No, I was entirely correct.
Your attempt to correct me is ambiguous.
I can however explain more precisely.
It may not be the website owner that owns the key, but you at least have the permission of the admin for the site to upload the file.
The json file contains a HEX converted copy of your public key, along with relay list to find you on.
Anybody can generate that hex translation, but only somebody with permission can upload it to a website.
By definition, this creates a relationship between the holder of the private / public key pair and the web site admin / owner.
In my case, I both own and administer my domain name, I can therefore verify myself.
This is a100% correct explanation and does not need your incorrect challenge of it.
This is why around a year ago, the fake Forbes reporter failed to persuade anybody to give an interview because they could not upload the hex version of their public key to the forbes.com website meaning they did not work for Forbes.
This is incredibly powerful if you think about it. Even more powerful for companies than individuals.
I wouldn't mind, but I'd just done a podcast about it 😂
I appreciate your statement that NIP05 “verification” from a “trusted” (by some other means) domain carries a lot of weight in “vouching for” pubkey. But still… your OP statement is problematic.
> “If you own the website, you can prove that the owner of the website also owns the private key”
NIP05 on its own (aside from the credibility of the issuing domain) does not “prove” private key ownership.
I love you Mike, but srsly.
You are discussing semantics within a proposal which I haven't even bothered mentioning within my explanation.
I love me too 😂
Have a nice day 🫂
Thread collapsed
Thread collapsed
Thread collapsed
Thread collapsed
