avatar
jb55 2y ago

🤦‍♂️

Avatar
Pablo Xannybar 2y ago

What?

Cryptographers have raised legitimate concerns with how NIST curves are designed and Nostr does use secp256.

Can provide links if you want. Plenty has been written about this. That's why the new standard for SSH and PGP is Ed25519.