Replying to Avatar fiatjaf

To be fair, it's not unreasonable to have this primal desire for subkeys and key rotation. The problem is that:

1) it's not possible to do without centralization (or a blockchain) -- Bluesky tried, and the best solution they came up with was a big server that hosts a history of keys for everybody and can censor anyone;

2) doing it by means of Nostr events that declare subkeys or delegation or whatnot, creates insurmountable complexity that turns Nostr into an unusable pile of bloatware and away its most basic feature: the chance of working;

3) it's not the only way to protect your key from rogue computers and apps -- NIP-46 and other methods exist and are much nicer to use, with still many unexplored possibilities;

4) it's not clear that more than 16 people in the entire world want this at all -- when was the last time a normal person thought about rotating their PGP keys?
Avatar
Braydon Fuller 1y ago

It is possible, there just isn't a "global" agreed upon consensus — and that is fine. It is not as complicated as it has been made to sound.

PGP has key signing and revocation, that's pretty much all that is needed.

The use case is valid. If someone's PGP key is compromised, I've seen it happen, they need to revoke the key, create a new one and then have coworkers, friends and etc. sign the new one, done.

nostr:nevent1qqsqqqye9j54rrlck6xk9c584ya67cfwnjw38xzcqa7ar4ce6xqh5nsprdmhxue69uhhyetvv9ujuam9wd6x2unwvf6xxtnrdakj7q3q80cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsxpqqqqqqz3q39sk

Reply to this note

Please Login to reply.

Discussion

Avatar
fiatjaf 1y ago

PGP key revocation relies on keyservers, so it's not reasonable.

https://github.com/nostr-protocol/nips/pull/829 has a somewhat-comparable model that may work for Nostr, but anchored on more solid grounds.

Avatar
Braydon Fuller 1y ago

I've read all of these.

1. It is not needed to opentimestamp the revocation (migration) event.

2. It isn't even necessary to indicate what key is being migrated to with the revocation event.

Profile attesations (like PGP key signing) can tag both the new and old key, and this can help people follow their new key. The revocation event informs people the key can not be trusted and to seek alternatives (and for those attestation events).

3. There also isn't a need to whitelist keys. Confirmation of the profile can happen in any number of ways "out-of-band".