Is there or will there be a way for nostr relays to whitelist/blacklist read access? Relays can restrict write access but what about read access? Thinking about making subscription ids signed by a private key and then the nostr relay checks against whitelisted public keys and rejects unverified subscriptions. Could also use auth server. #AskNostr
Discussion
nostr:npub1c3lf9hdmghe4l7xcy8phlhepr66hz7wp5dnkpwxjvw8x7hzh0pesc9mpv4 nostr:npub1manlnflyzyjhgh970t8mmngrdytcp3jrmaa66u846ggg7t20cgqqvyn9tn nostr:npub1qe3e5wrvnsgpggtkytxteaqfprz0rgxr8c3l34kk3a9t7e2l3acslezefe nostr:npub1wmr34t36fy03m8hvgl96zl3znndyzyaqhwmwdtshwmtkg03fetaqhjg240 nostr:npub1awncdkz7954as2d3zdske4gpg75qm5w6zwt0vf6kpv5a3rfaczwqfqlrdz
Hm, there are already some client auth techs on the session level, like TLS for example, or http-auth. But yes, private relays totally make sense.
mTLS, sorry
What is the most efficient way to manage read access permissions on a relay? nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6
AFAIK, this is done by sending a NIP-42 ephemeral event. Regular HTTP auth DOES NOT WORK over nostr, because there is no server side to verify credentials. NIP-42 is how relays can dynamically authenticate client access.
Bye bye Rep-ley-Gu-y bitch!
Hey fiatjaf, I’m digging through khatru, cool stuff. I’m confused how botj read only and read/write permissions can be set with NIP-86 Authed pubkeys for a relay if the API only has one Allowed Pubkeys list? Any help would be appreciated, thanks.
You have to interpret the instructions depending on your context. Khatru doesn't have an "allowed pubkeys list", that must be defined specifically by your relay implementation.