I'm trying to get NIP-05 verification working with my domain. I read the spec, I read some tutorials, placed the JSON, enabled CORS... I'm pretty sure I've set it up correctly... But it doesn't seem to be working.
Might you glance at my profile and see if you spot what's wrong?
It's always CORS 😉 But yes, let me take a look.
Figured it out. The spec requires HTTPs, and I was only serving up HTTP. Grabbed an SSL cert and enabled port 443 and it works fine.
Why would the spec require SSL encryption for essentially public information? Seems excessive...
Yep. That's what I saw when I did a curl and was getting connection refused.
Well, SSL certs are free with Let's Encrypt. Everything should have an SSL cert today. It's assumed that everything does. Yes, it's public data, but all of Nostr runs on 443.
Sure, the web is assumed to be SSL wrapped these days, but little lightweight protocols like this absolutely don't need that overhead. I don't even have a website on that domain right now, I set up Apache entirely to service my NIP-05 identifier. I feel like NIP-05 should be able to work over either protocol... Consider the day when Nostr clients are doing hundreds if not thousands of these verification requests constantly. If it's on a domain with a legit website and other services, sure, go SSL. But if not, why add all the overhead?
To be even more lightweight, I could have written a little script that listens on port 80 and only spits out this one URL with the appropriate HTTP header for CORS. No webserver required, no encryption, super lightweight.
Agree.
It was proposed weeks ago to add DNS TXT record verification to NIP-05, so that NIP-05 could work with just a DNS query.
No webserver, no HTTPS, no certificate/CA, just a DNS query.
But it was rejected for the sake of simplicity.
Which is understandable too, by the way.
Honestly DNS makes way more sense to accomplish "domain verification" than going through a webserver....
Unless ws:// and tor
#[7] Can you provide any help for my NIP-05 saga? I updated .htaccess and nostr.json but only getting back the actual text from my json file when I curl -l into my file...
don't see anything at https://www.dustintrammell.com/.well-known/
Wrong domain. That's my website. My NIP-05 Internet Identifier is druid@caughq.org (:
well, signing in as you on astral.ninja i don't even see a NIP-05 ID set on your profile.
Oh. I see the problem. You don't have an SSL cert on caughq.org
derekross@desktop:~$ curl -I https://caughq.org/.well-known/nostr.json
curl: (7) Failed to connect to caughq.org port 443: Connection refused
derekross@desktop:~$ curl -I http://caughq.org/.well-known/nostr.json
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 04:33:14 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 04 Feb 2023 03:42:12 GMT
ETag: "65-5f3d7954f6020"
Accept-Ranges: bytes
Content-Length: 101
Access-Control-Allow-Origin: *
Content-Type: application/json
You do have CORS setup, but like I said above, you're missing an SSL cert. Once you fix that you'll be fine. Your JSON looks correct too.
Yup, I just figured that out and enabled SSL. Works great now (:
